Whistle-blowers reveal Indian call centre scammers targeting TalkTalk customers following massive data breach

Several whistle-blowers have come forward to disclose details of an alleged intricate scamming operation set up in India to target TalkTalk customers.

The unnamed whistle-blowers told a BBC reporter that they were employed by a gang of professional fraudsters to trick TalkTalk customers into revealing personal information and provide access to their bank accounts.

This large scale criminal operation includes some 120 staff instructed to phone and intentionally deceive TalkTalk customers.

Staff are provided with a script to help them with any questions the customers may have – especially suspicious ones asking for proof that the caller is legitimately from TalkTalk. The whistle-blowers managed to take snapshots of the FAQ sheets. In one circumstance where the customer may (rightly) accuse the caller to be a scammer, the employee is to respond with the typed answer:

“Sir scammer means snatch money from person but I don’t want any money from you here I provide technical assistant to you related to your computer and internet problem.”

Money being taken

The list of manipulative answers takes an ‘innocent’ and ‘helpful’ approach with no indication of any malice intended. Although the information provided by the whistle-blowers has not yet been confirmed, a victim of fraud was shown the FAQ answer sheet and affirmed that the content was indeed used on her when scammers conned her out of £5,000.

The 120 employees are allegedly split over two offices set up in India. They’re each earning £120 per month by ringing TalkTalk customers and telling them that there is a virus on their computers affecting their bank accounts and therefore TalkTalk payments. These ‘helpful’ callers offer technical assistance while warning that inaction will lead to a virus taking over the computer and crashing it.

However, it is the ‘remedial’ software the customers are duped into installing that is the real problem. After convincing customers to install this virus, the fraudulent companies are now able to control the customer’s computer.

The actual stealing is done by a separate team who will use the vulnerable and easily accessible information to either pretend that the customer needs to pay back in installments, or directly transfer money to a new but hidden payee without the victim being alerted.

Apparently this elaborate yet rather successful criminal operation is unrelated to the cyber-attack inflicted on TalkTalk in October of 2015. However, we are acting for people who were affected by the data leak and have been targeted by fraudsters who appear to have loads of information on them, like their full names, account numbers, phone numbers and other such information; i.e. information potentially gleaned from the data leak.

Call centre staff stealing information?

Back in 2011, TalkTalk reportedly outsourced large volumes of call centre work to one of India’s largest IT services company Wipro, in Kolkata. Last year saw the arrest of 3 employees from Wipro who allegedly stole information on TalkTalk customers. It was reported that the information stored on a USB stick was passed hand to hand in parties until it made its way to criminal gangs.

TalkTalk is yet to confirm the whistle-blowers identities and if there is any truth to their information. We may have to wait for verification on this one…

Most data breaches happen because of missed oversight or exploited vulnerabilities

“Spying in schools becoming the norm” – More than 1,000 schools use software to monitor their students online use