Indian call centre credit card 'scam' exposed
Symantec renewal details end up on black market
An undercover investigation by the BBC has exposed evidence of the theft of credit card details by workers at an Indian call centre used by security giant Symantec.
A BBC reporter posing as a fraudster bought allegedly stolen but valid UK card details from a Delhi-based man, who denies any wrongdoing. Three of the victims of the scam had bought software renewals from a call centre which handles Symantec software licences.
In a statement, Symantec said it had launched an investigation into the incident, which is thought to be isolated. In the meantime it is offering credit monitoring services to the three confirmed victims.
The BBC ran a story alleging that they have purchased three credit card numbers from a call center that handles some Symantec customer transactions. Upon notification by the BBC of this situation, Symantec immediately launched an internal investigation. We are still determining the facts behind this allegation but there is no indication that Symantec's online network has been compromised.
As a precaution before we have finished our investigation, we are extending an offer for credit monitoring services to the three customers in question. As we continue our investigation, we will promptly notify any additional customers impacted by the situation and will take appropriate action to protect the interests of our customers. Any customer who believes they may have been impacted by this situation should email their contact information to: Global_Purchase_Query at symantec.com.
The BBC team latched onto the issue following a tip-off that put them in touch with a suspected credit card fence. They filmed subsequent meetings, one of which took place in a Delhi coffee shop. The BBC reporters were offered hundreds of plastic card details each week at a price of $10 dollars per card, more than double the online going rate.
Reporters agreed to buy a sample of 50 cards, receiving 14 initially at the meeting and a promise that the remainder would be sent by email later. The seller claimed the numbers were culled from call centres that handle telephone bills and mobile phone sales.
The BBC team found that the name and addresses details of card holders sold to them were consistently valid but the card numbers were invalid, usually because the supplied digits were out by one number. Around one in seven of the card details, however, were valid and referred to cards in active use by UK customers.
The BBC contacted the owners of these cards and warned them of the problem. Three of those affected had bought Norton subscriptions over the phone within hours of each other.
It's not the first time evidence of call centre fraud has been exposed by undercover reporters. Channel 4's Dispatches and The Sun newspaper have each run separate undercover operations to expose similar frauds over recent years.
Last month the Reg reported how an Indian call centre was under suspicion for using the identities of Britons to mount an insurance fraud scam.
The latest figures from banking industry association APACS, published on Thursday, show that card fraud losses reached £609.9m in 2008. Phone, internet and mail order (card-not-present) fraud made up £328.4m of this total, up from £290.5m in 2007.
Stolen credit card details are, of course, the mainstay of such fraudulent losses and why reports of fraud in Indian call centres merit attention. It's worth remembering that stolen card details come from numerous sources – skimming, hacking and mail interception being just three – with call centre-related scams probably making up only a tiny slice of the growing pie. ®
Deli mafia? This is quite obviously one chap, copying card numbers when he's at work.
If this really is the cutting edge of organised crime in India, as the article might have you believe, then I think the outsourcers can rest easy.
The prices are ridiculous, the article says the quality was dire (bad digits) and the guy couldn't even supply more than 14 up front.
This is not a professional operation, it's a bloke with a pen and paper frantically scribbling the things down when the bosses aren't watching...
No one's complaining at Nortons forums
Odd that there's no mention of this at the Norton Forums <http://community.norton.com/> . Is Symantec still up to their old tricks of deleting unfavorable posts,or are the faithful just still asleep?
@Third-world hell hole
Pretty rich, coming from a country of extremes in itself: a majority of binge drinking, benefit scrounging illiterate chavs and relatively few champagne guzzling, market manipulating bankers, hurtling towards political, economic and social irrelevance.. And yes, you have some protozoans. Sorry, politicians.
I'm Indian. Lived in London for 8 years (hedge funds mainly). No recourse to public funds - children studied privately, health services were private. And I paid my taxes. Loads of it. Of course I made money - that's why I went to London. And returned to India on an expat package - to make more money here. I'd've gone to any country had I spotted an opportunity. Similar to the way the Empire was built.
And you might know, your "Developed World" fund managers were queuing up to invest in India until last year.
If it makes you feel any better, the bulk of your industries are owned by Indians - including automobile and steel. We'll soon own your banks. And we'll own your telcos as well. And your country, for what's it's worth. Better get used to the idea of paying us rent, or find another planet. I forget, you don't have a space industry to go to another planet. I doubt you have any industry left, apart from binge drinking.
I think the concept of nationality is bollocks - lines on maps drawn by people with vested interests. I believe in having a good time and of course, in identifying opportunities to harvest economic profits. But I do like holding up a mirror to people who diss other countries - take a good look.