An article relating to this blog post on Finextra:
Bank scammers diverted customer telephone calls
Police in Perth are investigating an elaborate bank scam in which customer calls to the Bank of Scotland were intercepted and diverted to fraudsters who duped the callers into handing over personal ac...
I wrote yesterday on the problems the Commonwealth Bank of Australia was having with a phishing attack that caused customers to call a fake contact centre that impersonated the bank's centre and captured their credit card details ("Phishing
fraud steps up a new level with fake bank IVR & contact centre").
It now seems that this fraud has reached the UK. The
BBC is reporting here that the Bank of Scotland has been targeted by fraudsters who have been able to divert customer calls. There's few details in the BBC report other than that the calls were diverted and that there is a theory that a former contact centre
employee may be involved. An inside job does seem a strong possibility, and the infiltration of call centres by organised crime is a real risk. Although it wasn't widely covered, the BBC reported back in 2006 that Strathclyde Police believed that perhaps one
in ten call centres had been targeted by organised criminals (article here). Normally, though, crime in contact centres has been
opportunistic and carried out by individuals. A typical example was when the Barclays Chairman, Marcus Agius, had his details and money stolen by one of his own employees (covered on the blog in the post "Security,
Call Centres and Fraud").
It is a worrying development if organised crime has, well, got itself more organised, and moved up from individuals stealing details to systematic attacks from the inside on the banks' contact centre systems.