Call Center Operator and His Cousin Steal $645,000 From UK Water Supplier

An anonymous reader writes: "An unnamed UK-based regional water supply company lost over $645,000 in a sophisticated scam that involved social engineering, an inside man, and international bank transfers," reports BleepingComputer. According to a recently disclosed report, one of the water supplier's call center operators was taking screenshots of customer details and sending this data to his cousin in the UK. This person would trick other call center operators to reset the passwords for those accounts, add his bank account info to the account, and request a refund for previous transactions. Their operation was discovered after customers, usually small-to-medium businesses, discovered they couldn't access their accounts anymore, and also reported new bank account details. A search of the CRM logs revealed that only one call center operator had accessed those profiles, albeit he never initiated or approved refunds. When questioned, the arrogant employee signed an affidavit allowing investigators to search his home PC, thinking they would never discover anything, since he already wiped his hard drive. They did because he forgot to delete his shadow volume copies, where investigators discovered copies of emails sent to his cousin in the UK. These emails contained the screenshots of his work PC with SMB client data. In the end, the call center employee ended up helping authorities secure a conviction for his cousin.

Re: Fucking turncoat!

[0xdeaddead]

I worked right besides a fraud department for a major credit card company.. it never ceases to amaze me how ingenious the scammers we're, how the first few times were completely missed by all the fraud detection, and how every single one just kept on doing the same thing over and over thinking if it works once or twice, it'll surely work 200 times...

Re: Fucking turncoat!

[houghi]

Many years ago I talked with somebody who did control at a large supermarket in Europe. She told me that the way they cought people stealing from the till was because they always took the same amount.
Sure it can happen that you have a short in your till, but if it is always the same amount, they will become suspicious and it will gets you fired.
If you take a 20 bill each day, it will soon be clear you did so.

One person did it the smart way and was fired because he told cow orkers:
Taking different amounts each time and even sometimes had too much in the till, although obviously more in his favor than in his disadvantage. Also he never took one bill as most would do, but also took some coins. This person was looked up as sloppy, not dishonest.