Well, this isn’t the first time. But a report by Kat Hall for The Register suggests that some of the scammers may have more information about potential victims than they should. Which makes me wonder whether there’s a leak similar to that affecting TalkTalk customers. I’ve certainly been contacted in the past by BT sales people who were clearly not based in the UK.
I don’t know whether there’s been such a leak at BT, of course. However, it’s not unknown for people working in legitimate support to be also implicated in some way in support scamming, whether by leaking data or by working in a call centre that encourages scam calling as well as offering legit support for legit organizations. And it’s hard to police that kind of activity.
That article by Kat Hall: Indian call centre scammers are targeting BT customers – In some cases fraudsters knew their mark’s personal details
Kat Hall reports for The Register on an attack against North Dorset Council apparently involving 6,000 files compromised by ransomware. The council refused to pay the ransom and are quoted as saying:
“The ‘ransomware’ attack was quickly detected by our security systems and action was taken to minimise the impact on our systems. No customer data was compromised.”
G-Data’s Eddy Willems is quoted as saying that organizations are being targeted that are less likely to have up-to-date protection and therefore more likely to pay the ransom. ESET’s Mark James didn’t suggest specific targeting, but did observe that public sector organizations are vulnerable because of the sensitivity of the data they hold and the fact that they are likely to be hampered by budget constraints.
Having spent much of my life working for the National Health Service, I’m all too aware of those constraints, and have a great deal of sympathy for executives who have to walk the tightrope between the need for the best affordable security and the need to prioritize direct spending on patient care. Similar concerns apply in other public sector organizations, charities and so on. When it comes to ransomware, however, the risk it poses to client data and wellbeing does call for an effective security strategy that prioritizes data and system backups and data recovery. It sounds as if the Council in this case were properly prepared.
For the Register, Kat Hall revisits the allegations that the security of TalkTalk customers was compromised by data leaked to support scammers. In the BBC’s Moneybox programme it was claimed that ‘criminals appear to have accessed the details of TalkTalk engineer home visits and have gone on to use this information to trick customers’.
It’s not altogether clear that there is a direct link, but Hall points out that:
‘At the end of January, TalkTalk said it was considering cutting ties with its Indian call centre provider after three employees at the site were arrested for allegedly scamming customers.’
Added to the support scam resource page.