BPO hackers in cellphone fraud

KOLKATA: As BPO frauds go, this one would shock any cellphone user. Call centre employees Subhrajit Karar, Ranjit Das and two of their friends allegedly hacked into the main server of a telecom service provider a client of the BPO firm and re-activated SIM cards that were no longer in use, which they later sold. They even stole customer details to use already activated recharge numbers to make a fast buck, police say.
All four are employees of a BPO firm based in Salt Lake Sector-V.Subhrajit and Ranjit were arrested on Sunday night after BPO officials lodged a police complaint. The duo told police that two other colleagues Subhasit and Debasis Mondal were also involved in the fraud. A search is on for them. Police say the quartet's little racket was busted before they could spread the network.
According to company officials, the modus operandi adopted by the four was actually quite simple. Through their hacking skills, they managed to get their hands on a top secret password allotted to the BPO by the cellphone provider. Through this, they could gain access to the cell company's main server, which handles the accounts of customers.
It did not take them long to realize that there are many people who had stopped using their pre-paid SIM cards for some reason or the other. Though the SIMs had got automatically deactivated after a while, most customers held on to the chips for whatever reason. The hackers started with people they knew and offered money for deactivated SIM cards. Former customers of the telecom service provider were only too happy to hand over their deactivated cards for Rs 50 or so. The four would then re-activate the SIMs and sell them for anything between Rs 100-150. Unsuspecting customers were only too happy to receive an activated SIM for a price lower than the market rate.
The four would also scan the client's network for recharge vouchers that had already been used. They would re-activate the vouchers and pass on the secret code (a set of random numbers) to people in lieu of money. Their racket was just about flourishing when officials got wind of the crime.
Officials of the company believe that the hackers could not have made much money. The four, perhaps, got into it for the kicks, said an official. But their pranks could have resulted in a major security breach. Had any of the re-activated SIMs landed in the hands of subversives, the original customers would have got into a lot of trouble.
Subhrajit and Ranjit, in their mid-30s, joined Firstsource a BPO in Sector V's Technopolis Building two years ago. While Subhrajit is a resident of Howrah's Belilious Lane, Ranjit lived in Belgharia. Both were assigned to man the helpline of telecom company.
"Firstsource follows a zero-tolerance policy on security breaches and cyber-fraud. We informed police the moment a possible fraud was detected in one of our processes. We have state-of-the-art security standards but criminal acts cannot be ruled out. The company is committed to providing clients and their customers, the highest levels of security," said Vrinda Walavalkar, vice-president, corporate communications, Firstsource.