Kaspersky Lab welcomes the announcement by the Indian Police (Cyber Crime Investigation Cell, CID, West Bengal) of significant progress in its investigation into a phone scam operation that is estimated to have cost victims millions of pounds. The scam, which involved people being called by fraudulent technical support staff, was uncovered in 2012 by a Kaspersky Lab Global Research and Analysis Team (GReAT) expert, and reported to the Indian Police. The Cyber Crime Investigation Cell has recently taken eight suspects into custody.
The phone scammers operated by calling random individuals and posing as representatives of a large, well-known consumer technology vendor. Targets were told that their computers had been infected with an unverified software license, rendering their machines insecure. The fraudsters offered to help by connecting remotely to the victim’s device to supposedly fix and install updated software, forcing them to pay a subscription fee of at least $250 for “lifetime support”, “lifetime updates”, “anti-hacker solution”, etc. In fact, the software they provided was nothing, wrapped in a nice graphic interface.
IT Security Kung Fu
In 2012, David Jacoby, a Senior Security Researcher at Kaspersky Lab, received calls on his home phone from scammers who were tirelessly pursuing him as a potential victim. Fed up, he played along, allowing the criminals to connect to his computer while he kept a virtual machine running, and convincing them to visit a website he had set up. All this helped David to capture the network traffic and to find out the IP address, email address and phone numbers of the criminals. It turned out that they were calling from India.
“After collecting all the information, I contacted the appropriate people in the PayPal security team and at various law enforcement agencies, in the hope that we could stop these people from stealing a lot of money,” Jacoby said.
The data Jacoby collected was substantial and has now helped the police to locate and hunt down the criminals.
According to Jacoby, the phone scammers used social engineering to trick their victims – gaining the confidence of unwary individuals to get what they want. Targets of phone scammers are usually those who stay at home, such as the elderly, unemployed or those who are not technically-savvy, who they consider easy prey. In this case, the criminals targeted people in countries where people speak good English – including the UK, Australia, the Netherlands, and countries in Northern Europe.
“If cases like this get exposed to the public more, then fewer people will be victimised and the cybercriminals will have nothing to earn,” the security analyst said.
Joint Fight
“Law enforcement is an important ally in the fight against cybercrime,” said Maxim Mitrokhin, Managing Director for Kaspersky Lab Asia Pacific. This investigation has proved to be lengthy and complex and we welcome the high level of commitment and collaboration displayed by the Cyber Crime Investigation Cell.”
The Cyber Crime Investigation Cell believes that partnerships with cybersecurity experts are important in helping it to build its own cyber-expertise.
“While India is regarded as an IT power, it has also become a favoured hub for cybercriminals in the APAC region,” said Rajshri Banerjee, Inspector in-charge, Cyber Crime Investigation Cell, CID, West Bengal. “We face many challenges dealing with cybercrimes, but our cooperation with key experts such as Kaspersky Lab helps to strengthen our cyber-capabilities,”
To go back in time and learn more about this scam, please see David Jacoby’s presentation, interview and blog post.
[su_box title=”About Kaspersky Lab” style=”noise” box_color=”#336588″][short_info id=’59584′ desc=”true” all=”false”][/su_box]
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.