A trip to India: Hunting down a criminal call center

Presented at Still Hacking Anyway (SHA2017), Aug. 4, 2017, 10:20 p.m. (60 minutes)

We will take you behind the scenes of a call center that placed over 5 million calls to Dutch phone numbers and employed around 60 people. We will show how these call centers operate and how they convince their victims to pay for their ‘services’. You will see the social engineering techniques that are used by the scammers. We will also show that we could easily obtain the list of 5 million potential victims from the call center and how we eventually were able to track down the owner of the call center. #Society #ContentWarning Phone scammers are an ongoing and persistent threat to computer users worldwide. These cyber criminals run professional call centers to contact their victims by phone, claiming they are Microsoft employees and convincing their victims in paying a fee to fix non-existent malware infections or other ‘issues’ the victims computers would have. Northwave has set out the uncover the identity of some of these criminals. In cooperation with the journalists of the Dutch TV programme AVROTros Opgelicht we were able to get in touch with a few of these criminal call centers and tried to play along with the scammers. By acting as a potential victim we were able to gain insight in the tactics of these criminals and determine the location of the call center. This journey eventually led us to Calcutta, India where we were able to meet with the owner of the call center. Together with the journalists at AVROTros we were able to travel to Calcutta, speak to the owner and handed the case over to the police force in India.

Presenters:

  • Bart Roos
    Bart Roos holds a position as Principal Cyber Security Consultant and is responsible for the managed CERT and pentesting services at Northwave. Finding the weaknesses in the networks of Northwave’s customers and hunting down hackers in customer networks are the most important parts of his daily job. Before making the switch back to the private sector he worked as a Senior Security Specialist at GOVERT.NL and the National Cyber Security Center between 2011 and 2016.

Links:

Similar Presentations: