Industrial-scale fraud operation targeting TalkTalk customers

The fraud allegedly stemmed from Indian IT service firm Wipro, which the British telco had contracted in 2011 to provide some of its call centre work.

Three employees of Wipro were arrested in 2016 on suspicion of on-selling the private data of TalkTalk customers, which would have occurred sometime between 2011 and 2014.

Since then, a large number of current and former TalkTalk users have received calls purporting to be from the broadband provider, seeking to establish trust and a rapport with the customer before taking their bank details through fraudulent means.

On Monday, the BBC reported it had spoken with three sources, who were employed by two front companies controlled by a group of organised criminals.

The sources said they worked in call centres in two cities, with as many as 60 employees working in each office, targeting TalkTalk customers.

Reading from a script, the sources said they claimed to be calling from TalkTalk, and stepped customers through installing a piece of malware on their computers under the claim it would solve problems with their broadband or account.

Another team from the call centres would then log into the malware remotely, and fraudulently access the victim’s internet banking to siphon money away.

The BBC said it was not possible to independently verify the sources’ claims, but their accounts were “highly detailed” and closely matched reports of the kind of fraud targeting TalkTalk customers.

It also said a victim of the fraud confirmed the script provided by the sources matched the one read to her, before she lost £5,000.

The alleged data theft in TalkTalk’s Indian call centres wasn’t the only high-profile security breach at the telco, with its systems being hit by a major and wide-ranging attack in October 2015.

That breach forced the telco to halt sales of new packages for a number of weeks, and saw thousands of customers abandon their packages.