Symantec Caught Up In Indian Credit Card Scam….. And It’s Caught On Tape

If you’re thinking of renewing the subscription of your copy of Norton Internet Security or some other Symantec product, you may want to think again. According to the BBC, an agent inside an Indian call center that handles renewals for Symantec is selling credit card numbers on the black market for as little as $10 a card. The BBC was able to buy these card numbers and get the transaction captured on hidden camera. From there they decided to follow the trail back to the holders of those cards:

The BBC team contacted the owners of these cards and warned them that their details were now being bought and sold in India.

Three of those customers had, within hours of each other, bought a computer software package by giving their credit card details to a call centre over the phone.

Within hours of making the purchase, their details were fraudulently sent on to the reporters.

One of the victims said he was “disturbed” at what had happened.

Symantec for its part had this to say:

“We are investigating how this incident happened and will take any appropriate steps to address any opportunities for improvement in our processes.

“We have engaged with the local law enforcement officials in India and will cooperate fully with that investigation. We are in the process of reviewing all possible options to manage this third party call centre, including moving away from it.”

A spokeswoman stressed that “rigorous security measures” are put in place at call centres. For example, staff are not allowed to take electronic devices, memory sticks, pens or pencils to their desks. Internet and email access is also banned.

I guess those “rigorous security measures” that are in place didn’t work all that well. After all, it looks like one agent was able slip by them and go to town. One has to wonder if similar scams aren’t running anywhere else in call centers that Symantec and others use?

I took a look this morning for any mention of this on the Symantec website. There wasn’t any. Not that I’m shocked by that as I would really be surprised if they did come clean on that. After all, they are a security company and they have to appear perfect or their customers will shop elsewhere. Having said that, this story does appear to be getting traction via Google News. So I suspect Symantec will have to come out with something soon to reassure its customers.

Leave a Reply

%d bloggers like this: