Slashdot stories can be listened to in audio form via an RSS feed, as read by our own robotic overlord.

 



Forgot your password?
typodupeerror
The Almighty Buck Security

Indian Call Center Employees Hack US Bank Accounts 550

Posted by CowboyNeal
from the easy-money dept.
The Ascended One writes "Call center employees working for an Indian software company, MSource, supposedly used confidential client information to transfer client funds to themselves. The alleged perpetrators used the personal information of four NY-based clients to transfer ~$350,000 (Rs. 1.5 crores) in their names, a large sum in Indian currency. They were caught after the victims alerted the bank officials in the US, who then traced the crime to the Indian city of Pune. While the name of the bank has not been revealed, the article indicates that the bank in question is Citibank."
This discussion has been archived. No new comments can be posted.

Indian Call Center Employees Hack US Bank Accounts

Comments Filter:
  • Easier to track (Score:5, Insightful)

    by Odo (109839) on Friday April 08, 2005 @04:50AM (#12174226)
    A lot of posts here will no doubt be saying something along the lines "see, this is what happens when you outsource". Well, think about it from an investigator's point of view. If money was transferred illegitimately from a US customer to somewhere in the US, it would be much harder to figure out what was going on than if it was being sent to India. By outsourcing the call center to India, it has made the origin of this sort of fraud much easier to detect.


    I'm a system administrator and most of my customers are in the UK. So when I'm investigating an incident on our servers, and the logs show some activity from Brazil, it makes my job a lot easier.

  • It doesn't matter where people are located. What matters is that you have trustworthy people handling your business. And, you know what? Untrustworthy people are everywhere.

    I, for one, do not buy into this Lou Dobbs racist/nationalist claptrap that says that we can't trust foreigners. I'm one of the biggest foreigners around, if you consider all the places I have to travel to that I'm not actually a citizen of.

    Hey, bad people are in India. And in the U.S. And in Europe. And in Asia. Oh my god! They are everywhere!

    Luckily, the bad people are outnumbered by the good. I can just take a look at my lists and figure that one out.
  • by chrisbeatty (811646) on Friday April 08, 2005 @04:57AM (#12174255)
    I know this could happen to anyone given a lax state of security.

    But it's surely much tougher to vet people who have access to your systems when their whole culture is different (nevermind the fact that they're half the world away)

    A lot more care needs to be taken when outsourcing internationally, otherwise the savings made will end up being spent on PR & the like after a cock up.
  • Re:Easier to track (Score:1, Insightful)

    by jcr (53032) <.jcr. .at. .mac.com.> on Friday April 08, 2005 @04:58AM (#12174262) Journal
    I think it's worth pointing out that they were apparently caught in the act, so it's not like Citibank was standing by idly and not noticing.

    I'd rather have my money in a bank that's recently had such an incident and caught the perps, than one that's still oblivious to the hazard.

    -jcr

  • by jago25_98 (566531) <jago25_98.hotmail@com> on Friday April 08, 2005 @05:00AM (#12174275) Homepage Journal
    When I take credit card info over the phone I could do just the same.

    The only slight difference is that it's worth more over there.

    So I find it odd that this is considered different.
  • Us versus Them (Score:2, Insightful)

    by victorhooi (830021) on Friday April 08, 2005 @05:03AM (#12174283)
    Hi,

    Well, it's not so much a case of us-versus-them, but a matter of accountability and proesecuting them. An earlier poster made the case that this makes it somehow easier to track, but I think this is an absolute load of claptrap

    Remind me again, exactly how many people are there in India? So how exactly does the fact that you know it originated from India help you? Or say Brazil, China, etc - all of these places, though poor, are in fact heavily populated, densely packed, and often the authorities are loathe to co-operate with foreign officials (honestly - whose side do you think the Indian police force/bureacrats are on?)

    Outsourcing critical infrastructure, and potentially dangerous data that can bite you back later is a recipe for disaster.

    I'm Australian, and recently there was a furor over Boeing's court victory allowing them to discriminate against Australian workers, and select only US citizens - a lot of Australian's were mad, but I myself thought that Boeing had a perfectly logical argument.

    You can call me a racist (fyi, I'm chinese - and the US's witch-hunting of Chinese "spies" irks me, but hey, it's another one on a growing pile of 'em...lol), so what the heck...

    Victor Hooi

  • by 0x461FAB0BD7D2 (812236) on Friday April 08, 2005 @05:10AM (#12174297) Journal
    So they should start aborting outsourcing attempts because the US doesn't have data privacy laws?

    Rather than phoning up your banks and finding out where your information is ending up, which can be a tedious process, shouldn't you be phoning up your congress representatives and asking them to enact laws which provide for your privacy?
  • by JaredOfEuropa (526365) on Friday April 08, 2005 @05:11AM (#12174302) Journal
    It doesn't matter where people are located. What matters is that you have trustworthy people handling your business. And, you know what? Untrustworthy people are everywhere.
    If your employees are proud to be part of the firm, and if you treat them with respect and pay a decent wage, they are less likely to turn to fraud. However, if you treat them like shit and pay peanuts, they are more likely to become disgruntled and commit fraud or (digital) vandalism. Yes, just like in 'Office space'.

    The current relentless drive to reduce employee costs to a minimum does not help in that respect, in any country. From what I understand, Indians are currently happy with their current wages (and often very odd working hours). But what will happen when the squeeze from even cheaper Chinese workers is on?
  • by ImaLamer (260199) <john.lamar@gma i l . com> on Friday April 08, 2005 @05:13AM (#12174315) Homepage Journal
    I just have to say that this is a bigger problem than a simple "I told you so".

    When you outsource certain operations you are giving people who have no connection with your customers their private information. Banking account numbers? Some people still don't use online banking because it scares them and we don't see this as a huge liability?

    Really, what if a few thousand credit card and bank account numbers got into the hands of suspected terrorists? If they made a one time shot at getting items to fence or cash withdraws (wire transfers) and split, they suddenly have resources that was taken right from the American people.

    I'm by no means saying that you should be suspect of *any* foreign person or enterprise. I'm thinking of the type of people who *might* get their hands on my/our information. What good is it to give to the people like EPIC [epic.org] when we give our information to people we can't necessarily track down? Can anyone guarantee that we will be able to bring someone to justice, under our laws (and equally for their benefit the Constitution)? I've worked on the phone making sales, and the problem we had was we were banned from taking credit cards because a few people screwed it up for everyone.

    Of course, if someone wants the information they can get it. It just makes me wonder why we give our sensitive information to a foreigner when we need parts for our Dell (and by extension everyone else I don't care to list).
  • by WIAKywbfatw (307557) on Friday April 08, 2005 @05:15AM (#12174320) Journal
    I don't think it's racist per se to point out that the scammers were Indian - because they were, and that's not going to change - but it would be racist to extrapolate from that that Indians in general can't be trusted because of the actions of one or two people.
  • by WIAKywbfatw (307557) on Friday April 08, 2005 @05:17AM (#12174329) Journal
    On the other hand, you don't have to be poor to be so consumed by greed that you're willing to steal or commit fraud to further line your pockets. Just look at Enron, Worldcom, etc if you want proof of that.
  • by Mike1024 (184871) on Friday April 08, 2005 @05:19AM (#12174338)
    I only hope this news flashes through the industry and gets in the heads of CEOs and PHBs everywhere who then start aborting outsourcing attempts.

    I'm not sure Indians are any more likely to jot down card numbers that thier minimum-wage US counterparts. Except, of course, that an Indian phone jockey makes a better wage (by local standards), arguably giving them less reason to committ such fraud.

    It's annoying when you can't understand what someone says on the phone, sure, but I don't think they're any more likely to be criminals than thier western counterparts.

    Michael
  • by otter42 (190544) on Friday April 08, 2005 @05:19AM (#12174342) Homepage Journal
    The alleged perpetrators used the personal information of four NY-based clients to transfer ~$350,000 (Rs. 1.5 crores) in their names, a large sum in Indian currency.

    I would have thought $350,000 is a large sum in ANY currency.

    Brother, can you spare $350K?
  • Sigh.... (Score:3, Insightful)

    by nberardi (199555) * on Friday April 08, 2005 @05:20AM (#12174347) Homepage
    This brings into issue all the medical, supposidly confidental, data that gets sent to India for transscribing. I hope companies from around the world take a look at the amount of personal information they are sending to around the world with out thought of who might be watching it.
  • Re:Easier to track (Score:4, Insightful)

    by Detritus (11846) on Friday April 08, 2005 @05:22AM (#12174351) Homepage
    The problem is jurisdiction. It's a lot simpler to investigate and prosecute crimes when they happen within a single country. Police detectives can obtain warrants and subpoenas from a local judge. They don't have to deal with the State Department, another country's foreign ministry, and prosecutors and police who have their own priorities and may not care if some local boys rip off some foreigners. Extradition, even when there are treaties in place, is relatively rare. It is usually reserved for the most serious crimes, like first-degree murder. Many countries will not extradite their own citizens, as a matter of policy.
  • by Anonymous Coward on Friday April 08, 2005 @05:23AM (#12174357)
    Because I choose to?

    It's not important that the scammers were Indian, it is important that employees of an outsourced company were perpetrators of a crime.

    I also happen to have my own startup which has an offshore branch - personally, I'd be scared if personal client information were to be misused.

    The one reason I did post the Indian part is because I'm hoping that this would get a lot of publicity, and Indian offices would smarten up to such acts by their employees. If you hear about one, you can be assured that there are many more that you don't.

    Offshoring and outsourcing is a big thing for India and Indian companies need to take that seriously. If an employee is able to garner significant personal information of clients, then they aren't doing a good job of it.

    The only way for them to get that message if this were to get publicity - and business of the said company were to suffer a significant loss for people to send a strong message that they need to do something about this sort of thing.

    Bad publicity affects business, and money speaks strongest.
  • by leuk_he (194174) on Friday April 08, 2005 @05:26AM (#12174363) Homepage Journal
    In this case they transfered the money to their own bank acount. That is not a very good way to get the money since it very tracable.

    Luckily, the bad people are outnumbered by the good.

    might i add:
    Luckily the the smart bad people are outnumbered by the dumb bad people. 8)
  • Re:Easier to track (Score:5, Insightful)

    by Alioth (221270) <no@spam> on Friday April 08, 2005 @05:28AM (#12174369) Journal
    Extradition, even when there are treaties in place, is relatively rare. It is usually reserved for the most serious crimes, like first-degree murder.


    Don't forget music piracy!
  • by Superdad (847315) on Friday April 08, 2005 @05:31AM (#12174378)
    Do the editors really need to emphasise that the scammers were indian? I don't want to sound naive but do the editors really want to turn this site into a populist racist forum?

    Security is a 'system', and altering or extending a system, can open it to risk that were not originally envisaged when it was established. Adding a new site, adding additional computer systems, new network(s), new operative etc all can alter the security threat mix.

    Extending a secure system to a new country, a new language group, a new multi-cultural mix, will also expose the system to a new mix of threats. Ths issue of extending such a system to a different continent, particularly if the operatives there are working at the higher(est) levels, entails exposing the system to all the differences between the new location and the old.

    Whether the staff are physically in India or hold Indian state passports is incidental. The significant factors are, a) how close or removed they are from the cultural assumptions of the systems designers, b) how exposed they are to personal weakness, c) how exposed they are to external influence. These are sometimes referred to as Antipathy, Jealousy, Poverty, and Corruption. Placing a call centre in Dehli, Amritsar or Goa would vary the mix, as would placing it in Belfast, Glasgow or Ipswitch.

  • What's the news??? (Score:3, Insightful)

    by doktorstop (725614) on Friday April 08, 2005 @05:32AM (#12174383) Homepage Journal

    Looks like a slow day for Slashot if this type of stories get posted =)

    According to the police, Thomas, who worked in the callcentre for six months before quitting the job in December 2004, had the secret pincodes of the customers' e-mail IDs, which were used to transfer money. In January, he roped in his friends and transferred money from four accounts of the bank's New York-based customers into their own accounts, opened under fictitious names.

    The story doesn't even have enough info to classify it as social engineering. People used confidential information to transfet funds. Ok, they used the Internet to do the transfer. Ok, they got PINs from customer emails. What's in there to learn? Where are the "news for nerds" here?

  • by t_allardyce (48447) on Friday April 08, 2005 @05:32AM (#12174384) Journal
    You misunderstood, Im not saying they're any different from non-outsourced workers, im just saying i HOPE that people in charge get a knee-jerk reaction to stop outsourcing so that jobs can go back home, in fact in many cases, outsourced people work harder and are more loyal! - thats the whole problem!! who wants to compete with hard-working, loyal and cheap employees? we want our jobs to stay at home.
  • by Stargoat (658863) <stargoat@gmail.com> on Friday April 08, 2005 @05:56AM (#12174450) Journal
    Nonsense. Most of the fraud committed at banks occurs because of duress. Namely, the husband or boyfriend threatens a teller or personal banker and says "Steal money, or I'll hurt and kill you, or the kids, or the dog." (Yes, you would be surprised how often it is the dog.)
  • by testadicazzo (567430) on Friday April 08, 2005 @06:11AM (#12174492) Homepage
    On the other hand, you don't have to be poor to be so consumed by greed that you're willing to steal or commit fraud to further line your pockets. Just look at Enron, Worldcom, etc if you want proof of that.
    Too true. There are two problems to consider. Rampant poverty will increase crime. Especially in the event where labor is being done, but the laborers are not reaping the rewards of their labor. So that's one contributing factor, in the U.S. as well as abroad.

    A second contributing factor is the culture of greed that dominates in the modern world. Wealth without labor is the new goal. One of the most elequent discussions of this I have seen was by harvey pekar, in an issue of American Splendor (sorry, don't remember what issue). But we have a culture (which we are aggresively exporting) which places more importance on the possession of wealth than on honesty, integrity, or a strong work ethic.

    I'm hoping that this is actually changing, that the Bernard Ebbers, the Dick Cheneys, the Kenneth Lays and Darrel McBride's become outcasts and pariahs, shunned and hated enough by society at large that people feel a strong enough social pressure to mitigate their greediest instincts.

  • by Chicane-UK (455253) <[chicane-uk] [at] [ntlworld.com]> on Friday April 08, 2005 @06:18AM (#12174520) Homepage
    Oh thats it.. play the terrorism trump card.

    I know you say 'I'm by no means saying you should be suspect of *any* foreign person..' - but really you don't mean it. You wouldn't have made such a post in the first place if you didn't really mean it.

    At the end of the day we are a global economy.. our card numbers and personal bits of information have been flying all over the globe for years now. Quite frankly I trust the people working in the indian call centres as much as I trust the person working down the high street in my own city bank.. i've worked with a number of consultants from India on coding projects here in the UK and have found them to be nothing but exceptionally dedicated, meticulous and hard working.

    Just because they are foreign, it doesn't automatically make them a potential terrorist for christs sake.
  • by pandrijeczko (588093) on Friday April 08, 2005 @06:28AM (#12174566)
    $350,000 is a menial sum compared to some of the huge fraud that happens in the Western World (just look at Worldcom as an example).

    However, outsourcing to people in less developed parts of the world means that much smaller (and presumably more "readily available") sums of money can provide them with a very good living still & make committing fraud worthwhile in the firstplace.

    There are no intended racial overtones in these comments, just observations, and quite frankly it's the mega-corporations I laugh at now that they will start to get their "just desserts" for messing up the economies and lives of so many people for the sake of a few bucks.

    Let's face it, if you're a Citibank (if that's who it is) customer that got ripped off by this, you'll get your money back anyway because it's obviously a security issue with the bank themselves, not the customer's fault.

    I say good luck to the Indian call centre workers - they're being used as the 21st century equivalent of sweatshop labourers anyway so they should grab what they can before they demand too high wages and they themselves get dumped by the corporations like a lot of the rest of us have.

    [INSERT LOUD SCORNING "HA! HA!" HERE]

  • by Dr. Evil (3501) on Friday April 08, 2005 @06:46AM (#12174627)

    I for one am glad of the security I can place in trusting my fellow national. Ever since foreigners started bombing federal buildings, sending bombs to universities, sniping people randomly in Washington, and god knows what else, it's good to know that we can draw a clear line between "us" and "them"

  • Re:Easier to track (Score:1, Insightful)

    by Anonymous Coward on Friday April 08, 2005 @06:47AM (#12174630)
    You're an idiot. The fact that Citibank is the target of phishing and email scams has nothing to do with the operation of Citibank but is more due to the fact that they have such a large customer base.

    I'm pretty confident that Citibank will survive without your allowance money.
  • by Anonymous Coward on Friday April 08, 2005 @06:49AM (#12174642)
    What no one's pointed out is that the much maligned Indian police swung into action rather quickly and all accused have been arrested. But no, we're trying to highlight some other facts here. All's well that ends well? And these guys got caught because, let's face it, they were too naive to think they could get away with it. It's darn stupid, never mind the nationality. I doubt we would have seen this story around here if someone sitting in California would have done such a thing. In which case the amount in question would have been much higher as well - while an "evil greedy" Indian is happy a few hundred thousand dollars, I'm sure the American "evil greedy" counterpart would be talking in millions of USD. Reason FOR outsourcing #65241 A "greedy evil" Indian steals less money than their "greedy evil" American counterparts.
  • Nail on the head! (Score:5, Insightful)

    by ImaLamer (260199) <john.lamar@gma i l . com> on Friday April 08, 2005 @06:57AM (#12174671) Homepage Journal
    What connection do local call centres have with a banks customers that people who live further don't? ...

    it's cheaper than giving it to a `fellow American`. I should have thought that were obvious.


    A Ha, and you've discovered my complaint. We get paid a lot more, we have less motivation to steal. We depend on that job, we have built a life around it. The paychecks are okay, so the risk to benefit ratio tells me not to steal from customers. On top of that, they are fellow countrymen.

    However, in India it is a different story (don't flame, just an example).

    The Indian worker is getting paid a fraction of what you've just spent. I sure hope there was no contempt in your voice - contempt breeds contempt. The tech looks at his check and sees a nice amount of money but he sees another option. Really, if he loses this job there will be another American company who will come around (best part is, they don't talk to each other). We've created the economic situation where it makes sense to work for a few weeks and rip a few hundred people off. An organized effort could be dangerous.

    No matter... bring the work home and solve the whole problem that way.
  • Re:Sigh.... (Score:5, Insightful)

    by Secrity (742221) on Friday April 08, 2005 @06:58AM (#12174672)
    "This brings into issue all the medical, supposidly confidental, data that gets sent to India for transscribing. I hope companies from around the world take a look at the amount of personal information they are sending to around the world with out thought of who might be watching it.

    Corporations as a whole do not care at all about the personal data that they send anywhere; the data is simply a commodity. To companies that are used to dealing with large amounts of commodities (including personal information), the loss or compromise of a certain percentage of the commodity is tolerated and expected. For corporations it is cheaper to pay for the loss than it is to prevent the loss.
  • by The_Mr_Flibble (738358) on Friday April 08, 2005 @07:01AM (#12174690)
    Ok I have an abbey account and I recently needed to contact them regarding some information I required so I called them. A woman answered the phone and she was noticebly indian her accent was way to heavy anyway I conclude my business with her (only having to repeat myself a couple of times.
    I then did some checking aparently the credit card division had been sold to an american company who then outsourced the call centre to india. I had not been told about this by my bank. So without my express written permision they had exported my personal information to america who then exported it to india.
    So are they in breach of the eu data protection act or not ?
    I am pretty sure that the dataprotection act states that the data cannot be exported to a country that does not have a data protection act (ala india) but america does have one so that's okay however I don't think americas data protection type act has any such conditions in it so technically they haven't broken it.
  • by way2trivial (601132) on Friday April 08, 2005 @07:17AM (#12174768) Homepage Journal
    1st of all, Osama and crew are funded just fine, they don't need your piddly thousands per account scam to pay for their efforts...

    if you DON'T outsource- aren't you still giving people who have no connection with your customers their private information?

    C'mon, it doesn't matter if the call center is in bangalore or in tampa bay, what matters is the legal hoops required to get it back/make reparations...

    remember the afghanni woman who had been hired as a medical transcriptionist but not paid for her work? and threatened to make US citizens medical records public? she wasn't breaking any afghanni law, and she had NO OTHER RECOURSE for recompse for her labors.. (and good for her) the only real bonuses to outsourcing can be mitigated by differing laws, and the ability to 'seek damages' internationally...

    These kinds of (employee, white collar) thefts occur.
    The fact that it was overseas should not make it /. newsworthy unless there was some amusing or technical quirk in international law that made it newsworthy.. I see nothing however, in the headline, any different than a NY times biz blurb about any other fradulent scheme at a major us corp..
  • HACK? (Score:2, Insightful)

    by davidpmacdonald (874455) on Friday April 08, 2005 @07:36AM (#12174850)
    It's a pitty that slashdot would title this "Indian Call Center Employees Hack US Bank Accounts". It appears that these people took note of certain accounts as the account owners phoned into the call centre. To me this is little more than common theft; there was no insight into the operation of a system. And as far as Social engineering is concerned these people were supposed to be dealing with people's accounts and obtaining relevant information. This amounts to nothing more than a bad employee being hired and taking advantage of their position.

    I expected slashdot to at least notice this!

  • by Anonymous Coward on Friday April 08, 2005 @07:44AM (#12174885)
    It is time to not berate the concept of Outsourcing. We created the Internet, the Communications Network and now we reap the benefits. We Have decided to find the cheapest and best ways to maximize profits That is the Capitalist Model. Criminal activity has and shall always be a part of doing business. You create organizations like the SEC to monitor and police. But when society (The Seasoned Capitalist) clamours for Small Government then be prepared to face the consequences. Unfortunately when we get to taste our own recipes we dont necessarily like it. It has always been the case the last 500 years, that Europe and the US have been able to dictate terms to the rest of the world and when they dont anticipate how things are going to play out they quietly change or withdraw. Unfortunately for them The next 100 years are going to be tumutous as 2 plus billions in China and India shall be in a position to dictate terms we may not like and may have to either retract or create the myth of how Bad "THEY" are. Lets see if we as a society can play by the rules we created but now dont like.
  • Re:Easier to track (Score:5, Insightful)

    by quarkscat (697644) on Friday April 08, 2005 @07:46AM (#12174891)
    I totally agree with your argument, but I would
    take it a couple of steps further. Since $1 USD
    goes so much further in India, instead of just
    off-shore out-sourcing the "worker-bee" jobs there,
    we really should be moving the corporate officers
    and board of directors jobs there.

    Just think, instead of a "Bernie Ebbers" who cooks
    the books to the tune of $11 Billion USD in order
    to keep that quarterly profit/quarterly bonus pyramid
    scheme going at MCI/WorldCom, or a "Fiorina" that
    has to be bribed $45 Million USD to leave HP,
    the major shareholders could be looking at an
    immediate 80% cut in pay and bonuses to their
    corporate leadership by moving those jobs off-shore.

    It isn't as if these US corporations wouldn't
    directly benefit from hiring the top 1% of
    Indian corporate officers, instead of the ethically
    challenged USA-trained MBAs that we have now.

  • by Elminst (53259) on Friday April 08, 2005 @08:08AM (#12175063) Homepage
    The Indian worker is getting paid a fraction of what you've just spent.

    And here is the fallacy in your argument.
    That indian tech may be getting a fraction of what YOU make per year. But, he is getting MANY TIMES as much as as the average Indian worker. Wealth is RELATIVE to your PEERS. Read any news story on outsourced workers and you see that they have some of the best living and working conditions in their country. Some even better than a lot of American workers.
    And who says that Indian guy doesn't depend on his job? Why couldn't he have built a life around it? Just because they make fewer "American" dollars than you do, doesn't mean they're poor or any less deserving of what they have.

    Everything is cheaper over there. The cost of living is way lower. This is why companies move their business there. They can pay him half what you make, and he still makes 3x as much as the next INDIAN worker.

    Stop making the same WRONG argument that less american $$ = less skilled or less dedicated to one's job.

    There was more contempt in your post than in its parent. You could do the SAME crime working as a first level hell-desk worker in the states. But I guess that would be okay because you "brought that work home."
  • by jridley (9305) on Friday April 08, 2005 @08:11AM (#12175086)
    Right, he means piracy.

    The other posts are talking about copyright infringement, an act which has been mislabeled by the RIAA et al as "piracy" in order to make it sound horrible.
  • Re:Easier to track (Score:5, Insightful)

    by AviLazar (741826) on Friday April 08, 2005 @08:13AM (#12175102) Journal
    How is this easier? Money transferred from one bank account to another bank account is more easily traced within US. Our banks must follow strict guidelines, banks in other countries many nto have those same guidelines. If they transfered this money to say a Swiss bank account that didn't have any personal information attached to it - the police may never have caught a person. They might have been able to get to the account, and retrieve the money, butgettin a persons private info is much harder.

    So when your logs show activity in Brazil, how is this easier then if your logs show activity in Maine?
  • by unexpected (635152) on Friday April 08, 2005 @08:29AM (#12175224)
    I think that too many people focus their attention instinctively towards the "foreigners" simply because they are brought up to embrace xenophobia.

    The real issue here is the danger of outsourcing functions which require personally identifiable information and other sensitive data.

    I mean let's face it. Embezzling is not a new thing and it happens more often from within than from outside.

    And on that note, I found some "Insightful" stuff about those "GODDAMNED FOREIGN TERRORISTessesssess":

    Ted Kaczynski
    aka The Unabomber
    Born May 22, 1942, Chicago, IL.

    Timothy McVeigh
    aka The Oklahoma Bomber
    Born April 23, 1968, Lockport, NY

    John Allen Williams
    aka John Allen Muhammad
    aka The Washington Sniper
    Born December 31, 1960, New Orleans, LA

  • by MagicBox (576175) on Friday April 08, 2005 @08:32AM (#12175256)
    All HAIL OUTSOURCING. Just imagine this: I live in a POOR country, grew up without clothes on my back, had nothing all my life, still have nothing. A western company comes along. They still pay me $hit (because the reason they're in my country is to save money in the 1st place). I can buy bread, but I am still poor. This bank opens up their customer's accounts to me A battle in now brewing inside of my head: Do I stay a poor slave, or take a chance at the HIGH life. My good side (If I have one) is saying: No, don't do it.....it's wrong.
    But the gravity is much stronger on the other side. I've been poor and unfed all my life......living in a place where being in jail could mean I get fed at least daily.....WHAT DO I HAVE TO LOSE?!?!?! Welcome to the beginning of the END
  • by Augusto (12068) on Friday April 08, 2005 @09:10AM (#12175615) Homepage
    Whatever you tink about Lou Dobbs, it's very irresponsible to just dismiss him as a racist.

    Even "nationalist" is nonsense, he's merely pointing out one of the problems with unresitriced and unbalanced "unfair" trade. Now, you could argue this is a good thing, and we could point out the problems and have a discussion. But by labeling him a racist, the only thing you're trying to do is to "shut down" any arguments by coming up with ridiculous ad hominem attacks.

    I'm an immigrant to this country, and I'm not a fan of outsourcing. I'm all for other immigrants from all over the world to continue coming here and contributing their talents to our local economies, but there is a problem when now people don't even want to become US residents, because they jobs are being drained away from here. We're about to face a serious crisis, when our technological workforce is being decimated by these companies. And there's nothing racist in pointing that out, nothing.

    As for security, I don't think most if any people here are saying that a particular nationality is less trustworthy. But you'd be a fool if you don't recognize that some of the safety mechanism we enjoy in this country, are not as robust or even exist in other parts of the less developed world. As we deal with the poorest of nations, with our sensitive data, we have to be *extremely* careful. Already, there have been incidents of bribing by local crime syndicates in some of these countries to obtain data to steal identities. Can that happen in the US? Of course! But the question is, where is it more likely, and what are the protections we need to employ in these situations.

    There's a rich discussion to be had on this topic, but please, try to come up with something better than "they're racist".
  • by Samrobb (12731) on Friday April 08, 2005 @09:12AM (#12175632) Homepage Journal
    And here is the fallacy in your argument.
    That indian tech may be getting a fraction of what YOU make per year. But, he is getting MANY TIMES as much as as the average Indian worker.

    And here's the fallacy in your argument - that same difference in pay scale/cost of living means that the $350K US that they made off with was worth a whole heck of a lot more to them than it would be to you.

    Would I risk something like this for 10 years' salary? Nope.

    Would I risk something like this for 50 years' salary? I'd like to think no, but I've never been tempted like this...

    Would I risk something like this for for more money than I could otherwise reasonably expect to earn in my lifetime? Maybe. Imagine yourself in a situation where a few minutes effort would net you $10 million of someone else's money. Can you be sure that you wouldn't consider that at all tempting?

    I'm not sure where these guys ended up on that scale, but I suspect that you're still talking about enough money to live comfortably for 20-30 years. The cynical part of me says that their real problem was that they didn't steal enough. If it had been a few hundred million, then they wouldn't be thieves, just international market speculators...

  • by Anonymous Coward on Friday April 08, 2005 @09:16AM (#12175662)
    Slashdot makes me sad sometimes.
  • by Genjurosan (601032) on Friday April 08, 2005 @09:19AM (#12175702)
    All the outsourcing arguments aside:

    With my work experience I can say that I it's so scary, that it makes me want to switch to cash and money orders for everything.

    NOTE: I have access to 1 million new SSNs a month.

    Consider some of my offshore counter-parts that US law inforcement would have a hard time prosecuting. Someone could sell that data for $250k or, then buy themselves protection from US authorities in a state that doesn't extradite.

    This, the Choicepoint, and Lexus Nexus scandals are only the beginning. I'm certain that there are incidents that haven't ever, no will ever even be known. There isn't a law, other than in CA, that forces companies to disclose that there was theft.

  • by Whatchamacallit (21721) on Friday April 08, 2005 @09:20AM (#12175708) Homepage
    This proves that the trouble with outsourcing a call center is with confidential information. Another major problem is pissing off your customers/clients because they can't understand the customer service agents strong accent. I've read several major publications all claiming the above two reasons for not outsourcing their customer service to another country.

    There are new laws in the US for privacy. These laws are forcing financial institutions and health insurance companies to better secure their customer/client data. I work in an enterprise environment where we are currently implementing major security changes across all systems just because of the privacy laws. Here's a list of only some of the changes:

    1. All users who have access to customer confidential data are completely logged with a full audit log. i.e. you just query a client and only read the data, it's logged. You query a client you shouldn't need to query and a red flag goes up. All transactions are logged and audited. Customer service reps have FULL ACCESS to all client data and transaction history. This need to be protected as much as possible.

    2. All users who do not 'need' access to the client data have been removed from access. This includes programmers who once had access to production systems and live customer data. If a production problem occurs, the user has to contact their manager and request a special temporary user ID that is set to expire in 24 hours. This temporary id is issued to the user and reset. When the programmer or engineer is done with the user id, it's returned and reset. If the id is not returned, it's reset automatically within 24 hours or less. These special temp ID's have extra security and logging is more aggressive.

    3. All access to client accounts, even access via clients themselves is logged.

    4. All call center calls are recorded and archived for long term storage. Clients are told they are on a recorded line three different ways, once the automated voice system tells the user that all calls are recorded, the agent answers the phone and tells the client they are on a recorded line, and three there is a beep now and then to remind the client. Also they are recorded while on hold (just because it's easier then trying to stop recording). I would love to hear what people say when they think they are on hold and no longer being recorded! Call center manager frequently listen in on their service agent calls and review recordings daily.

    5. There are departments such as special investigations and some legal departments that end up researching and reviewing logs when necessary. i.e. constantly looking for fraud or assisting the SEC, FBI, or police in an investigation.

    Now, you outsource a customer call center to India and you let them access your client data. They need full access just like your local staff did. Trying to secure that data becomes much more difficult then if you are doing it here. Situations like what happened to Citibank are just one possibility. Another one, would be if the Indian Companies network is breached or their servers hijacked? Who really knows, because it's no longer on your network, how do you control the security? Obviously, you can't just host the servers in the US and provide the Indians a secure uplink, the cost is prohibitive and the speed is not great enough. You would have to put the servers in India. Imagine a 1,000 call center reps hitting the servers 24/7 with queries, you can't just pipe that to the US over a leased line!

    Outsourcing customer data access to another country opens up major security questions as well as customer relations. I called 411 (information for local telco) and ended up talking to an Indian who couldn't get the name of the restaurant right even though I spelled it for him (Alpha Tango Foxtrot, etc) and kept giving me the wrong number. I gave up and went to the Internet to get the phone number! Try calling Circuit City sometime! I love how they answer the phone with a thick Indian accent but say their name is Chris or Richard! What a hoot, aliases to make them sound American!
  • Tip of the iceberg (Score:2, Insightful)

    by jabber01 (225154) on Friday April 08, 2005 @09:32AM (#12175846)
    While this is just a bunch of individuals being unscrupulous in their handling of other people's money, just wait...

    Wait until some unscrupulous coder hand your outsources CVS source tree over to a company in a former Soviet State.

    Sure, you have "legal contracts" to prevent that. But once your course is out there, no amount of legal action (even if you do manage to find the people responsible, and manage to get them into a sympathetic jurisdiction) will get your IP back under your control.

    Some things are not outsourced, ever, no matter the cost advantage. Some things that should not ever have been outsourced, already have been, because the bean-counters had no sense of the pain to which they could be subject as a result.

    Give it time. The access methods to the customer data of major financial and insurance agencies, as well as the sources of major retail packages, are quite likely to be floating around as we speak. And even if they don't get disseminated, they're worth a king's ransom, and such ransom will be due in due time.
  • by Atryn (528846) on Friday April 08, 2005 @09:50AM (#12176019) Homepage
    I had a call back from Citibank, an 'anti-money laundering' call to check the purpose of the money transfer requesting the telephone number of the **** company to receive the money.
    I never provide any sensitive information to any entity on an INBOUND call. I completely confused a poor Discover rep once when they called and needed to verify something and I refused to give them my information to verify myself as the account owner. I asked them for a department name and reference ID of some sort so I could call my number for Discover and get transferred to them.

    Seriously, someone calls you and says they are from your financial institution and need info??? Yeah, right.

    In the case of Discover, it was legit. Call me crazy, but its a precaution and extra 15 minutes of trouble I'm willing to take.
  • Re:Easier to track (Score:3, Insightful)

    by Daedala (819156) on Friday April 08, 2005 @09:56AM (#12176075)
    Banks are not relying on their ability to audit all transactions. They are relying on _your_ ability to audit your transactions. Big difference. Balance your checkbook.
  • by Dun Malg (230075) on Friday April 08, 2005 @10:00AM (#12176128) Homepage
    McVeigh WAS a hero/patriot in the old school sense.

    Yes, because Jefferson, Franklin, Hamilton, et al set off carts full of blasting powder in front of crowded Offices of the Crown, randomly killing people, and this is how the US won the war of independence.

    Not that killing children in daycare is a good thing. But why were people in a federal building hiding behind children anyway? They know wackos attack federal people from time to time

    WTF are you talking about? Name one attack on a Federal building prior to (or after!) McVeigh. They weren't "hiding behind children" because they had no idea there was anyone to hide from.

    Bet some government wonk was dumb enough to beleive that nobody would ever think of attacking them with children as a flesh shield.

    Bet it never occured to anyone that some dumbass would think it worthwhile to set off a bomb in front of a building full of boring, miscellaneous government drones smack dab in the middle of Dullsville. Really, what kind of tard do you have to be to pick such a stupid target? If he wanted a symbolic hit against the FBI or BATF, he should have picked a FBI or BATF field office, instead of a building with mostly Social Security and postal service workers.

    McVeigh did some fucked up shit, but I still cannot help but feel some respect for having the balls to do what he did.

    I have trouble respecting mental midgets with delusions of grandeur simply because they fancy themselves super-patriots. A man walking down the street randomly cutting of people's heads while shouting "no taxation without representation" is no patriot in my book either. I might agree with the premise McVeigh started from, but I'd have to give him a big fat zero for his chosen conclusion. Fuck McVeigh. Fuck him twice. He was a typical macho failed-to-get-into-Ranger-school-so-he-left-the-Ar my dumbfuck that gave other Desert Storm vets like me a bad name for a long time.

    If more Americans had the nuts to take their government to task for oppressive things they have done to this great country, things wouldn't be as shitty and corp-controlled as they are.

    Yes, but blowing one another up is not going to get the feds off our back. I guarantee that no amount of purely symbolic random bombing is going result in anything more than further oppression.

    But here I am posting anonymously because I am afraid of what the government might do to me for speaking outside of the "official truth".

    Talk about delusions of grandeur. The government doesn't care about some guy on a message board spouting off about patriotism. Really, you sound like an actual tin-foil hatter who thinks the government is trying to read his thoughts. The flaw in that line of reasoning is the presumption that the feds even give a fuck about a a nobody like you (or me, for that matter). They don't care about people like us! Get over yourself!

  • by LaCosaNostradamus (630659) <LaCosaNostradamusNO@SPAMmail.com> on Friday April 08, 2005 @11:24AM (#12177133) Journal
    Habib is what is called a "hatchet man". He is brought in to give people the hatchet, to chop or cull them out of the business. In the end, when the hatchet man has cut enough people, he himself is given the hatchet. Unfortuantely for the American workforce, hatchet men move from company to company, being used like a freelance assassin with a seriously overdriven work ethic, wiping out hordes of workers. Habib is the ultimate expression of the mercenary consultant. In a way, we are all guilty of creating people like him.
  • by Austerity Empowers (669817) on Friday April 08, 2005 @11:24AM (#12177137)
    The problem with your argument is that companies do not move their businesses over there at all, they just hire employees at arms length and pay them at cut rate, but still keep their businesses in the US. The OWNERS and EXECUTIVES don't want to go to India, it sucks there, and can be dangerous. It's far away from their family, friends, banks, wall street, etc. To them India is a cheap people farm. They're not investing in India, they're not trying to build it up as an industrial or business superpower, they're just using it and if it gets expensive they'll find another impovrished country to bully. Meanwhile jobs are taken away from American workers in their own country. The same country whose taxes fund a legal system, military and police force which allows them to retain their money (be it real estate, investments or liquid cash). The same country were the average guy will have to go fight in a war to protect their business interests at pretty much their own whim. In some of the countries they are using for cheap labor, each executive, owner or investment company has enough in LIQUID cash to feed a city for years, don't tell me that their governments would try hard to find someone who in fact stole their money should it have been placed overseas. This person only got caught because he stole so little and stole from an American bank. If it was the First Bank of Nowhere India, who knows what would have happened. No I don't give a rats ass about the average Indian, but unless India wants to pledge itself as a commonwealth of the US I don't have to. They're on their own. In my opinion US companies should not be allowed to use their labor. Those companies need to stand on their own, and sell their services (properly tariffed) to US companies. The government could then control the cost of living in the US with respect to other places and reduce it slowly, which I think is probably necessary. Watching so much of this contries technical experience get outsourced only makes me wonder if we'll be able to do anything locally in the US in 20 years except make bad music and TV and change bedpans.
  • by scupper (687418) * on Friday April 08, 2005 @12:16PM (#12177765) Homepage
    It's too easy to scapegoat Indian call center workers and saying "I told you so". There have to be far more instances of this taking place stateside in the past. I'm sure banks went into overdrive to spin the media coverage on them. Now, we'll probably see a littany of op-eds from morons at the NY Times eluding to how Indian workers can't be trusted.

    This is a CITIBANK(unnamed bank) problem, not an outsourcing or Indian workforce problem. Citibank is just too big for it's britches and someone in Citibank's NJ HQ probably got a cut of this scam. Bet you'll see it come out in the investigation months from now, and how other banks are investigating stateside workers who are setting up these scams with workers abroad.
  • by Anonymous Coward on Friday April 08, 2005 @12:26PM (#12177871)
    The only difference between what you just described and the western world is in the methods used.
  • by radish (98371) on Friday April 08, 2005 @01:26PM (#12178523) Homepage
    People ask me for money every day as I travel to and from work. A few times a week some company will cold call me and attempt to part me from my money. My inbox is full of spam and phishing emails trying to get me to give away my money - knowingly or otherwise. There are probably people working in the call centers of my bank selling my details to criminals.

    I live in New York, one of the richest cities in the world.
  • Re:Easier to track (Score:1, Insightful)

    by Anonymous Coward on Friday April 08, 2005 @02:33PM (#12179287)
    What makes you think they would have changed their systems? These technologies existed and weren't used then; they are absolutely not using SSL or SSH now. 'Security' is 'achieved' by limiting physical access and only by limiting physical access. "It ain't broke, why fix it?"

What the world *really* needs is a good Automatic Bicycle Sharpener.

Working...