Search This Blog
Powered by Blogger.

Blog Archive

Labels

About Me

Load More
Trendy Right Now

Popular Posts

Showing posts with label tech support cybercrime. Show all posts
tech support cybercrime
call center security breach Coinbase data hack Data Breach hackers target call centers insider threat cybersecurity outsourced support risks tech support cybercrime

Hackers Exploit Low-Paid Tech Support Workers to Breach Major Companies, Steal Customer Data

 

As more companies turn to outsourced tech support to save money, the risks tied to these operations are becoming increasingly evident. The dangers aren’t solely technical anymore; they also stem from the individuals operating behind the screens, who are often under financial strain and targeted by increasingly sophisticated cybercriminals.

Hackers are weaponizing outsourced tech support teams and call centers—the very services meant to assist customers—as tools for large-scale cybercrime. Recent breaches in the US and UK illustrate a worrying trend: attackers manipulating the human side of support operations to slip past advanced security protocols and seize sensitive data.

In one of the most impactful incidents so far, criminals infiltrated overseas call centers serving prominent American companies, including the cryptocurrency platform Coinbase. While attackers used different tactics, they shared a common strategy: exploiting the access held by low-level support staff, who frequently earn low wages despite handling confidential customer details.

According to Coinbase, hackers bribed customer support agents employed by TaskUs and other help desk providers, offering payments upwards of $2,500 to secure insider assistance. "You're working with a low-paid labor market," Isaac Schloss, chief product officer at Contact Center Compliance, told the Wall Street Journal. "These people are in a position of poverty more often than not. So if the right opportunity comes for the right person, people are willing to look the other way."

The fallout was severe. At Coinbase, the breach affected data from as many as 97,000 customers and could result in reimbursement costs nearing $400 million. Using the stolen details, attackers impersonated legitimate Coinbase representatives, contacting victims about their accounts and persuading them to transfer cryptocurrency into criminal-controlled wallets. "Every other day a new case would come in, and it would be, 'I got called by Coinbase, and I lost all my money because it wasn't Coinbase,'" Josh Cooper-Duckett, director of investigations at Cryptoforensic Investigators, told the publication.

These tactics are not confined to the crypto industry. In the UK, hackers have also targeted major retailers such as Marks & Spencer and Harrods, pretending to be senior executives to pressure tech-support staff into granting access to internal systems—a method resembling the 2023 MGM Resorts breach.

Beyond bribery, call center vulnerabilities include malicious software planted to siphon off data in large volumes. In some cases, hackers persuaded insiders to describe the applications installed on their systems, ultimately identifying a browser extension with a flaw they could exploit. This allowed them to inject code and harvest extensive customer records.

The cross-border nature of outsourcing complicates accountability. In many regions, workers face minimal legal penalties for helping enable cyberattacks. "We've seen relatively limited consequences, in those regions, for perpetrators," Philip Martin, Coinbase's chief security officer, said. Even when employees are terminated, "It's a relatively straightforward thing for them to go get a new one," he noted.

Despite businesses investing billions in sophisticated cybersecurity tools, hackers persistently capitalize on the most fragile element: people. "Consistently, the human interaction has proven to be a weak link," Michael McPherson, a senior vice president at cybersecurity firm ReliaQuest, said.
Read more »
Subscribe to: Posts (Atom)