Saturday, June 21, 2025
Latest:
News

Hackers Target Outsourced Call Centres, Fueling Wave of Retail Disruptions and $400 Million Crypto Heist

HackAcademy

A surge of cyber-attacks aimed at low-paid tech-support workers is exposing cracks in corporate defenses and costing U.S. companies—especially cryptocurrency exchanges—hundreds of millions of dollars.

Outsourced Support Becomes the Soft Underbelly

Recent breaches show attackers are pivoting from hardened corporate servers to the outsourced call centers that many firms use to trim labor costs. By bribing or impersonating frontline agents, criminals have bypassed two-factor authentication (2FA), siphoned sensitive data, and disrupted point-of-sale systems at major retailers in both the U.S. and U.K.

“These people are in a position of poverty more often than not,” said Isaac Schloss, chief product officer at Contact Center Compliance. “If the right opportunity comes along, some will look the other way.”

Retailers Feel the Pain

Security researchers say hackers posing as senior executives recently tricked support teams for Marks & Spencer and Harrods into granting network access, echoing the social-engineering playbook used against MGM Resorts in 2023. The intrusions temporarily crippled inventory and payment systems, leading to lost sales and customer frustration.

Coinbase Hit for up to $400 Million

Cryptocurrency exchange Coinbase Global may suffer the steepest losses. Investigators say threat actors bribed Indian call-center workers employed by outsourcing firm TaskUs to obtain personal data on roughly 97,000 customers. Armed with names, balances, and partial bank details, the criminals phoned users, posed as Coinbase staff, and guided them into phishing portals that drained wallets of digital currency.

  • Coinbase has pledged to reimburse victims, a liability that could reach $400 million.

  • TaskUs has cut ties with the implicated call center in Indore and laid off 226 workers; two employees were fired for fraud.

  • Attackers offered insiders an initial US $2,500 for screenshots, then escalated to installing data-scraping malware via a Chrome-extension vulnerability.

Human Weakness Over Tech Barriers

Philip Martin, Coinbase’s chief security officer, says weak legal deterrents in some outsourcing hubs leave room for repeat offenders. Even when workers are fired, “it’s relatively straightforward for them to get a new job,” he noted.

The episode underscores a broader industry problem: companies are spending billions on firewalls and AI-powered threat detection, yet hackers still exploit human vulnerabilities. “Consistently, the human interaction has proven to be a weak link,” said Michael McPherson, senior vice president at ReliaQuest.

How the Scams Work

  1. Research and Recon – Criminals buy breached data sets to identify high-value targets and insider employees.

  2. Bribery or Impersonation – Attackers approach call-center staff via Telegram or social media, offering cash for account access or posing as C-suite executives in urgent need of “support.”

  3. Data Harvest – Even limited access lets attackers view authentication methods, recent transactions, and partial account numbers—enough to socially engineer customers.

  4. 2FA Circumvention – By calling victims and citing recent activity, hackers persuade them to give up one-time passcodes or direct them to phishing sites.

  5. Cash-Out – In retail cases, intruders place fraudulent orders or disable checkout systems; in crypto attacks, they move digital assets to untraceable wallets within minutes.

What Companies Can Do Now

  • Strengthen Insider-Risk Programs – Background checks, behavior analytics, and rotation of high-privilege tasks can deter bribery.

  • Deploy True Phishing-Resistant MFA – Hardware security keys and push-notification confirmation add layers that are harder to social-engineer.

  • Segment Call-Center Access – Limit the amount of customer data any single agent can view and monitor for screenshot or export attempts.

  • Run Social-Engineering Drills – Simulated vishing (voice phishing) tests teach agents to verify executive requests via out-of-band channels.

  • Enforce Browser Hygiene – Vet and lock down third-party extensions on support desktops.

The Bottom Line

As corporate networks grow more secure, attackers are reverting to psychology and economic leverage—buying loyalty from underpaid support agents and weaponizing trust. Until companies treat human-factor security with the same rigor as technical controls, experts warn that the help desk will remain a lucrative back door for cyber-criminals worldwide.

Photo Credit: DepositPhotos.com

Leave a Reply

Your email address will not be published. Required fields are marked *