BPO workers cash in with new gift certificate fraud scheme
Operators working to put stricter measures in place to counter problem
Allison* had always dreamed of escaping the hopelessness of her small rural community, which has remained firmly in the clutches of poverty through generations.
Opportunities for a better life were a distant dream, but her lifeline came when she was hired by a business process outsourcing (BPO) firm.
She planned to take up the job in the sector as a stopgap until better came, but she soon discovered that it was a career choice for many who decide to make use of the many opportunities to develop themselves.
But Allison was torn between her desire for a quick route to a better life and her moral compass, knowing that years of study or waiting for a promotion would only prolong her current status.
Unsettling rumours were circulating among her colleagues. Whispers of a new game swept the call centre with the use of insider knowledge to exploit vulnerable targets.
She knew it was wrong, but the temptation was too great, and she soon ventured into the murky waters of lottery scamming, at first providing personal information to the scammers for a price, but her involvement soon deepened as the allure of wealth blinded the greedy to the devastating consequences.
WORK-FROM-HOME A PLUS
The work-from-home arrangement was introduced in the BPO industry – or global services sector – with support from the Government during the COVID-19 pandemic but became a permanent solution at the start of this year.
Under the policy, sector players should have 70 per cent of staff work from the offices and 30 per cent from home, but some operators are now pushing to reduce the numbers working from home, citing lower productivity rates and acts of fraud among the reasons.
In the early stages of the work-from-home arrangement, productivity was said to have increased as workers no longer struggled with commuting. The operators also realised significant savings in operational costs.
Allison’s experience made her an automatic pick to work from home, but also placed hundreds of customer data in her hands.
“I am on the warranty team of a sales account at my company, and we offer gift cards to dissatisfied customers,” she told The Sunday Gleaner, revealing that agents often cash in or sell gift cards given to them by their employers instead of distributing them to appease disgruntled clients as intended.
“The gift card rewards range from five to 50 per cent and US$10 to US$400,” she added.
According to Allison, a Microsoft Excel file is shared among a team of about 200 agents, but she has kept most of her loot for herself.
“It is unfair for my company to negotiate with the client for US$11 per hour for each worker, but only pay us J$250 per hour,” she said. “No one can live off J$250 an hour, and it is worse if you are working on a night shift.”
She normally uses gift cards to purchase items for herself and her relatives. There is also a thriving underground market locally and in the US, where in a good month, she can rake in close to J$4 million for the gift cards with a total value of US$10,000.
“I can choose not to sell to others, and instead buy a new VPN and place orders under different names and emails,” she said when quizzed on how she is able to make the purchases without triggering a red flag.
At her home, the company’s devices are placed on a centre table, with the screens in full view of everyone. No site visit was done before the equipment was assigned to her.
CLIENTS TOO WILLING TO SHARE
Another BPO worker living in the same community but employed by a different firm told The Sunday Gleaner that no site visit was done at her home either, but her company has a system in place that monitors the use of the assigned devices.
The equipment was situated in an isolated area in her home, out of the view of everyone else. All the members of her household are aware that it is a restricted area.
Yet another worker, who works on a finance account for a major player in the sector, argued that some clients are too willing to reveal sensitive information, sometimes insisting that agents make transactions on their behalf. This makes it easy for them to get ripped off, he told The Sunday Gleaner.
“They sometimes insist on giving their personal information, and as the agent, you have to constantly inform them that it is against company policy and for their own good,” he said. “They will be scammed because they are careless with their information, so a dishonest agent will capitalise on that opportunity.”
“Links are always available for you to sell information, and because the cost of living is so high, and the salary for floor agents is so low, many will be tempted, but you have to determine if you want to risk everything and lose your freedom,” he offered.
Other popular means being used to capture data are smartwatches or spy cameras.
FRAUD COSTING THE SECTOR MILLIONS
A reliable source in the BPO sector told The Sunday Gleaner that fraud costs the industry more than US$50 million in revenue annually.
In the early days of the local BPO sector when data security protocols were far less stringent, clients’ personal information – ranging from financial records to social security numbers – became fair game for unscrupulous employees and their associates to enrich themselves.
Montego Bay soon became the epicentre for the lottery scam or advance-fee fraud, which raked in more than $300 million annually to the underground economy. The BPO sector was considered the leading feeder for scammers to acquire the lead sheets or lists with the personal data of unsuspecting victims, mainly elderly Americans.
Although scores of players have been collared by local and international law enforcement teams, the illicit activities continue.
SECURITY DEPENDS ON STRENGTH OF SYSTEMS
According to Anand Biradar, president of the Global Services Association of Jamaica, the strength of a system depends on how robust a company and its clients’ infrastructure are.
“Mostly, they are safe, but there could be vulnerabilities,” he said, pointing out that most BPOs do site visits before entering into work-from-home arrangements with staff.
Biradar said that while such arrangements will continue, it will be on a lesser scale, with more than 80 per cent of tasks being done from the company sites. But he refused to comment on the value of loss to the sector.
“Majority of the systems use masking technology [to not show financial information] and automated financial information capture (IVR),” he told The Sunday Gleaner. “In some instances, cameras are installed, while home audits are conducted frequently.”
Systems are also in place to block features like screen capture, and the copy and paste function, while USB access is normally disabled.
With millions of investment dollars at stake, outsourcing operators in Jamaica have had to work hard to retain the contracts of major overseas companies, instituting a raft of strict security measures to protect data, including subjecting staff to searches on entering or leaving the premises. Outcries of violations of the rights of the workers were quickly rebutted by operators, who charged that unconventional measures were necessary to counter the increase in scamming.
Biradar is only aware of one incident of fraud currently before the local criminal court, but said a solution to ensure stricter background checks for potential workers in the industry is on the way.