A new technique by scammers has prompted calls by authorities to request that businesses not store personal client data all in one place.
The Criminal Investigation Bureau said there has been a growing incidence of scammers calling customers who made online or TV purchases pretending to be from the company from which the product was purchased.
The scammers would claim that an installment payment method had been activated by mistake and ask the client to use an ATM to correct the matter. Clients would then be asked to make the payment in full into an account controlled by the scammers.
The bureau said ATMs only have deposit, withdrawal and fund-transfer functions and do not offer any function to set or disable payment by installments.
One way to stop such scamming would be for businesses to divide storage of customer information, they said.
The bureau also said dividing customer information would involve only giving part of the client’s name, contact information and address to the logistics company, while withholding information such as the type, quantity and price of the merchandise purchased.
The bureau said such a method would limit client data that can be accessed by scammers and also reduce the impact of accidental leaks by companies when hackers break into their computer systems.
The ability of scammers to completely deceive customers was a sign they had full access to client information, the bureau said, adding that the information was probably acquired by hackers, who then sold the data to scam rings.
The bureau said it has assisted businesses with information safety checks and found that three businesses were found to have Trojan viruses in their computer systems.