Four months ago, a team of top officials representing software giant Microsoft Corporation (India) Private Limited in different countries met Gurugram police to report a global fraud which had been hurting the company.

According to the police officials privy to the matter, teams from Singapore and Ireland gave a detailed PowerPoint presentation at Gurugram police commissioner’s office. The meeting was attended by officers from the cyber crime team and officials of police station concerned. The police officers were told how a string of call centres were duping people from across 15 countries in the name of the company. The police was informed that some of these call centres were operating out of Udyog Vihar and Sector 18 industrial area.

The city police launched investigation into the complaint and used data provided by the company. Officials privy to the matter said help was also taken from retired officials of intelligence agencies, who have experience in handling such matters.

“We were already handling some cases in which call centre operators had duped citizens of different countries. They were operating out of small rooms in different areas of the city,” said Shamsher Singh, assistant commissioner of police (crime).

Besides Gurugram and Noida police, international investigating agencies — Federal Bureau of Investigation of the US, Royal Canadian Mounted police (RCMP) and the Interpol — are involved in the investigation.

All this while the Gurugram police remained in regular touch with Microsoft officials. After a preliminary inquiry into the facts of the complaint, the police formed eight teams consisting of 40 technical experts and 50 city police officials. The teams raided eight locations and arrested 15 people late night on November 27. The same day a formal FIR was also registered by Microsoft Corporation.

As per the complaint, the accused purchased data of foreign citizens through online agents or from Delhi-based vendors. The police are trying to identify these vendors.

“They used the to hack the systems and send across a pop-up (notification), saying that their system was either infected with a virus or malware. The notification contained a contact number and once the user got in touch with the accused, they would claim to be from the Microsoft technical support team and charge the customers for making their system virus free,” said Singh. The users were also prompted to install an application, a bug which gave the hackers access to the users computer system. Each user was charged from 100 to 1,000 US dollars for the service.

Police said that a ‘brokers list’ was also retrieved, but no conclusive evidence had come forth that money taken from users was transmitted by the call centres via ‘hawala’ channels.

“The money extorted from users and customers gets transmitted through hawala and used in other illegal activities around the world,” the complainant had alleged in nine FIR’s registered in Gurugram police stations.

The investigation also revealed that in some cases the frauds used to transfer money through gift card vouchers and later converted into dollars through an illegal process, said police. The details are being verified and corroborated against statements of the arrested accused.

The servers and other technical gadgets seized from the call centres are being sent to forensic laboratories for analysis of the data. Some of the accused also had a valid license to operate a call centre but were found to be misusing the name of a I-T prominent company to dupe the users, the police said.

“By getting remote access to victims’ computers, the accused stole data, identity and transmitted viruses to users’ systems,” Microsoft had said in its complaint.

However, some accused, who have been released on bail, said that there was no evidence against them and that they had been arrested on basis of a complaint by Microsoft Corporation. They said all the cases registered have the same content. “We have all the licenses required to run a call centre. The police could not even justify why they had arrested us and we were bailed out the next day. If we were frauds, then why didn’t the police took our remand and investigated the case,” said one of the accused, on condition of anonymity.

The lawyer of the accused also said that the complainant company’s officials also participated in the raids, which is against the rules. “How can a complainant check the computers and servers. My client has proper license to operate a call centre and all licenses are already in place. No evidence has been found and still people were arrested,” said Vishal Gupta, counsel of the accused.

The police denied the allegations and said the Microsoft team had extended support to them as they needed technical assistance in such cases .“They are technically more sound and had the experts team to crack these set-ups who were duping foreign citizens, especially Canadians and Americans, on the pretext of providing them loans, technical support or others,” said Singh.

Courtney Gregoire, assistant general counsel – Corporate, External and Legal Affairs(CELA), Microsoft Corporation, said, “Protecting the public and building trust in technology and internet is a top priority for Microsoft. We are committed to working with trade bodies such as NASSCOM, relevant government ministries, and law enforcement authorities, to safeguard the interests of the Indian IT industry, and educate and protect the public against such deceptive cybercrimes.”

First Published: Dec 03, 2018 13:39 IST