#Shared Service Centers | Explore Tumblr Posts and Blogs

people360 · 4 months

Text

Exploring GCC: How India Became a Hub for Global Captive Centers

In recent years, India has emerged as a prominent destination for Global Captive Centers (GCCs), playing a crucial role in the global business landscape. These centers, established by multinational corporations to handle specific functions or processes in-house, have flourished in India due to various factors such as a skilled workforce, favorable business environment, and cost efficiencies. In this blog post, we delve into the journey of how India became a hub for GCCs and the impact it has had on the country's economy and the global business ecosystem.

Understanding Global Captive Centers (GCCs)

Before delving into India's role in the GCC landscape, let's first understand what GCCs are and why they are significant for multinational corporations (MNCs).

Global Captive Centers in India, also known as Shared Service Centers or Global In-house Centers (GICs), are offshore subsidiaries or divisions established by MNCs to perform specific functions or processes. These centers typically handle activities such as IT services, finance and accounting, human resources, research and development, and customer support, among others. Unlike traditional outsourcing arrangements, where services are contracted to third-party vendors, GCCs operate as extensions of the parent company's operations, leveraging the advantages of in-house talent and control.

The Evolution of India as a GCC Destination

India's journey as a preferred destination for GCCs began in the late 1980s and early 1990s when the country initiated economic reforms and liberalization policies. The availability of a large, skilled English-speaking workforce, coupled with cost advantages, attracted multinational corporations to establish their presence in India. Initially, GCCs in India primarily focused on IT and software development services, catering to the growing demand for technology solutions.

Over the years, India's GCC landscape has evolved significantly, diversifying into various domains beyond IT services. Today, India hosts GCCs across industries such as banking and financial services, healthcare, pharmaceuticals, manufacturing, retail, and telecommunications. These centers have become integral parts of the global operations of many MNCs, driving innovation, efficiency, and value creation.

Factors Contributing to India's Success as a GCC Hub

Several factors have contributed to India's success as a hub for GCCs:

1. Skilled Workforce:

India boasts a large pool of highly educated, skilled professionals across various disciplines, including engineering, technology, finance, and business management. The availability of talent with diverse skill sets and domain expertise has been instrumental in the success of GCCs in India.

2. Cost Efficiency:

Cost arbitrage has been a significant driver for MNCs establishing GCCs in India. While labor costs in India are lower compared to developed countries, the quality of work delivered remains high. This cost advantage allows companies to achieve significant savings without compromising on quality or productivity.

3. Favorable Business Environment:

India's business-friendly policies, supportive regulatory framework, and government incentives for foreign investment have encouraged MNCs to establish GCCs in the country. Initiatives such as the Make in India campaign and Digital India program further promote investment and innovation in key sectors.

4. Infrastructure and Technology:

India's improving infrastructure, including robust telecommunications networks, modern office spaces, and state-of-the-art technology infrastructure, has facilitated the smooth operation of GCCs. Access to advanced technologies and digital platforms enables GCCs to deliver cutting-edge solutions and services to global clients.

5. Proven Track Record:

India's track record as a reliable and trusted partner for global businesses has strengthened its position as a preferred destination for GCCs. Many MNCs have established successful GCCs in India, showcasing the country's capabilities in delivering value-added services and driving business growth.

Impact of GCCs on India's Economy

The growth of GCCs in India has had a significant impact on the country's economy:

1. Job Creation:

GCCs have been major contributors to employment generation in India, providing opportunities for skilled professionals across various sectors. The establishment of GCCs has led to the creation of thousands of direct and indirect jobs, driving economic growth and social development.

2. Skill Development:

GCCs have played a crucial role in upskilling and reskilling India's workforce, contributing to the development of a talent pool equipped with specialized skills and expertise. This has not only enhanced employability but also positioned India as a global talent hub.

3. Foreign Direct Investment (FDI):

The establishment of GCCs has attracted significant foreign direct investment (FDI) inflows into India, bolstering the country's economic growth and stability. MNCs' continued investments in GCCs demonstrate their confidence in India's business environment and growth potential.

4. Knowledge Transfer:

GCCs serve as centers of excellence, facilitating knowledge transfer and technology diffusion from global parent companies to local talent. This exchange of ideas, best practices, and innovation fosters a culture of continuous learning and development within the Indian workforce.

Future Outlook

Looking ahead, India's position as a hub for GCCs is poised to strengthen further. As businesses increasingly prioritize digital transformation, innovation, and agility, GCCs in India will play a pivotal role in driving these initiatives. The convergence of emerging technologies such as artificial intelligence, machine learning, blockchain, and cloud computing will create new opportunities for GCCs to deliver value-added services and solutions to global clients.

Moreover, India's focus on building a conducive ecosystem for entrepreneurship, innovation, and research and development will further enhance its attractiveness as a destination for GCCs. Collaborative partnerships between GCCs, academic institutions, and the government will foster innovation ecosystems and drive sustainable growth.

In conclusion, India's journey as a hub for GCCs is a testament to its resilience, adaptability, and entrepreneurial spirit. With a robust foundation in place and a commitment to excellence, India is well-positioned to lead the way in shaping the future of global business services and driving inclusive growth and prosperity.

As businesses continue to navigate the evolving global landscape, GCCs in India will remain key enablers of innovation, efficiency, and value creation, contributing to India's journey towards becoming a global economic powerhouse.

Source: https://people360d.blogspot.com/2024/06/how-india-became-hub-for-global-captive-centers.html

#GCC #Global Captive Centers #Job Creation #People360D #Shared Service Centers #Skill Development

0 notes

myndsolution1 · 1 year

Text

Five Characteristics of the Best Shared Service Centers

#Shared Service Centers

0 notes

vtimbertiger · 1 year

Text

PSA

If you find injured or sick Native Wild Animals during the summer (or anytime) please please please:

CALL your local Wildlife Center/Rehab and get the animal there ASAP or follow whatever instructions they give you

DO NOT try and rehabilitate the animal yourself

[1] In the United States, (I'm think) it is Federally Illegal to house Native Wildlife for more than 24 hours without a license to do so.

That 24 hours is only there as a grace period to get the animal to a wildlife center/rehab

[2] Centers/Rehabs have the facilities, materials, and knowledge to take care of the animal

Google is not your friend when it comes to wild animal care! Just bring them to a center/rehab.

Also, some centers/rehabs are specialized for either birds, or specific mammal types, so CALL AHEAD to ensure the animal gets to the appropriate center for recovery

[3] If you attempt to rehab a wild animal yourself and then bring them into a center/rehab, unfortunately the longer the animal goes through improper care, the more likely the animal will have to be euthanized

We try our best to treat and rehab every animal that comes in, but sometimes it's not enough

[4] The goal of Wildlife Rehabilitation is releasing, not making them pets. Keep the Wildlife Wild

The less time the spend around people the better off they will be at release. Avoid (baby) talking around the animal to the best of your ability.

Also, I say "native" because non-native animals have to be euthanized; it doesn't matter how little impact they hold on the native environment or how endangered they are as a species (it really fucking sucks)

Unfortunately I do not know if alternatives for endangered non-native wildlife.

#please share this #I am just an intern but ask questions if you have them!#PSA #public service announcement #wildlife #wildlife rehabilitation #animals #wild animals #wildlife centers

26 notes · View notes

boundinparchment · 7 months

Note

YEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAH thank you for continuously bringing us bangers. Punintended. It really was getting a little bit too comfortably peaceful in there. Anyway I love the way you write so much I still read chapters twice over. The characterization,, 👌👌❤️💕👌💕❤️❤️💕👌 I hope you’re having a good day!!

There is a long road ahead in making sure I frame this as I intend because they both care about one another. Musician and Dottore are two sides of the same coin; they always have been and always will be.

They have gotten complacent, though. And we didn’t need a certain banker to show his face for that to happen.

#The question is a matter of: will the center hold? is this more about them as individuals and less about the bond they share?#stay tuned while I rip out my brain and eyes in service of my heart

2 notes · View notes

industryforecastnews · 22 days

Text

Contact Center As A Service Market To Reach USD 17.12 Billion By 2030

Contact Center As A Service Market Growth & Trends

The global contact center as a service market size is expected to reach USD 17.12 billion by 2030, registering a CAGR of 19.1% from 2023 to 2030, according to a new report by Grand View Research, Inc. The market growth can be attributed to the rising adoption of cloud-based contact center services by enterprises to offer better flexibility and customer convenience. Many organizations are adopting Business Intelligence (BI) technology, as it provides them with a holistic view of agent performance and helps measure how they are achieving organizational goals.

Businesses are widely adopting cloud-based contact centers owing to benefits such as reduced integration, support, and IT-related costs, which could help drive the growth of the Contact Center as a Service (CCaaS) market. Moreover, numerous players are developing cloud contact centers to enhance operational functionality and flexibility for users. For instance, in January 2021, Infosys announced the launch of the Infosys Cortex, a customer engagement platform that leverages the technology from Genesys, a cloud contact center solutions provider, along with Contact Center AI and analytics services from Google Cloud.

Numerous CCaaS providers are entering into partnerships with communication companies to deploy contact center software and expand their reach.For instance, in May 2023, BT, a U.K.-based telecommunications provider, and Five9, a leading intelligent CX Platform provider, announced an expanded partnership aimed at offering a wider range of contact center services and solutions to organizations worldwide. As part of this collaboration, BT will now provide the Five9 Intelligent CX Platform as a managed service to both new and existing customers. This offering aims to assist organizations in achieving full digitalization of their workplace by seamlessly integrating with their existing voice, unified communications, digital channels, and Customer Relationship Management (CRM) systems.

The COVID-19 pandemic is expected to have a positive impact on the market. As the pandemic situation continues, cloud-hosted contact centers are gaining more traction as it provides better levels of reliability, availability, and disaster recovery because agents can access the tools they need to perform the job from any place. Moreover, cloud-hosted contact centers provide better workforce elasticity for easily scalable solutions and faster deployment of new capabilities and technology solutions. However, the increasing concerns of data security are expected to hamper the market growth over the forecast period. CCaaS solutions handle huge data volumes and critical financial data of consumers, which could be at risk of malicious attacks.

Request a free sample copy or view report summary: https://www.grandviewresearch.com/industry-analysis/contact-center-as-a-service-market

Contact Center As A Service Market Report Highlights

In terms of solution, the customer collaboration segment is expected to witness the highest Compound Annual Growth Rate (CAGR) over the forecast period. This can be attributed to the rising focus of businesses on offering enhanced customer satisfaction by solving their issues and promptly attending their calls

In terms of service, the managed services segment is likely to register the highest CAGR over the forecast period. The increasing need for monitoring IT operations, data backup and recovery, help desk support, and security is expected to drive the demand for managed services over the forecast period

In terms of enterprise size, the small and medium enterprises segment is likely to register the highest CAGR. Convenient service delivery and the low cost of investment related to CCaaS is boosting its adoption across small & medium enterprises

In terms of end use, the consumer goods and retail segment is expected to provide promising growth opportunities to the marketdue to the increasing focus on enhancing customer experience, improving sales and marketing effectiveness, and enabling seamless omnichannel customer interactions in the highly competitive retail industry

The North American regional market dominated in 2022 and is likely to present promising growth opportunities for the market over the forecast period as well. The Asia Pacific regional market is expected to witness the highest growth owing to the increasing industrial expansion and development in emerging economies of the region

Contact Center As A Service Market Segmentation

Grand View Research has segmented the global contact center as a service market report on the basis of solution, service, enterprise size, end-use, and region:

Contact Center As A Service (CCaaS) Solution Outlook (Revenue, USD Billion, 2017 - 2030)

Automatic Call Distribution

Call Recording

Computer Telephony Integration

Customer Collaboration

Dialer

Interactive Voice Response

Reporting & Analytics

Workforce Optimization

Others

Contact Center As A Service (CCaaS) Outlook (Revenue, USD Billion, 2017 - 2030)

Integration & Deployment

Support & Maintenance

Training & Consulting

Managed Services

Contact Center As A Service (CCaaS) Enterprise Size Outlook (Revenue, USD Billion, 2017 - 2030)

Large Enterprises

Small & Medium Enterprises

Contact Center As A Service (CCaaS) End-use Outlook (Revenue, USD Billion, 2017 - 2030)

BFSI

Consumer Goods & Retail

Government

Healthcare

IT & Telecom

Travel & Hospitality

Others

Contact Center As A Service (CCaaS) Regional Outlook (Revenue, USD Billion, 2017 - 2030)

North America

U.S.

Canada

Europe

Germany

France

Asia Pacific

China

India

Japan

South Korea

Australia

Latin America

Brazil

Mexico

Middle East & Africa

Kingdom of Saudi Arabia (KSA)

UAE

South Africa

List of Key Players in Contact Center As A Service Market

Alcatel Lucent Enterprise

Avaya, Inc.

Cisco Systems, Inc.

Enghouse Interactive Inc.

Five9, Inc.

Genesys

Microsoft Corporation

NICE inContact

SAP SE

Unify Inc.

Browse Full Report: https://www.grandviewresearch.com/industry-analysis/contact-center-as-a-service-market

#Contact Center As A Service Market #Contact Center As A Service Market Size #Contact Center As A Service Market Share #Contact Center As A Service Market Trends

0 notes

renegadepack · 2 months

Text

if anyone has any advice on finding a job please help im struggling so bad rn

#aaron’s sharing #i have customer service background #but don’t really wanna do that anymore #but only think i won’t do at this point is a call center lmao

1 note · View note

nexdigm · 3 months

Text

Global Shared Services & Capability Centers | Nexdigm Business Process Management

https://www.nexdigm.com/services/business-services/business-process-management/shared-services/

Optimize your operations with Nexdigm's Global Shared Services and Capability Centers. Our Business Process Management solutions enhance efficiency, reduce costs, and provide strategic value. Discover the benefits of partnering with a global capability center.

#global shared services #global capability center #gcc global capability center

0 notes

harshtechsworld · 4 months

Link

#shared services center industry #Shared Services Center Market #Shared Services Center Market Share #Shared Services Center Market Size

0 notes

smsgatewayindia · 4 months

Text

Unlock the Full Potential of WhatsApp Business API with These 5 Expert Tips

One powerful tool that has gained significant traction is the WhatsApp Business API. Designed to help businesses connect with customers efficiently, the API offers a plethora of features that can transform customer service and communication strategies.

#SMS Gateway Center #WhatsApp Business API #customer service automation #chatbots for business #message templates #shared team inbox #CRM integration #personalized customer communication #interactive buttons #customer engagement strategies #digital customer service #business communication tools #improve customer satisfaction #enhance customer experience #efficient customer support #streamline business operations

0 notes

mitalipingale · 4 months

Text

https://justpaste.it/7yh50

The Patient-Centered Medical Home Services Market in 2023 is US$ 18.18 billion, and is expected to reach US$ 58.88 billion by 2031 at a CAGR of 15.80%.

#Patient-Centered Medical Home Services Market #Patient-Centered Medical Home Services Market Share #Patient-Centered Medical Home Services Market Scope

0 notes

zcoordinate · 5 months

Text

Is an offshore captive center the right choice for your business? Explore our comprehensive guide to understand the benefits and considerations. ZCoordinate Solutions offers tailored strategies for establishing and managing offshore captive centers, ensuring cost-effectiveness and operational efficiency. Dive into our guide to make informed decisions and unlock offshore success.

#global captive center in india #captive center model #operating cost management in india #captive business services #bpo services in india #set up subsidiary unit in india #subsidiary in india #market analysis company in india #global capability center (gcc)#virtual captive unit in india #Captive Services & Shared Service Centre #setting up bpo business in india #Formation Consultants in India #Vendor Management Services in India

0 notes

myndsolution1 · 28 days

Text

AI Capabilities: Empowering Finance with Man & Machine Partnerships - Powered by MYND Solution

Discover how MYND Solution is revolutionizing finance through AI-driven partnerships between man and machine. From finance and accounting outsourcing services to BPM solutions and shared services centers, MYND Solution offers cutting-edge technology that enhances efficiency and accuracy across all finance functions. Explore our comprehensive range of services tailored for finance outsourcing companies and shared services centers.

#finance solution #finance and accounting outsourcing services #finance and accounting outsourcing companies #finance and accounting outsourcing #finance shared services center #MYND Solution

0 notes

determinate-negation · 1 month

Text

important edit!

UPDATE 9/4/2024: we will be closing down the old campaign because mohamed was having issues with the guy hosting it. i'm hosting a new campaign which i am linking below. THIS IS THE UPDATED LINK.

(this is a verified campaign and is 192 on the vetted fundraiser sheet)

mohammed @save-mohamed-family has been trying to raise money to save his family for a while on tumblr, and he raised a significant amount of money but the bank his beneficiary was using abruptly shut his account down and he lost all his progress. a lot of banks and money services have been arbitrarily freezing or shutting down the money palestinians are raising to survive this genocide, which is just an additional injustice for people already suffering so much. mohammed has since opened a new gofundme but its made very little progress.

please donate to this campaign– especially if youve donated in the past because gofundme will have refunded you

mohammed already lost his mother, father, and four sisters in the war who were killed in a bombing, and is now living in tents with his remaining family members. he was seriously injured in his foot and it may need to be amputated, but he told me that hes doesn't care if he loses his foot, he just doesn't want to lose his wife and children. his wife has uterine cancer but hasn't been able to get treatment because the genocidal israeli army has destroyed health centers. his children are suffering from infectious diseases spreading throughout gaza. there is practically no medical treatment or medicine available in gaza and the massacres continue everyday. food and water is scarce and priced exorbitantly. mohammed has made posts on his blog about their situation and i do encourage you to read his own words too.

please dont be desensitized to this just because it's been going on for so long. put yourself in his shoes and think about how you would feel– after nearly a year of the most destructive bombing campaign in history, living in hunger and pain every second with no home, no running water, no sanitation, not having a moment of security, subject to arbitrary decisions from an occupying force. no one should have to live like this.

the pain of losing so many family members, your home, your job, and everything you have is already unimaginable. please dont let him lose any more of his family. donate to this campaign and if you cant, share it with someone who can.

especially if you have a degree of disposable income i implore you to think about what you can reasonably give. it could be relatively small adjustment for you but make a significant difference for someone else.

#mine #gfm

5K notes · View notes

mostlysignssomeportents · 8 months

Text

How I got scammed

If you'd like an essay-formatted version of this post to read or share, here's a link to it on pluralistic.net, my surveillance-free, ad-free, tracker-free blog:

https://pluralistic.net/2024/02/05/cyber-dunning-kruger/#swiss-cheese-security

I wuz robbed.

More specifically, I was tricked by a phone-phisher pretending to be from my bank, and he convinced me to hand over my credit-card number, then did $8,000+ worth of fraud with it before I figured out what happened. And then he tried to do it again, a week later!

Here's what happened. Over the Christmas holiday, I traveled to New Orleans. The day we landed, I hit a Chase ATM in the French Quarter for some cash, but the machine declined the transaction. Later in the day, we passed a little credit-union's ATM and I used that one instead (I bank with a one-branch credit union and generally there's no fee to use another CU's ATM).

A couple days later, I got a call from my credit union. It was a weekend, during the holiday, and the guy who called was obviously working for my little CU's after-hours fraud contractor. I'd dealt with these folks before – they service a ton of little credit unions, and generally the call quality isn't great and the staff will often make mistakes like mispronouncing my credit union's name.

That's what happened here – the guy was on a terrible VOIP line and I had to ask him to readjust his mic before I could even understand him. He mispronounced my bank's name and then asked if I'd attempted to spend $1,000 at an Apple Store in NYC that day. No, I said, and groaned inwardly. What a pain in the ass. Obviously, I'd had my ATM card skimmed – either at the Chase ATM (maybe that was why the transaction failed), or at the other credit union's ATM (it had been a very cheap looking system).

I told the guy to block my card and we started going through the tedious business of running through recent transactions, verifying my identity, and so on. It dragged on and on. These were my last hours in New Orleans, and I'd left my family at home and gone out to see some of the pre-Mardi Gras krewe celebrations and get a muffalata, and I could tell that I was going to run out of time before I finished talking to this guy.

"Look," I said, "you've got all my details, you've frozen the card. I gotta go home and meet my family and head to the airport. I'll call you back on the after-hours number once I'm through security, all right?"

He was frustrated, but that was his problem. I hung up, got my sandwich, went to the airport, and we checked in. It was total chaos: an Alaska Air 737 Max had just lost its door-plug in mid-air and every Max in every airline's fleet had been grounded, so the check in was crammed with people trying to rebook. We got through to the gate and I sat down to call the CU's after-hours line. The person on the other end told me that she could only handle lost and stolen cards, not fraud, and given that I'd already frozen the card, I should just drop by the branch on Monday to get a new card.

We flew home, and later the next day, I logged into my account and made a list of all the fraudulent transactions and printed them out, and on Monday morning, I drove to the bank to deal with all the paperwork. The folks at the CU were even more pissed than I was. The fraud that run up to more than $8,000, and if Visa refused to take it out of the merchants where the card had been used, my little credit union would have to eat the loss.

I agreed and commiserated. I also pointed out that their outsource, after-hours fraud center bore some blame here: I'd canceled the card on Saturday but most of the fraud had taken place on Sunday. Something had gone wrong.

One cool thing about banking at a tiny credit-union is that you end up talking to people who have actual authority, responsibility and agency. It turned out the the woman who was processing my fraud paperwork was a VP, and she decided to look into it. A few minutes later she came back and told me that the fraud center had no record of having called me on Saturday.

"That was the fraudster," she said.

Oh, shit. I frantically rewound my conversation, trying to figure out if this could possibly be true. I hadn't given him anything apart from some very anodyne info, like what city I live in (which is in my Wikipedia entry), my date of birth (ditto), and the last four digits of my card.

Wait a sec.

He hadn't asked for the last four digits. He'd asked for the last seven digits. At the time, I'd found that very frustrating, but now – "The first nine digits are the same for every card you issue, right?" I asked the VP.

I'd given him my entire card number.

Goddammit.

The thing is, I know a lot about fraud. I'm writing an entire series of novels about this kind of scam:

https://us.macmillan.com/books/9781250865878/thebezzle

And most summers, I go to Defcon, and I always go to the "social engineering" competitions where an audience listens as a hacker in a soundproof booth cold-calls merchants (with the owner's permission) and tries to con whoever answers the phone into giving up important information.

But I'd been conned.

Now look, I knew I could be conned. I'd been conned before, 13 years ago, by a Twitter worm that successfully phished out of my password via DM:

https://locusmag.com/2010/05/cory-doctorow-persistence-pays-parasites/

That scam had required a miracle of timing. It started the day before, when I'd reset my phone to factory defaults and reinstalled all my apps. That same day, I'd published two big online features that a lot of people were talking about. The next morning, we were late getting out of the house, so by the time my wife and I dropped the kid at daycare and went to the coffee shop, it had a long line. Rather than wait in line with me, my wife sat down to read a newspaper, and so I pulled out my phone and found a Twitter DM from a friend asking "is this you?" with a URL.

Assuming this was something to do with those articles I'd published the day before, I clicked the link and got prompted for my Twitter login again. This had been happening all day because I'd done that mobile reinstall the day before and all my stored passwords had been wiped. I entered it but the page timed out. By that time, the coffees were ready. We sat and chatted for a bit, then went our own ways.

I was on my way to the office when I checked my phone again. I had a whole string of DMs from other friends. Each one read "is this you?" and had a URL.

Oh, shit, I'd been phished.

If I hadn't reinstalled my mobile OS the day before. If I hadn't published a pair of big articles the day before. If we hadn't been late getting out the door. If we had been a little more late getting out the door (so that I'd have seen the multiple DMs, which would have tipped me off).

There's a name for this in security circles: "Swiss-cheese security." Imagine multiple slices of Swiss cheese all stacked up, the holes in one slice blocked by the slice below it. All the slices move around and every now and again, a hole opens up that goes all the way through the stack. Zap!

The fraudster who tricked me out of my credit card number had Swiss cheese security on his side. Yes, he spoofed my bank's caller ID, but that wouldn't have been enough to fool me if I hadn't been on vacation, having just used a pair of dodgy ATMs, in a hurry and distracted. If the 737 Max disaster hadn't happened that day and I'd had more time at the gate, I'd have called my bank back. If my bank didn't use a slightly crappy outsource/out-of-hours fraud center that I'd already had sub-par experiences with. If, if, if.

The next Friday night, at 5:30PM, the fraudster called me back, pretending to be the bank's after-hours center. He told me my card had been compromised again. But: I hadn't removed my card from my wallet since I'd had it replaced. Also, it was half an hour after the bank closed for the long weekend, a very fraud-friendly time. And when I told him I'd call him back and asked for the after-hours fraud number, he got very threatening and warned me that because I'd now been notified about the fraud that any losses the bank suffered after I hung up the phone without completing the fraud protocol would be billed to me. I hung up on him. He called me back immediately. I hung up on him again and put my phone into do-not-disturb.

The following Tuesday, I called my bank and spoke to their head of risk-management. I went through everything I'd figured out about the fraudsters, and she told me that credit unions across America were being hit by this scam, by fraudsters who somehow knew CU customers' phone numbers and names, and which CU they banked at. This was key: my phone number is a reasonably well-kept secret. You can get it by spending money with Equifax or another nonconsensual doxing giant, but you can't just google it or get it at any of the free services. The fact that the fraudsters knew where I banked, knew my name, and had my phone number had really caused me to let down my guard.

The risk management person and I talked about how the credit union could mitigate this attack: for example, by better-training the after-hours card-loss staff to be on the alert for calls from people who had been contacted about supposed card fraud. We also went through the confusing phone-menu that had funneled me to the wrong department when I called in, and worked through alternate wording for the menu system that would be clearer (this is the best part about banking with a small CU – you can talk directly to the responsible person and have a productive discussion!). I even convinced her to buy a ticket to next summer's Defcon to attend the social engineering competitions.

There's a leak somewhere in the CU systems' supply chain. Maybe it's Zelle, or the small number of corresponding banks that CUs rely on for SWIFT transaction forwarding. Maybe it's even those after-hours fraud/card-loss centers. But all across the USA, CU customers are getting calls with spoofed caller IDs from fraudsters who know their registered phone numbers and where they bank.

I've been mulling this over for most of a month now, and one thing has really been eating at me: the way that AI is going to make this kind of problem much worse.

Not because AI is going to commit fraud, though.

One of the truest things I know about AI is: "we're nowhere near a place where bots can steal your job, we're certainly at the point where your boss can be suckered into firing you and replacing you with a bot that fails at doing your job":

https://pluralistic.net/2024/01/15/passive-income-brainworms/#four-hour-work-week

I trusted this fraudster specifically because I knew that the outsource, out-of-hours contractors my bank uses have crummy headsets, don't know how to pronounce my bank's name, and have long-ass, tedious, and pointless standardized questionnaires they run through when taking fraud reports. All of this created cover for the fraudster, whose plausibility was enhanced by the rough edges in his pitch - they didn't raise red flags.

As this kind of fraud reporting and fraud contacting is increasingly outsourced to AI, bank customers will be conditioned to dealing with semi-automated systems that make stupid mistakes, force you to repeat yourself, ask you questions they should already know the answers to, and so on. In other words, AI will groom bank customers to be phishing victims.

This is a mistake the finance sector keeps making. 15 years ago, Ben Laurie excoriated the UK banks for their "Verified By Visa" system, which validated credit card transactions by taking users to a third party site and requiring them to re-enter parts of their password there:

https://web.archive.org/web/20090331094020/http://www.links.org/?p=591

This is exactly how a phishing attack works. As Laurie pointed out, this was the banks training their customers to be phished.

I came close to getting phished again today, as it happens. I got back from Berlin on Friday and my suitcase was damaged in transit. I've been dealing with the airline, which means I've really been dealing with their third-party, outsource luggage-damage service. They have a terrible website, their emails are incoherent, and they officiously demand the same information over and over again.

This morning, I got a scam email asking me for more information to complete my damaged luggage claim. It was a terrible email, from a noreply@ email address, and it was vague, officious, and dishearteningly bureaucratic. For just a moment, my finger hovered over the phishing link, and then I looked a little closer.

On any other day, it wouldn't have had a chance. Today – right after I had my luggage wrecked, while I'm still jetlagged, and after days of dealing with my airline's terrible outsource partner – it almost worked.

So much fraud is a Swiss-cheese attack, and while companies can't close all the holes, they can stop creating new ones.

Meanwhile, I'll continue to post about it whenever I get scammed. I find the inner workings of scams to be fascinating, and it's also important to remind people that everyone is vulnerable sometimes, and scammers are willing to try endless variations until an attack lands at just the right place, at just the right time, in just the right way. If you think you can't get scammed, that makes you especially vulnerable:

https://pluralistic.net/2023/02/24/passive-income/#swiss-cheese-security

Image: Cryteria (modified) https://commons.wikimedia.org/wiki/File:HAL9000.svg

CC BY 3.0 https://creativecommons.org/licenses/by/3.0/deed.en

#pluralistic #social engineering #phishing #ai #swiss cheese security #infosec #finance #fraud #carding

10K notes · View notes