Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Vulnerabilities / Threats

4/19/2019
12:50 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Indian National Extradited to United States to Face Charges for Leadership Role in Multimillion Dollar India-Based Call Center Scam Targeting U.S. Victims

An Indian national has been extradited to the United States from Singapore to face charges related to his role as an operator of a call center network that targeted U.S victims.  The massive India-based telephone impersonation fraud and money laundering conspiracy defrauded thousands of U.S. residents out of hundreds of millions of dollars.

Assistant Attorney General Brian A. Benczkowski of the Justice Department’s Criminal Division, U.S. Attorney Ryan K. Patrick of the Southern District of Texas, Executive Associate Director Derek N. Benner of U.S. Immigration and Customs Enforcement’s (ICE) Homeland Security Investigations (HSI), Inspector General J. Russell George of the U.S. Treasury Inspector General for Tax Administration (TIGTA) and Acting Inspector General John Kelly of the U.S. Department of Homeland Security (DHS) Office of Inspector General (OIG) made the announcement today.

Hitesh Madhubhai Patel, 42, of Ahmedabad, India, arrived in the United States and is scheduled to be arraigned today before a U.S. magistrate judge in federal court in Houston, Texas.  The indictment, which was unsealed in October 2016, charged Patel and 60 other individuals and entities with general conspiracy, wire fraud conspiracy and money laundering conspiracy.  The case is assigned to the Honorable David Hittner of the Southern District of Texas.

“Hitesh Patel operated a call center that allegedly preyed upon vulnerable U.S. citizens as part of a massive fraud scheme,” said Assistant Attorney General Benczkowski.  “This extradition once again demonstrates the Department’s unwavering commitment to disrupt and dismantle the India-based call center scam industry and to work with our foreign partners to hold accountable those who perpetrate schemes that defraud our citizens.  I especially would like to thank our Singaporean colleagues for their excellent cooperation with this extradition and their commitment to combatting transnational organized crime.”

“I cannot compliment enough the hard work and effort put into this case by the agents, analysts and attorneys of the many agencies involved,” said U.S. Attorney Patrick.  “Large complex international cases like these often take years to bring in foreign-based defendants.  I applaud our global partners in helping bring this case closer to a conclusion.”

“Today’s extradition should serve as a strong deterrent to anyone considering taking part in similar scams, and I hope it provides a sense of justice for the victims as well,” said HSI Executive Associate Director Benner.  “HSI will continue to utilize its unique investigative mandate, in conjunction with our local, state and federal partners, to attack and dismantle the criminal enterprises who would seek to manipulate U.S. institutions and taxpayers.”

“Since 2013, the IRS impersonation scam has been on a relentless path, claiming more than 15,000 victims who have collectively suffered over $75 million in losses,” said Treasury Inspector General for Tax Administration J. Russell George.  “TIGTA’s investigations, often conducted with other Federal agencies, have identified 140 scammers, including Patel, who have preyed upon taxpayers.  Today’s extradition and arraignment are proof that TIGTA and its law enforcement partners will be equally relentless in rooting out individuals who fraudulently identify themselves as IRS employees in order to extort money from taxpayers.  We especially appreciate the cooperation of the Government of Singapore for its role in the extradition.”

“This historic extradition should serve as notice to transnational criminal organizations of the lengths DHS is willing to go to arrest those who would enrich themselves by extorting the most vulnerable in our society,” said Special Agent in Charge David Green of DHS-OIG Houston, Texas Field Office.  “The owners, managers and employees of overseas call centers who target U.S. residents should know that our pursuit of justice for victims of their scams does not stop at the water’s edge.  We will continue to work with our international partners to identify these fraudsters, track them down and hold them accountable for their crimes.”

Singapore authorities apprehended Patel at the request of the United States pursuant to a provisional arrest warrant on Sept. 21, 2018, after flying from India to Singapore.  The Singaporean Minister for Law issued a warrant on March 25, 2019 for Patel to be delivered into custody of the United States.

The indictment alleges that Patel operated the HGlobal call center conglomerate and participated in a complex fraudulent scheme involving a network of call centers based in Ahmedabad, India.  Using information obtained from data brokers and other sources, India-based conspirators allegedly called potential victims while impersonating officials from the IRS or U.S. Citizenship and Immigration Services.  According to the indictment, the call center conspirators then threatened victims with arrest, imprisonment, fines or deportation if they did not pay taxes or penalties to the government.  When victims agreed to pay, the call centers used a network of U.S.-based conspirators to quickly liquidate and launder the extorted funds through the use of stored value cards or via wire transfers.  As alleged in the indictment, the stored value cards were often registered by the scammers using misappropriated personal identifying information of thousands of identity theft victims, and conspirators collected the wire transfers by using fake names and fraudulent identifications.

According to the indictment, the call center conspirators also defrauded victims through other schemes, including via offering fake short-term loans or grants.  The indictment alleges that the conspirators would then request a good-faith deposit to show the victims’ ability to pay back the loan or a fee to process the grant.  The victims of the alleged scam never received any money after making the requested payment.

An indictment is merely an allegation and the defendant is presumed innocent until proven guilty beyond a reasonable doubt in a court of law. 

A total of 24 domestic defendants associated with this transnational criminal scheme have previously been convicted and sentenced to terms of imprisonment of up to 20 years in the Southern District of Texas, District of Arizona and Northern District of Georgia.  The defendants were also ordered to pay millions of dollars in victim restitution and money judgments and to forfeit seized assets.  Some defendants were ordered to be deported based on their illegal immigration status, with another defendant having his U.S. citizenship revoked due to a separate conviction for immigration fraud.  The remaining India-based defendants have yet to be arraigned in this case.

HSI, DHS-OIG and TIGTA conducted the investigation.  The Department of Justice’s Office of International Affairs and HSI Singapore provided significant support in securing and coordinating Patel’s arrest and extradition, working in concert with their counterparts at the Singapore Attorney General’s-Chambers and the Singapore Police Force. 

Trial Attorneys Michael Sheckels and Mona Sahaf of the Criminal Division’s Human Rights and Special Prosecutions Section, Amanda Wick of the Criminal Division’s Money Laundering and Asset Recovery Section, and Assistant U.S. Attorneys Mark McIntyre and Craig Feazel of the Southern District of Texas are prosecuting the case.

A Department of Justice website has been established to provide information about the case to victims and the public.  Anyone who believes they may be a victim of fraud or identity theft in relation to this investigation or other telefraud scam phone calls may contact the FTC via this website.

Anyone seeking additional information about telefraud scams generally, or preventing identity theft or fraudulent use of their identity information, may find helpful information on the IRS tax scams website, the FTC phone scam website,and the FTC identity theft website.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
10 Ways to Keep a Rogue RasPi From Wrecking Your Network
Curtis Franklin Jr., Senior Editor at Dark Reading,  7/10/2019
The Security of Cloud Applications
Hillel Solow, CTO and Co-founder, Protego,  7/11/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Building and Managing an IT Security Operations Program
As cyber threats grow, many organizations are building security operations centers (SOCs) to improve their defenses. In this Tech Digest you will learn tips on how to get the most out of a SOC in your organization - and what to do if you can't afford to build one.
Flash Poll
The State of IT Operations and Cybersecurity Operations
The State of IT Operations and Cybersecurity Operations
Your enterprise's cyber risk may depend upon the relationship between the IT team and the security team. Heres some insight on what's working and what isn't in the data center.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-0234
PUBLISHED: 2019-07-15
A Reflected Cross-site Scripting (XSS) vulnerability exists in Apache Roller. Roller's Math Comment Authenticator did not property sanitize user input and could be exploited to perform Reflected Cross Site Scripting (XSS). The mitigation for this vulnerability is to upgrade to the latest version of ...
CVE-2018-7838
PUBLISHED: 2019-07-15
A CWE-119 Buffer Errors vulnerability exists in Modicon M580 CPU - BMEP582040, all versions before V2.90, and Modicon Ethernet Module BMENOC0301, all versions before V2.16, which could cause denial of service on the FTP service of the controller or the Ethernet BMENOC module when it receives a FTP C...
CVE-2019-6822
PUBLISHED: 2019-07-15
A Use After Free: CWE-416 vulnerability exists in Zelio Soft 2, V5.2 and earlier, which could cause remote code execution when opening a specially crafted Zelio Soft 2 project file.
CVE-2019-6823
PUBLISHED: 2019-07-15
A CWE-94: Code Injection vulnerability exists in ProClima (all versions prior to version 8.0.0) which could allow an unauthenticated, remote attacker to execute arbitrary code on the targeted system in all versions of ProClima prior to version 8.0.0.
CVE-2019-6824
PUBLISHED: 2019-07-15
A CWE-119: Buffer Errors vulnerability exists in ProClima (all versions prior to version 8.0.0) which allows an unauthenticated, remote attacker to execute arbitrary code on the targeted system in all versions of ProClima prior to version 8.0.0.