44 people arrested for usurping the identity of consumers to collect commissions from electricity companies

Agents of the National Police have arrested 44 people in 12 Spanish provinces for the fraudulent use of personal data to usurp the identity of consumers and hire unauthorized services, reports the National Police in a press release.

The wave of WhatsApp attacks using a close contact to steal accounts intensifies

Know more

The goal was to get rich with commissions for attracting new customers. They accessed the personal databases of electricity companies to usurp the identity of customers and without their consent switch them to other service provider companies. 26 of those arrested were commercial workers and the remaining 18 were administrators who in turn provided the databases.

The investigation began in September 2019 when the agents received a complaint from the administrator of an electricity and natural gas distribution company, stating that unknown persons were posing as company workers and were calling the customers. They knew all their personal, bank and supply data, and offered them a supposed discount on the rate, when in reality they changed them to another electricity supplier without their knowledge.

In addition, the complainant company had carried out an internal audit in which it had been detected that there had been unauthorized access to its databases. They were also able to detect that unknown persons had contacted the merchant posing as customers and after answering the security questions, they requested duplicate invoices in order to communicate a change in their personal contact information so that, once the change of company , prevent a possible counteroffer from reaching the consumer who was unaware of his new registration. At the same time, the electricity marketer that was receiving the new clients, after detecting the collection method, filed a complaint against several commercials for the practices carried out.

Commissions for new registrations in energy supply contracts

The investigators were able to verify that the reason for such practices was to receive the commissions for new registrations provided by the company to which they fraudulently referred the clients. The agents also detected how the company where the new clients were registered, in turn subcontracted new companies to attract more clients, which meant that a large amount of personal data of people was leaked to such subcontractors.

After an operation carried out in three phases, the agents have arrested a total of 44 people in 12 provinces – Barcelona, ​​Cádiz, Castellón, Ciudad Real, Córdoba, Huelva, Jaén, Madrid, Málaga, Murcia, Seville and Valencia – allegedly involved in the plot for a crime against the market and consumers.

Although an economic assessment of the damage caused has not been issued to date, it is estimated that there have been some 36,000 changes to personal data, which in turn have caused the loss of the affected company.

The investigators have reported these facts to the Competition Directorate of the National Securities Market Commission (CNMV) in case the commercial practices of the companies could constitute an infringement contrary to the regulations for the defense of competition.

The Spanish Agency for Data Protection was also informed about the protection measures and leaks of consumers' personal data in case they constituted an infringement of the personal data protection regulations by contracting distributors and marketers of those companies of 'call center' investigated, susceptible to correction or sanction.

Source link