Saswatabanerjee
Partner - Risk Management
Tajsateesh
Recruitment/talent Acquisition, Career Counselling

PRIME SPONSOR - FACTOHR - Customised Payroll, GPS Enabled Attendance, Travel, Performance Management, HRMS. Explore Features
Hi seniors,

In one reputed MNC, One employee's credential is misused to send prank email from ex-employer's one employee's email id to higher authorities.

So higher authority of ex-employer, directly false accused that employee whose credential is misused by forming a story of revenge taken by that employee with ex-employer and convince current employer to terminate that employee.
  • They did not do any inquiry or police inquiry or filed legal case under cyber crime act, they simply believed story told by that employee whose email id's used to send prank email.
  • They do not want to understand simple fact that credentials can be misused,

    because when crime was committed that person was not using his/her computer.
  • But due to lack of CCTV camera installation, absence or presence of that person can not be proved.
  1. Is it legal to take law and order in own control and directly accuse an employee criminal on basis of indirect evidences?
  2. Is it humanity to do not let person even justify his/her side?
  3. The ex-employers told that, when background check will be done next time,
  4. They simply harass him/her by elaborate this incident to do not let him/her hired again by any employer.
  5. Does this legal to mentally torturing an ex-employee by isolating from employment?

Cite.Co is a repository of information created by your industry peers and experienced seniors sharing their experience and insights.
Join Us and help by adding your inputs. Contributions From Other Members Follow Below...
Hello,
Your posting is BOTH disturbing & confusing--'disturbing' since you mention it's a MNC & 'confusing' since it's within their purview & capability to verify the veracity of the complaint/claim of identity misuse.
In such cases, CCTVs are NOT what need to be checked. The System Admin guy comes into the picture to check out the usage of the ID INCLUDING the location, time-tagging & other such details of the mails in-question. Every e-mail has a long tracking mechanism--which IS NOT visible to us users--from where the Sys Admin guy or the Cyber Crime cops figure-out the details.
Coming to 'what next', suggest inform the current employer to check out with the System Admin guy. If they aren't keen to do so, suggest file a Police Complaint [in Cyber Crimes Cell] WITH all the facts of the case. They will do the necessary checks of where the mail(s) came from, etc.
All the Best.
Rgds,
TS
First of all sorry if you found this post disturbing, but I didn't take any name due to reputation issue of MNCs. I just want to highlight importance of an issue.

Sorry in advance for very long reply but kindly understand the complexity of problem by just reading following case-scenario with calm mind as it is matter of someone's life and career.

Whatever you have suggested I appreciate it. I already know about email-tracing, time-tagging etc. and its now very old as it is used since era of UNIX mail system by tracing hopping of mail from one system to another.

As per your suggestion usage of the ID INCLUDING the location, time-tagging & other such details of the mails etc. all had been easily available without inquiry, due to high-end cloud based monitoring system of mail system.

Even after all that exercise for tracing criminal, problem is that guy whose credential is misused had went to tea-break or lunch during that misuse time and someone had taken remote desktop and did the crime.

Unfortunately, there is no swipe mechanism from work room to cafeteria. Only Check-in time to office building and check-out time from office building is noted in the system.

So it is fact that particular guy's system is misused, but it can't be judged just by logs as that guy is away from his/her system for very long time.

As there is no restriction of minimum daily work hours completion and even no work-load during that time, that guy is away from system as other guys, so no-one is in that room when crime was committed by remote desktop.

Only some prank mail is sent from that guy's system by using ex-employers' employee's email id to higher authorities.

Both of the MNCs do not disclose what is in that mail, but both are agree that nothing much harassing or any adult, blackmailing, threat of murder etc.

But still they made this matter an issue of their pride.

As above mentioned two MNCs do not want to spoil their reputation by involving police or cyber crime cops. So they simply judged that if that guy's system is misused, then he is solely responsible.

They are not even giving 2nd chance by just warning a guy, who is also victim of misuse of his/her credentials.

It is a very heavy punishment for a guy because,
  • his/her relation with ex-employer is now bitter forever,
  • his/her current employer terminated him/her.

The first post you have made is very confusing. The language, grammar and sentence completion was disregarded, making it close to gibberish. Thankfully your second mail is clear.

1. Most offices have a rule that you are required to lock your pc when you are not on your desk. Either your friend didnt do that, or had shared his password enabling someone to enter into the system.

2. There is no proof that it was done by remote desktop control, if that was the case, obviously he would not have been blamed. In fact, if the if remote desktop was used, sys admin would know where the mail actually went from as there would be tracking record of the same. How do lu say it was done by remote desktop ?

3. All mnc and most corporate take very serious view of any employee careless with IT resources. If you let someone access or use your IT resources you put the company's information at risk. They do not want such people in the company

I know of certain department in IBM where any unlocked laptop (they need to physically lock their laptop w a chain provided) is picked up by IT and their department head has to come and take it back with explanation for the error of leaving it unattended.

4. Every mnc has a grevience settlement mechanism. You friend should have approached the concerned person in hr. he can still approach the forum and seek help if he is really not guilty.

5. actually the Problem is that many employees make excuses saying imwas not there, someone else used it , etc. I am sure the concerned manager must have checked with their IT department to see who actually sent it.

6. Finally, ofcourse, if you think someone used your id and your are being victimised, you can always approach the cyber crimes department of the police for help.

Please tell us in what way has the company harassed the employee apart from termination ?
PRIME SPONSOR - TALENTEDGE "Interactive Anywhere Learning". Executive courses from top reputed institutes like IIM, XLRI, MICA. View Courses
Add Reply Start A New Discussion






About Us Advertise Contact Us
Privacy Policy Disclaimer Terms Of Service



All rights reserved @ 2019 Cite.Co™