From financial institutions to retailers, the call centre is now the weakest point of entry for fraud activity. In the last year, data collected at Pindrop® Labs has shown a significant increase in the amount of money organisations are losing to phone fraud. In the U.K., £0.86 per call is lost to phone fraud—an increase from £0.51 in 2015.
There are more fraud calls than ever, and the sophistication of the criminals behind these efforts continues to grow. One of the main drivers behind the relentless rise in call centre fraud is that attackers are getting better at their craft, honing their skills, and becoming more adept at social engineering techniques that help them bypass call centre defenses.
The call centre is the softest target for fraud in virtually every organisation. Call centre defenses usually only amount to one thing: the call centre agent. Training for call centre employees is designed around providing excellent customer service and not fraud detection.
Fraudsters know this and target their operations at the call centre—what they see as the weakest link in these organisations’ security. In fact, 61% of fraud losses from account takeovers involve the call centre.
By the time a fraudster gets to the call centre, they have often already worked to gather intelligence about the target account and are prepared to strike. To understand the true extent of the problem, it’s crucial to review all call centre interactions between a criminal and a call centre agent. Though many of these calls involve criminals attempting to complete a fraudulent transaction, the majority of fraudulent calls do not involve such a transaction. Research shows that a criminal makes an average of five calls before completing
a fraudulent transaction. This scoping technique is employed for a variety of reasons, such as resetting passwords, changing mailing addresses, and making other account modifications. In some cases, fraudsters know that their previous activities have caused the organisation to flag their target for fraud, restricting what can be done on the account. Therefore, fraudsters will call again in an effort
to influence customer service agents to remove that flag. Financial institutions, insurance companies, and other frequent fraud targets
have invested heavily in securing their online channels in recent years, making online fraud much more difficult and risky for criminals.