When discussing financial fraud, people often talk about it as one overarching problem. But the reality is that in today’s environment, fraud comprises many separate, distinct components, each with its own techniques, complexities, and challenges for organizations trying to defend against them.
Customers interact with their financial institutions in a variety of ways: in-person, online, and on the phone. Many people are conducting more and more of their financial transactions online, and as a result, banks and other institutions have spent the last decade implementing sophisticated security and anti-fraud systems to protect against online attackers and fraudsters. This has raised the cost and the amount of effort it takes for criminals to execute their operations, and so they have had to look for new ways to make their money.
For many fraudsters, this has meant turning their attention to the phone channel. There’s nothing simpler for attackers than going through a financial institution’s contact center. The barriers to entry for this type of fraud are extremely low. Unlike online fraud, it doesn’t require any technical skill and fraudsters can be successful through sheer perseverance. By gathering enough information on a target financial institution and a target account, a fraudster can get everything he needs to answer the challenge questions and gain access to the account.
The phone channel has become the preferred entry point for many fraudsters, both because there’s no need for specialized skills and the risk of being caught is very low. Fraudsters can try their attacks over and over, gathering more information and intelligence as they go. The repeated calls to a target institution’s contact center often are just the first phase, however, as fraudsters will then move on to other channels to complete the account takeover. New data from the Aite Group, which interviewed executives at 18 of the 40 largest banks in the United States, shows that nearly all account takeovers have some connection to the contact center.
“Executives from institutions that perform root cause analysis of fraud losses state that very high percentages of account takeover losses can be tied back to contact center interactions. One executive says that the link is typically in the 90% range, while another states that in 100% of the account takeover cases researched, a link to the contact center was discovered,” the report from Aite Group says.
Fraud in the contact center comes in many different flavors and the trends change over time, as defenses improve and fraudsters adapt their tactics. The advent of chip-and-PIN cards as well as mobile payment technologies in recent years has changed the fraud landscape dramatically. As financial institutions and technology companies adjust to these changes, the fraudsters will counter. In the coming weeks, we will explore the data and trends around five distinct types of fraud:
- Account takeover
- Social engineering
- Transactional fraud
- Mobile wallet fraud
- Account access device fraud
What all of these varieties of fraud have in common is their reliance on the contact center as a primary access point. Fraudsters know a soft target when they see one, and the wide range of fraud schemes targeting contact centers shows that the phone channel is their top choice at the moment.