Phone scams can be a serious source of problems for many businesses, including contact centers. Unfortunately, employees are often the most vulnerable part of the business. If an employee does not know about potential phone scams, they may struggle to keep confidential data safe.
Most phone scams usually have some common traits. Learning how to spot these signs is imperative for businesses that want to protect themselves.
In this piece, we’ll talk about some of the most common phone scams in the coming year.
4 Phone Scams to Watch for in 2024
As you consider scams that you and your employees may have to watch out for, make sure you’re familiar with potential business scam calls and the impact they can have on your business, including the risk of fraud.
1. Fake Supervisor Calls
Many businesses put most of their information online. Scammers can easily determine who is in charge: the full management team, direct supervisors, and even the CEO. By taking a close look at that information, scammers may call in pretending to be supervisors and ask for confidential information or pressure employees to take actions that could compromise the network. That can include:
- Asking for private client data. A scammer might pretend to be a supervisor in a meeting or in contact with a client who needs immediate information about the client’s account. Employees may look up that information and inadvertently provide it to a scammer. In some cases, employees may never realize the data has been compromised.
- Asking contact center employees to log in to a phishing site. In some cases, scammers may call in and masquerade as supervisors who need their employees to visit a new website using their login credentials. The login may seem to fail from the employee’s end, but the scammer will use it to capture employee information, which they can then use to access the company system.
- Requesting passwords. The supervisor may claim that they need to log in as the employee or that they have forgotten the common password to a vital system. Once employees have shared that information, scammers can then use it to log in as the employee.
- Asking employees to take a specific action, including instituting a money transfer. If employees have access to the company’s finances, scammers may pressure them to make a false payment. If they do not, they may ask employees to submit an invoice.
It’s important for companies to institute checks and balances so that employees can easily figure out whether they are talking to a supervisor or a scammer.
It might be difficult for employees in larger contract centers to recognize supervisors, which increases the risk of fraud.
Companies must put policies in place to ensure employees don’t share passwords over insecure channels with each other, and any employee that does so is reprimanded.
2. Fake IT Calls
Many employees wouldn’t think twice about “helping out a member of the IT department” if a call came through. Unfortunately, scammers know about that tendency all too well.
Business scams usually won’t claim to have found a virus on the computer that they need to access the individual’s account to mitigate. However, they may call in and ask employees to take a number of common actions.
- Testing a new login. Scammers may request that employees log into a new site, which is really a fake website set up to capture company data. The login page may look legitimate from the employee’s view, but instead of logging in to a system or testing credentials, it may simply provide scammers with that login information.
- Checking (or seeking) passwords. A fake member of the IT team may claim that they need to log quickly into an employee account in order to fix a problem. Once the employee has provided them with that password, the scammer will have access to the account. Many scammers can use even lower-level employee access to work their way deeper into the system.
- Seeking remote access. The false IT team member may note that they need to take care of something in the system or on the employee’s account, which they need remote control of the system in order to accomplish. With that access, they can download their own content or get deeper access to the system.
- Downloading files. In some cases, an imposter may call in to let employees know that they need to download a specific file. Unfortunately, when employees do, they may end up installing a virus on the system.
As with protections against supervisor scams, make sure you put the right checks and balances in place to ensure that employees do not inadvertently give system access to a scammer. Let them know that IT team members will not ask for their information over the phone.
Make sure all employees are familiar with the procedures IT team members will actually go through in order to access their systems, including the use of network keys or internal passwords.
3. Customer Impersonation Scams
Scammers can call in with a variety of stories that indicate why they should be given access to customer data, often impersonating customers or using compromised data to access their accounts.
Typically, they will start by going on social media and gathering information about potential clients. They can check reviews from your social media profiles to figure out who those clients are, then look for more data on them from their own pages so that they can share that information with a contact center representative as they try to access the account. Common scams include:
- “Forgetting” the password for the account. False customers may try to guess at the answers to security questions so they can access the account even though it doesn’t belong to them.
- Calling in with a sob story. Many scammers will work up elaborate stories: the account holder has just died; the account holder is in the hospital; the account holder is a former spouse who abused them, and they’re only too eager to tell your employees all about it. By gaining the employee’s sympathy, they can then access the system.
- Pressuring the employee to give them access without going through all necessary verification steps. Scammers may yell or get belligerent in an effort to get employees to provide them with account access or data despite not having all necessary information.
Perhaps the most common way these scams work is when scammers gain access to sensitive identifiable information such as a customer’s password, birth date, and other details. Contact centers that use older authentication systems are often at an increased risk of compromising user data as a result.
With Pindrop’s Deep Voice Biometric Engine, contact centers can reduce the risks of hacks and security breaches, as it analyzes various audio features to determine if a call is authentic or not.
4. External Vendor Scams
Scammers may call in pretending to be an external vendor. Typically, employees of your contact center may not work directly with vendors. However, in some cases, they may receive calls from vendors, juggle payments, or handle communications with those vendors in order to ensure a high-quality customer experience. Vendor scams may include:
- Insisting that the company is behind on an invoice. The scammer may pressure the employee to make sure that the invoice is sent through or, if the employee has access to any payment function, to pay the invoice as soon as possible.
- Pressuring an employee to make a false order. Vendors may insist that they need to make a technology update or that the company is behind on certain items and ask the employee to authorize a purchase.
- Asking for system access. Vendors may, in some cases, use apps or platforms that may need to interact with the company network, and scammers may pressure employees to give them higher-level access.
In order to protect against external vendor scams, make sure employees have a solid idea of how they should expect to interact with vendors over the phone and what information they are allowed to provide. You may also want to make sure that your invoice payment process includes protection against fake invoices, including double-checking who the payment is going to before sending it through.
How Pindrop Helps Contact Center Fraud
At Pindrop, we offer anti-fraud solutions that can reduce 80% of fraud calls to contact center agents. Our solutions use cutting-edge voice biometrics and voiceprinting technology to better identify signs of fraud and increase contact center security. We analyze more than 1,300 factors in real-time, preventing scammers from getting away with many of their techniques. Request a demo to learn more!
