Identity confirmation is taking center stage for many companies undergoing customer experience initiatives or digital transformations. At Pindrop, we know that the key to a remarkable experience is one that is able to transcend asking about mothers’ maiden names or other security questions and get to the reason why the customer is on the phone.
But not all identity controls are created equal. Smishing, Vishing, and Phishing attacks (bad actors using text, calls, or internet links to obtain sensitive data) claim the most victims of any internet crime according to the FBI¹ and the information that gained through those attacks can lead bad actors to contact centers to gain access to the victim’s account by using social engineering. Bad actors easily provide ill gotten data to manipulate contact center agents into providing access to accounts is a common social engineering tactic.
Breach at a Major Gaming Company
Even sophisticated authentication policies can allow for exploitation. A major gaming company had their online gaming community breached, taking control of at least 50 customer accounts by socially engineering contact center support reps. The company stated “Utilizing threats and other “social engineering” methods, individuals acting maliciously were able to exploit human error within our customer experience team and bypass two-factor authentication to gain access to player accounts. Despite layered authentication, leveraging social engineering and contact center, bad actors targeted these players and some continued on to use information to attack institutions according to an article from CPO Magazine².
Humans are bad at avoiding socially-engineered traps. In 2021, Pindrop reported that on average one out of every 1074 calls in a contact center is from a bad actor. Without technology, social engineering can be difficult to identify and prevent even with proper training and some technology controls in place. Assessing the risk of each call could help reduce account takeover attempts in the contact center and alert agents when to flag for the fraud team to review. Pindrop fraud detection is capable of alerting over 80% of fraudulent calls, even social engineering attempts, allowing the customer experience teams to focus on service, not fraud detection.
Pindrop can help agents get a leg up on social engineers, by using machine learning, phoneprinting, and deep voice analysis, Pindrop can alert contact centers agents to social engineers and known bad actors while improving authentication practices while speeding up identity and verification obstacles.
¹Federal Bureau of Investigation Internet Crime Complaint Center, Internet Crime Report 2020,
²Hope, Alice, EA Confirms Account Takeover Attacks Compromising High-Profile Gamers via Phishing and Social Engineering Attacks, CPO Magazine, January 2022,