An Excerpt from section 5 of The 2021 Voice Intelligence and Security Report.
Unintended consequences is a popular topic when it comes to security. In many ways, security involves the study of unintended consequences, as we monitor
and measure how effective those controls remain through tests of intended and unintended real-world consequences. Whether the consequence of self-service is data leakage or the consequence of loan application ‘scaling’ is fraud abuse, it also can mean that heavy fraudster IVR usage allows AI to predict fraud more accurately.
Security needs to follow where the threats are, and if possible, beat them to it. Using the latest tools like AI to monitor the IVR will stop considerably more downstream threats, but knowing where and how to monitor is key. We continue to discover new ways fraudsters operate, so sharing their tactics and procedures becomes just as critical as sharing how big the problem has become. Without remiss, the size of the problem will continue to expand, as will the exploit. With outside forces such as a global health crisis or widespread unemployment unforeseeable to most, chasing down basic things like information flows might be more achievable than tackling new distribution networks. Unintended consequences can be exacerbated by outside factors, forcing a spotlight on a previously considered low-level threat. Now some of the basic information available with a few hours of computerized guesses can provide enough information for an eventual account takeover, for a loan program worth millions. Reporting a lost unemployment-funded prepaid card could cost the financial institution and taxpayer revenue at nearly $25k per card.
Download The Full Report below: