Contact center fraud loss is expected to double from $393M to $775M by 2020. Despite the intent to administer positive and timely customer experiences, contact centers agents often fall victim to the social engineering methods that enable fraud attacks. Fraud attacks increase operational costs, decrease customer satisfaction, and jeopardize brand reputation as customer data is repeatedly lost to fraud. With 61% of account takeovers traced back to the contact center, this $400 million problem needs immediate resolve.
What do enterprises need in a contact center fraud solution?
To prevent fraud loss and preserve brand reputation, enterprises need a solution that provides:
- High Coverage. Every incoming call needs to be screened. Fraudsters must be identified on their first call to prevent them from being able to enroll as illegitimate customers.
- High Accuracy. The right solution accurately differentiates between legitimate and illegitimate customers, detecting fraud with a low false positive rate.
- Foolproof Technology. Fraudsters are currently using voice spoofing, voice distortion, social engineering, and more. The right solution provides resilience against attempts to break through traditional security measures.
To reduce operations cost and improve customer experience, enterprises need a solution that provides:
- High Speed. Contact center agents must be able to handle calls quickly while also being informed about the legitimacy of callers before they provide access to personal data. Reducing authentication time by one second leads to $1 million in annual savings.
- Low Friction. Customers want security without being inconvenienced for it.
Pindrop’s patented technology, Phoneprinting™, analyzes 147 different factors in the audio of a phone call in order to create a unique signature that allows a fraud analyst to identify an illegitimate caller, while also determining the caller’s true geographic location, device type, and more. Unlike a phone number or a voice, this information is impossible for fraudsters manipulate. With Pindrop’s solution, customers catch over 80% of fraud calls with less than a 1% false positive rate. Contact centers are empowered with the technology necessary to stop fraud loss, reduce operations costs, protect brand reputation and compliance, and improve the customer’s overall experience.
According to a recent survey of 25 executives at 18 of the 40 largest US financial institutions, Phoneprinting™ is the highest ranked contact center anti-fraud solution. Avivah Litan, VP Distinguished Analyst at Gartner, explains that phoneprinting technology combined with voice biometrics is “the strongest method for detecting fraudsters who call into enterprises,” benefitting both contact center agents and security teams.
Aite Group, an independent research and advisory firm focused on business, technology, and regulatory issues, interviewed 25 executives at 18 of the top 40 largest U.S. financial institutions based on asset size in order to provide an evaluation of the current state of fraud. New research proves that contact centers are being attacked more than ever before. Aite’s Senior Analyst, Shirley Inscoe, joined Pindrop’s Director of Research, Dr. David Dewey, to discuss the growing threat of fraud in the contact center during this session.
With the rollout of EMV chip cards, fraudsters have redirected their attacks to the contact center for data mining and account takeover. Sixty-one percent of fraud can be traced back to the contact center, but it doesn’t end there – fraud is a cross-channel problem. Many enterprises fail to identify the contact center as the root cause of fraud loss, enabling fraud in others channels, such as debit card, credit card, and check order takeover. Meanwhile, fraudsters are capitalizing on this misdiagnosis and targeting the contact center as the weakest link in security.
Contact center fraud loss is expected to double from $393M to $775M by 2020. As chip cards continue to gain momentum in the United States, organized fraud rings will continue targeting the phone channel, replacing traditional counterfeit card fraud. Current authentication factors in the contact center often fail due to the data fraudsters acquire through social engineering tactics in order to reset account credentials. Armed with data, organized fraud rings probe agents at enterprises for the information they need to access customer funds, and the point of least resistance is often the contact center.
Organized fraud rings are using automated attacks, specifically robotic fraudsters, targeting interactive voice recordings (IVRs), to keep their cost down while still managing to dramatically increase market coverage. Despite the intent to administer positive and timely customer experiences, contact centers agents often fall victim to the social engineering methods that enable fraud attacks. Fraud attacks increase operational costs, decrease customer satisfaction, and jeopardize brand reputation as customer data is repeatedly lost to fraud. Contact centers will continue to enable cross-channel fraud until technology solutions are implemented to thwart it.
Analysts at Aite Group have identified five key security and service steps that legacy solutions are failing to perform. These are the features that are keeping Caller ID, KBA, and voice biometrics from being viable anti-fraud and authentication solutions for the contact center. With 61% of account takeovers traced back to the contact center, this $400 million problem needs immediate resolve.
Protecting personal data in the contact center relies on a best-in-class security solution that benefits both the organization and the customer through:
- Universal Coverage. Customers must be authenticated and fraudsters must be identified on their first call. This prevents fraudsters from being able to enroll as illegitimate customers and alleviates customer privacy concerns.
- Accuracy. The right solution accurately differentiates between legitimate and illegitimate customers. Legacy solutions, such as Caller ID verification and KBA, fail to provide the accuracy needed.
- Speed. Contact center agents must be informed about the legitimacy of callers before they provide access to personal data. KBA takes a long time, which frustrates legitimate customers and offers fraudsters many chances to collect data.
- Low Friction. Customers want service that requires little effort on their part. Most voice biometrics solutions require an enrollment process, which leads to longer call times and lower customer satisfaction.
- Foolproof Technology. Fraudsters are currently using voice distortion, spoofing, social engineering, gateway hacking, and more to circumvent traditional security measures. The right solution needs to withstand these attempts to break through protection.
How do the largest global contact centers stop fraud and protect their customers?
According to a recent survey of 25 executives at 18 of the 40 largest US financial institutions, Phoneprinting™ is the highest ranked contact center anti-fraud solution. Pindrop’s patented technology analyzes 147 different factors in the audio of a phone call in order to create a unique signature that allows contact centers to accurately detect fraud. Avivah Litan, VP Distinguished Analyst at Gartner, describes phoneprinting technology and voice biometrics as “complementary technologies” that mutually benefit both contact center agents and security teams. This phoneprint allows a fraud analyst to create a unique signature for an illegitimate caller, while also determining the caller’s true geographic location, device type, and more. Unlike a phone number or a voice, this information is impossible for fraudsters manipulate. Phoneprinting allows Pindrop’s customers to catch over 80% of fraud calls with less than a 1% false positive rate.
Phoneprinting provides universal protection for all incoming calls to the contact center, allowing contact center agents to identify unknown attackers on their very first call while also creating a robust intelligent blacklist of known attackers. Contact centers are empowered with the technology necessary to stop fraud loss, reduce operations costs, protect brand reputation and compliance, and improve the customer’s overall experience.
Congratulations are in order if you’ve never had to experience the pleasure of being robocalled. The rampant growth of the underground phone fraud world is affecting consumers and enterprises alike. As consumers, we may experience calls telling us we are being sued by the IRS (just one of the many scams) and for enterprises, the call centers are a point of entry for costly phone phishing attacks. This shockingly small group of fraudsters are causing explosive amounts of damage, costing Americans about $7.4 billion annually, as noted by the Harris poll.
We can try to register for the Do Not Call lists and be more aware of the unfamiliar numbers calling us, but cyber criminals can easily access our data through social engineering, spoofing and inexpensive data downloads. Enterprises face a bigger challenge. Some have fraud ops teams to help deter or mitigate the risks. However, more and more fraudsters are targeting unprotected call centers. The advancement and rollout of EMV cards are partially to blame, coupled with the amount of consumer data that is readily available.
Our data scientist, Aude Marzuoli, presented at this year’s Black Hat conference on phone fraud scams and the phoneprinting technology to prevent such attacks. Marzouli and the research team reviewed millions of calls, while leveraging the Pindrop honeypot and online comments in combination with machine learning and were able to determine that of the 100,000 call recordings, 51% of the robocalls recorded were placed by 38 distinct telephony infrastructures which could be uniquely identified with more than 85% true detection rate (TDR) on average. So what does this all really mean? Fraudsters are getting more creative, more quickly, and within a small network have an exceptional, growing presence that makes protection from this abuse more challenging.
To learn more about the findings, check out the full Call Me: Gathering Threat Intelligence on Telephony Scams to Detect Fraud presentation.
This week in phone fraud, Pindrop Labs released its Top 10 Consumer Phone Scams Report and Pindrop CEO, Vijay Balasubramaniyan, reveals how deep learning can transform the relationship between humans and machines.
On Thursday, USA Today reported the top three phone scams targeting consumers this year are Google listing scams, loan-related scams and fraudsters offering free vacations, an information security company called Pindrop found — by masquerading as unsuspecting customers.
Wednesday, IT Pro Portal reported that ever since humans evolved language, speech has proven to be the most efficient way for us to communicate, from the simplest requests to the most complex ideas. Now, with advances in technology, speech is poised to become the next major transformation of the user interface.
Biometric Update: Biometrics alone will not win the authentication wars – Hackers target banks and any business with a digital presence to steal people’s identities and export valuable private information. Increasingly, hackers are using impersonation methods to pose as individuals to commit fraud digitally and over the phone. Especially in the call center, where fraud is expected to grow by 97 percent between 2015-20 (Aite Group)
Helpnet Security: As voice interaction increases, what will security look like in the next 5 years? – As the accuracy of voice UI grows, it will naturally progress to a means of authentication in the enterprise. However, the enterprise should be concerned about the security implications of tomorrow and what managing voice authentication, in the daily work environment, will mean.
On the Wire: Google Listing, Political Scams, Top Phone Fraud Threats – Nearly 20 percent of all phone fraud calls hitting consumers and businesses this year are part of the fake Google listing scam, more than twice as many as the eight percent that are loan scam calls, according to new data released by Pindrop Labs.
New York Post: Why you may fall for these wild scam phone calls – About 896,000 scam calls have been reported to the US Treasury Inspector General for Tax Administration’s office since October 2013, with some 5,000 victims paying more than $29.5 million to robbers, the agency’s head reported earlier this year.
National Daily Press: FCC is putting pressure on phone companies to give customers technology to block robocalls – The FCC is putting new pressure on both wireless carriers and traditional phone companies to give customers technology to block unwanted robocalls. Chairman Tom Wheeler has told the carriers that they need to give their customers the option to block robocalls, which have become the largest source of complaints that the commission receives.
Straits Times: Banks “unlikely” to pay phone scam victims – Last Monday, OCBC Bank reported a sharp rise in scams involving conmen impersonating its employees; around 30 customers are believed to have been duped, losing tens of thousands of dollars. However, lawyers say victims would be liable for the money they lost due to the voluntary nature of the transactions.
On Thursday, Fortune reported that a researcher found a simple yet ingenious way to trick three companies— Microsoft, Google, and Facebook’s Instagram—into forking over money using nothing more than the telephone.
Thursday, New York Times reported that hundreds of people with H.I.V. across China are being called by someone who claiming to be from the government who has access to their medical records and other personal information.
NPR: Scammers Turn To Caller ID “Spoofing” To Pose as Police – Most people know to hang up on con artists supposedly calling from the power company or the IRS, demanding money. The problem is, there’s little the police can do — even when the scammers go so far as to impersonate the police themselves.
Shanghai Daily: Police in China to probe suspected phone scam targeting people with HIV – People with HIV nationwide have reportedly received phone calls from individuals claiming to work for the government. The callers allegedly attempt to collect service fees for “government subsidies for the HIV-infected.”
IT Pro Portal: Modernise your authentication methods of suffer the consequences – The way digital enterprises connect with their customers is changing. Consumers are demanding more trusted and personalised experiences in exchange for their personally identifiable information (PII), while businesses are struggling to protect user privacy in light of growing global security and privacy concerns.
Huffington Post Canada: Canada Revenue Agency Scam hits 17 in Saskatchewan, RCMP say – Seventeen individuals in Saskatchewan have been a victim to the Canada Revenue Agency fraud with nearly $70,000 in reported losses since the beginning of 2016. Fraudsters threaten arrest, legal action, seizure of homes, vehicles and other assets if payment isn’t made.
Komando: New way fraudsters are spoofing victims – Robocalls are automated phone calls with prerecorded messages usually used for political campaigns and marketing purposes. But due to the proliferation of cheap phone software and technology, scammers are getting their hands down and dirty with this fast and easy method of conning people out of their cash
Bucks Free Press: Scam Alert: Fraudsters impersonate phone companies to and trick people into sharing details – Fraudsters are impersonating phone companies in a bid to trick people into handing over their personal details. They attempt to glean personal and financial details which will then be used to contact genuine phone companies and order new mobile phones. They will then either intercept the delivery before it reaches the victim’s address or order the handset to a different address.
On Wednesday, NBC Nightly News featured research from Pindrop and showed the public how they can protect themselves against phone scams. With fraud calls having doubled in the past three years, fraudsters are finding new ways to swindle victims, and it starts by tricking your phone.
Tuesday, BBC News reported that when calling banks, it takes us 45 seconds on average just to confirm who we are. But by using computers to identify our voices, this authentication process can be cut to 15 seconds on average, saving banks lots of cash and us lots of hassle.
The Washington Post: IRS: A new phone scam threatens college students – Fraudsters claiming to be from the Internal Revenue Service ring up college students and demand payment for something they call the “Federal Student Tax.” It’s a variation on a common scam that tries to convince victims that they’re in trouble with the government.
GCN: Stopping identity fraud in public assistance programs – Criminals who commit benefits fraud often use other people’s personal information to file for food stamps, Medicaid, unemployment insurance and other public assistance programs. These skilled fraudsters know how to game the system, and often do it in multiple states with the same identities.
NBC News: Robocall Credit Card Interest Scam Continues to Plague Consumers – Telephone fraudsters know that Americans are fed up with high interest rates on their credit card balances and have for years been trying to cash in on that frustration by tricking consumers into paying them as much as several thousand dollars for bogus rate reduction programs.
PC World: What I learned playing prey to Windows scammers – Three months of phone calls prove Windows scammers are more skilled at social engineering than you think. The callers are polite, because they know that the success of their scam hinges on being helpful and earning trust so that victims reveal valuable information allowing them to take over accounts.
Wisconsin state Journal: Phone scammers take advantage of Dallas shootings – The Dane County Sheriff’s Office is warning the public of a new phone scam that involves donating money to help the families affected by the shootings in Dallas on Thursday night. Fraudsters call people impersonating the sheriff’s office and asking for donations, but local law enforcement is requesting no such assistance.
Today: Young parents lost about S$70,000 in phone scam – Armed with nearly 10 years’ worth of hard-earned savings, first-time parents from Singapre were ready to move to an executive condominium with their three-month-old son, when they fell prey to a phone scam and lost almost S$70,000 of their savings to conmen posing as police officers.
On Tuesday, The Washington Post reported that government employees and any contractors working on their behalf are now exempt from regulations on robo-calls designed to protect consumers from annoying phone spam under a new, federal clarification on who is and isn’t allowed to place auto-dialed phone calls and text messages.
Thursday, the Consumerist reported AT&T CEO Randall “Dandy Randy” Stephenson claims his company can’t proactively block robocalls because it first needs permission from the FCC, and AT&T employees have more than a dozen different explanations for why the telecom giant has done nothing to rein in these unwanted, pre-recorded and auto-dialed calls.
Federal Trade Commission: The IRS doesn’t want your iTunes cards – If anyone tells you to buy iTunes cards to pay the IRS, qualify for a grant, get a loan or bail out a family member, say “No.” They’re trying to scam you. The only place to use an iTunes card is at the iTunes store, to buy online music, apps or books.
The Huffington Post: Grandparent Phone Scam: Oklahoma Grandmother Targeted in Telephone Fraud Involving Granddaughter and Drunk Driving – Robin Linley, a grandmother from Del City, Oklahoma, received a terrifying call recently. A caller pretended to be her eldest granddaughter, Tori, and stated that she had just been in a car crash and was in jail because she had been drinking. She needed to be wired money so that she could post bail.
The Herald: IRS imposters target college students – The April tax season is long gone, but bullies run a year-round business. Having mastered ripping off immigrants and the elderly, con artists have put together a new twist on an old scam to trick college students into thinking they need to cough up cash to cover a “federal student tax.”
Global News: CRA income tax phishing scam still going strong, police warn – Police in Ontario are still being flooded with calls after warning the public last month of the so-called Canada Revenue Agency (CRA) phishing scam. Ontario Provincial Police said the scam has bogged down provincial communications centres with calls from the public informing officers of the scam.
NJ Com: Bamboozeld: Don’t fall for these scams asking for your social security number – We have seen crooks impersonate law enforcement officials with the IRS scam and now they are impersonating companies too. Last month, a homeowner received a call from someone who said they were from CVS. The caller said CVS was trying to fill his prescription and needed his Social Security number.
Leek and Post Times: iTunes bogus phone calls scam warning – Action Fraud are warning people of a new trend that has hit the UK where offenders contact victims claiming to be from HM Revenue & Customs (HMRC) or a PPI Claims company and using deception, con them into paying bogus debts and taxes using iTunes gift cards.
Business Weekly: Scam Report: Robocallers landing in sticky situation – Using generic names such as “Bank Card Services” and “Credit Assistance Program,” robocallers that are members of Life Management Services of Orange County LLC held themselves out as a “licensed enrollment center” for major credit cards that can offer big savings to cash-strapped consumers.
On the Wire: Seven Jailed in Massive Phone Fraud Scam – Authorities in the U.K. have sentenced seven people to prison for their part in running a wide-ranging phone fraud scam that cost victims more than £1.3 million over the course of several years.
WND: “IRS agents” involved in menacing but lucrative phone scam – The IRS scam may be an old one, but apparently it’s still very live and effective. According to the IRS, more than 1.2 million Americans having reported receiving such calls in last month. The IRS is trying to warn Americans that its officers would never makes such a telephone call, but many terrified citizens are taking the bait.
Express: Heartless thieves con elderly widow into handing over lifesavings in ‘vishing scam’ – The callous thieves called the pensioner on Sunday pretending to work for the bank’s fraud department and told her that £900 had been taken from her account. The day after the con-men asked the victim to transfer her money into a different account for safe-keeping.
NBC News: Fraud Alert: ID Thieves Hijack Mobile Phone Accounts – While a common criminal might try to snatch your smartphone for some quick cash, these clever crooks take over your wireless account. By taking control of your mobile account, a fraudster can buy new equipment, such as expensive smartphones, bill them to your account and then sell them.
On Thursday, Forbes reported that Chinese authorities have busted a network of phone fraudsters in Taiwan. Fraudsters were calling Chinese citizens, claiming to be police officers or faking kidnappings. The Taiwanese fraud ring was operating in over 25 countries.
Today, the Federal Trade Commission reported on a new trend in phone fraud. Fraudsters are targeting lists of consumers who have lost money to previous phone scams. For a “small fee” upfront, the criminals promise to recover the money the consumer lost.
FEDweek: Fraud Reduction Act Clears Congress – The House has joined the Senate in passing S-2133, to require OMB to set guidelines for agencies to establish financial and administrative controls to identify and assess fraud risks. Agencies also would have to design and implement control activities in order to prevent, detect, and respond to fraud under the bill.
The Economist: Pulling the plug on robocalls – According to Consumer Reports, unsolicited telephone calls made by automatic dialing machines now comprise over a third of all calls to American homes. Worse, the majority are not just annoying telemarketing messages, but scams aimed at tricking the unwary into parting with personal information or cash.
Radio New Zealand: Phone scammers targeting foreign nationals – Immigration New Zealand is warning of a new wave of scam phone calls that prey on people’s fears of being sent home. Fraudsters were telling people they were speaking to that they were an Immigration New Zealand staff member, and demanding payment to avoid deportation or arrest.
No Jitter: VoIP Vulnerabilities: Protecting Against Evolving Threats – Eavesdropping and phreaking are the two types of call fraud in which attackers tap into VoIP phone lines and commandeer them to make unauthorized calls. With eavesdropping, hackers tap VoIP phone calls to steal employee names, passwords, phone numbers, and other information.
Business Day: They’re back- the phone scammers pretending to be from the IRD – Police have urged the public to be vigilant after recent reports revealed that callers pretending to be from government departments, predominantly the Inland Revenue Department (IRD) had demanded money in the form of vouchers.
On the Wire: FTC Shuts Down Fake Charity Phone Scam – Phone fraud comes in many forms, and it’s not always obvious that a particular version is actually a crime. The FTC has just shut down a company that was running a phone fraud scam that involved pressuring victims to make donations to a fake charity for disabled people and pressured people into buying insanely overpriced goods.