Are You Protected from Contact Center Fraud?
Payments companies are used to defending themselves against fraud from all sorts of angles, but they would do well to mind the phones. By 2020, 75 percent of omni-channel, customer-facing companies will face a targeted attack, with the contact center as the primary point of compromise, according to Gartner research. Also, by 2020, only 30 percent of companies will have fraud detection and prevention measures in place that include contact centers.
Attacking contact centers, fraud can include account takeovers, credit card replacement and life insurance theft, according to Pindrop, an Atlanta-based voice security and authentication provider. “One of the most popular scams … is for hackers to phone representatives in the contact center [and use] social engineering to gather basic information about a customer they are pretending to be,” says David Dewey, Pindrop director of research. “They will use persuasion and intimidation to manipulate representatives to give them more information. Fraudsters then hang up, call back and access accounts, change passwords, transfer funds, etc.,” he tells Paybefore. Contact center fraud is up more than 100 percent from 2015 to 2016, as companies are investing more heavily in physical and online security, according to Pindrop.
Dewey says companies in the payments industry often are targeted by fraudsters. “In more complicated attacks, we have seen scenarios where payments companies actually lend money to their customers to complete payroll. Fraudsters will call in, establish lines of credit, issue payroll and disappear,” he explains. Another scenario is when fraudsters use stolen information to load prepaid cards and make purchases. The fraudsters then call the prepaid card provider claiming they did not make those purchases, and sometimes are able to get the company to restore the funds, according to Dewey.
Phoneprinting to Fight Fraud
Gartner identifies phoneprinting, which analyzes calls to identify malicious behavior and verify legitimate customers, as one method to identify attacks—a technology Pindrop, among other companies, provides.
Phoneprinting as part of Pindrop’s Fraud Detection System takes approximately 20 seconds of call audio and breaks it down into 147 unique call features, such as a caller’s true location, device type, signal transfers, tones and background noise, to create a distinctive identifier for each caller, Dewey says. Pindrop’s system detects voice distortion, caller ID spoofing, gateway hijacking and other smokescreen techniques. When a fraudulent call is detected, the caller typically is transferred to an agent specialized in dealing with and flagging fraudsters, he adds.
Pindrop announced March 28 it will be integrating its fraud detection services with Amazon Connect, a cloud-based contact center from Amazon Web Services. Pindrop enables Amazon Connect customers to establish risk scores for incoming callers and integrate those risk scores into Amazon Connect so that customers can route questionable calls to fraud specialists.