Mobile fraud of all forms has risen in recent years, with contact centres especially at risk. Here are some key facts about contact centre fraud, and what you can do to minimise your risk.
How contact centre fraud works
Contact centre fraud has been increasing at an exponential rate in recent years. From 2016 to 2017 alone, the number of fraudulent calls made to contact centres rose by 113%.
Like most forms of fraud, the motivation for fraudsters is financial gain. They accomplish this by gathering information on a victim over time and then exploiting weaknesses in the security of contact centres to gain access to sensitive information.
Today, fraudsters are not only organising to improve their effectiveness, but they also have access to tools like automated outbound dialling, commonly referred to as robocalling or robo-dialling, which is only contributing to the problem.
Here are just a few of the techniques that contact centre fraudsters employ.
- Social engineering
A slightly more old-fashioned technique, social engineering is the process of acquiring sensitive information from a victim through seemingly innocent interactions. Social engineering can take on a variety of forms, though within the context of contact centres it usually involves the fraudster contacting the victim and manipulating them into releasing desired info.
Social engineering is used in 66% of all over the phone and online fraudulent attacks. This technique is particularly dangerous because it usually targets the average consumer rather than a business, taking advantage of their lack of technical insight.
Vishing is when a fraudster impersonates another person over the phone. The name is a combination of "voice," and "phishing," which is a common fraud technique used over email.
Fraudsters who use vishing techniques do so in one of two ways. They'll either contact an individual pretending to be a service provider/business, or they'll contact a service provider/business under the guise of being one of their customers/employees.
For vishing to be successful, the fraudster will usually need to gather identifying information beforehand - personal info, passwords, security questions - which they do either by social engineering or IVR mining.
- IVR mining
IVR Mining - short for Interactive Voice Response Mining - takes advantage of the automated IVR system that so many contact centres implement these days. Before granting access to a person's account, these systems ask for knowledge-based authentication (KBA).
Without KBA, the fraudster can't gain access to the individual's account. What they can do, though, is trial and error their way through the response system. Because these systems are automated, it's not too difficult to contact it continuously without being noticed.
Fraudsters take advantage of this by using automated outbound dialling, which call the IVR system repeatedly while trying different responses. When a response is correct, the automated outbound dialler saves it, eventually stashing all the necessary KBA to access a person's account.
The impact of contact centre fraud
Unfortunately, the effects of fraud can be felt far and wide.
Contact centres might be one of the most susceptible areas of business to mobile fraud, but several industries at all different levels are struggling with the impact the rise in fraud is having.
Research by Gartner has found that departments like sales and finance are being hit the hardest, with an average of $0.58 being lost per call due to fraud. This totals up to more than $14 billion in the United States alone.
Even though companies are trying to fight back, most of them are using outdated methods that fraudsters have already figured out how to bypass. This means that businesses are spending a combined $8 billion on fraud defence that doesn't work anymore.
How JT is fighting contact centre fraud
Despite contact centre fraud rising rapidly in recent years, there still aren't many companies working on a solution. That's why JT is taking the lead on reducing the cases of fraud across industries, which includes protecting contact centres.
JT is using real-time data to keep companies safe against the increasing threat of fraud. In conjunction with the UK operators, JT can use data on the roaming status of a device in order to determine if someone is looking to make a transaction abroad. Combined with JT’s tools on determining the forwarding status of a device and by performing SIM swap check for compromised devices, JT offers a ‘safety net’ of information that fraudsters can’t easily fake.
Unlike KBA safeguards, JT's defences can run passively in the background. This allows you to reduce the time a person spends on call, making the process more convenient while also more secure.
Sticking to outdated fraud protection is not only ineffective against today's fraudsters, but it can also cost your company millions in lost revenue. If you're ready to improve your contact centre's security, consider partnering with JT to take advantage of our tried and tested security measures.
To learn more about how we can protect your services from the these three types of fraud, download our product overview.