Fraudsters are exploiting contact centres as entry points for co-ordinated, increasingly
AI-driven cross-sector attacks. Businesses that can respond with earlier detection and greater collaboration hold the key to combating widespread organised crime, writes Jamie Melling
Fraud accounts for an estimated 41% of all crimes against individuals in England and Wales, according to the National Crime Agency. Fraud often goes unreported, but UK Finance believes fraudsters stole £1.17 billion in the UK in 2024. Much of that was lost in authorised push payment (APP) fraud cases, where victims are tricked into transferring money to criminals.
UK Finance attributes just 16% of APP scams to telephony channels, but that doesn’t cover other crimes, such as account-takeover fraud, which banks are reporting at high volumes. Nor does it account for the kinds of fraud seen in other sectors. At Smartnumbers, we have a broad picture of how fraudsters use contact centres at multiple stages during a fraud, often to gather the data that makes later attacks possible.
Contact centres, once seen simply as service hubs, are being exploited by fraudsters who use them as gateways to sensitive customer information and to open accounts that will be used in wider organised crime schemes. According to our research and conversations with experts in sectors where we work – such as travel, telco, banking and insurance – these attacks are widespread and growing in scale.
As criminals increasingly use automation and AI to scale their operations, combating these threats requires more than tactical fixes. It demands systemic changes in how organisations detect warning signs, manage risk and collaborate. Fraud does not recognise industry boundaries; neither should the defences against it.
Reconnaissance: the hidden stage
Financial loss is the visible tip of the iceberg. Beneath it lies the reconnaissance phase where criminals gather information that will later make fraud possible. They only need to succeed once in this.
Our research shows that fewer than half of organisations have automated tools to flag warning signs – such as calls from numbers registered on deny lists, multiple calls from the same number in quick succession or multiple customer accounts or policies being targeted by the same caller(s). Many still rely on manual workarounds. The result is a critical blind spot, with businesses remaining focused on transaction-based events while attackers move freely in the earlier stages of the fraud process.
The sector landscape
Across sectors, we see the same playbook repeated thousands of times by organised groups of fraudsters. This includes attacks on IVR systems to test stolen data, or speaking to contact centre agents and making seemingly low-risk requests, such as checking an address or adding a secondary number. These seem harmless in isolation but they enable fraudsters to set up an account for later attacks. Data validated in one sector can also be used in another. For example, telco account records can be gathered to help bypass security with an airline or a bank.
Some businesses may be struggling to modernise, but criminals are not. They have embraced automation and, increasingly, artificial intelligence (AI). Analysis of our own data shows that bots are increasingly probing IVR systems to steal or validate stolen personal data. If a fraudster knows a person’s birth year and month, a bot can easily make 31 calls to find the correct day. Combined with details gathered from sources such as social media, that can unlock customer accounts.
Criminals also develop specific approaches to fraud for different sectors. Our insurance customers see “ghost brokers” – fraudsters setting up policies using stolen IDs that will be used to make later claims. Similar ghost brokers are reported with regard to mortgages and airline tickets. Airlines tell us that fraudsters use the information they’ve gathered to buy last-minute tickets on stolen cards or with stolen loyalty points. Waiting until the last moment makes it less likely the fraud will be uncovered before the trip.
In telcos, fraudsters hack accounts to add extra devices or enable SIM swaps that allow them to then hijack a victim’s mobile number and intercept one-time passcodes for use in card fraud. It’s a patchwork of vulnerabilities that fraudsters exploit, often collaborating with other groups to pool their expertise.
Collaboration is non-negotiable
Fraudsters share information freely, but businesses rarely do. Within sectors, we’re told progress is uneven but growing. Airlines, for example, tell us they have stepped up intelligence-sharing, recognising that an attack on one carrier can affect others. Banks, too, are improving co-operation internally and with peers. But cross-sector collaboration remains limited.
Legal complexity and data-privacy rules add friction, but cultural barriers are just as significant. One banking executive we know calls it a “lost opportunity”, pointing out that data from telecoms companies regarding fraudulent activity on customer accounts could flag SIM swaps or identify mule accounts – bank accounts opened or controlled by criminals to launder stolen funds.
Inside firms, the fix is practical: make the contact-centre fraud team a hub for fraud signals. “We reach out to other teams about fraud they’re seeing, then go hunting for their phone numbers [in Smartnumbers],” says an investigator from a bank we work with. He says: “We’ve become a bit of a hub for other fraud areas to refer to.” The result is earlier flags on repeat callers and the ability to connect multiple numbers to the same criminal gangs.
Flagged numbers turn intelligence into prevention. Another bank investigator tells us, “By using [numbers flagged by other companies] as part of our deny list, we’ve identified a multitude of different frauds around particular mortgage brokers”, discovering ghost-broking patterns that were previously hard to track. The same gangs hit telcos, banks and airlines within days; the only credible response is to act like a network, too. Collect early signals, share them quickly across teams and widen the circle to adjacent sectors.
Tackling a systemic threat
The fraudster profile features in our platform go some way to bridge these gaps for customers, enabling fraud investigators in contact centres to share intelligence with each other on malicious callers and tactics they use. But for intelligence to be even more useful requires buy-in from the whole organisation – and more widely across sectors. As the pool of insights grows larger, so our defences grow stronger.
Contact centre fraud is not an isolated nuisance; it’s a systemic threat that spans industries and channels. Criminals adapt fast, leveraging AI, automation and collaboration to outpace conventional defences. Businesses must respond in kind – by monitoring early-stage reconnaissance, integrating fraud signals across teams and sharing intelligence beyond organisational boundaries.
As our research made clear, there are still gaps in many organisations’ fraud defences. Closing the gaps demands both a shift in focus and collective action, because when fraud crosses sectors, so must the response.
If you would like a more in depth understanding of what our cross-sector client base is seeing when using Smartnumbers, read our Smartnumbers Annual Fraud Review 2025.
