Almost half of the UK’s fraud losses are linked to the retail sector, according to BDO’s FraudTrack 2025, with retailers reporting total losses of £11.3B in 2024. Retailers that wish to prevent further losses should follow the example of retail banks and look at the contact centre for answers.
The retail sector is vulnerable to fraud due to high transaction volumes, facilities such as one-click payment and buy-now-pay-later (BNPL), flexible delivery options and generous return policies. Alongside a strong focus on relationship building, trust and low-friction customer experience, these traits are easily exploited by fraudsters.
Just as in other sectors, the majority of customers make purchases and engage with retailers online. So the focus of security controls is typically on online channels too – and, even there, security is balanced with the need to keep the customer experience as smooth as possible. The contact centre is often a weak spot, making it a popular access point for fraudsters.
Why the contact centre matters
Fraudsters use contact centres at multiple stages during a fraud, often to gather the data or make small changes that make later attacks possible. Often these attacks take place outside the contact centre in other customer channels, or indeed in other companies or sectors. This is true across all sectors.
Calls from a fraudster to a retailer’s contact centre are are likely to include the following:
- Calls to steal or test stolen customer details – attempts to pass security in the IVR or with an agent
- Changes to account details – to reset login details or to add a new delivery address
- Questions about returns policies or payment options
These small interactions in the contact centre can seem harmless in isolation and are often overlooked, but together they enable fraudsters to gather the information they need to make fraudulent purchases, initiate delivery diversions, dispute transactions, or gain access to financial details to carry out fraud elsewhere.
Protecting the contact centre from this activity is vital to reduce both financial and inventory losses without harming customer experience.
How Smartnumbers disrupts the fraud lifecycle
With Smartnumbers, retailers can benefit from a low friction fraud prevention solution that draws on the combined fraud intelligence of all platform users, stopping repeat offenders faster.
Smartnumbers users – known as consortium members – include several large retail banks, telcos and insurance companies. From their call data, we know that 68% of flagged calls target more than one organisation, proving that cross-sector collaboration is essential.
Organisations using the Smartnumbers platform in their contact centres are able to analyse every inbound call before it reaches an agent. The platform checks call signaling data, caller behaviour and intelligence on known fraudsters provided by consortium members so that they can spot suspicious calls and decide how to handle them.
When calls are confirmed as fraud, the numbers used can be added to denylists and the accounts involved can be secured or shut down. Deeper analysis of calls from suspicious numbers or targeted accounts leads to wider fraud insight, such as uncovering additional numbers or accounts used by fraudsters and fraud methods.
Success across sectors
Most organisations using Smartnumbers had some initial suspicions that fraudsters were operating in their contact centres, but they did not know how big the problem was. In all cases, they discovered that contact centre fraud was a far larger problem than expected – and that substantial losses could be prevented in this channel.
Across the consortium, nearly 2,000 fraudster profiles have been identified, with criminals often using dozens of numbers each. In our experience, it takes an average of 26 calls before fraud is executed, over a period of several weeks – allowing fraud teams plenty of time to take action.
Here are some examples of the kinds of discoveries that Smartnumbers consortium members have made:
- One large retail bank identified calls linked to mule gangs and was able to shut down the accounts associated with them. Their discovery enabled other retail banks to check for calls from the same numbers.
- An insurance company has spotted repeat callers using stolen IDs to apply for motor insurance policies. It was able to cancel all bogus policies and prevent new ones being set up.
- A large telco has prevented callers initiating SIM swaps that enable fraudsters to bypass payment card OTP controls.
Read more about these examples here.
All consortium members report repeated attacks on IVR systems to test and steal customer data. In many cases, it’s the same fraudsters, operating in organised groups, switching between consortium members, trying out new tactics when old ones are disrupted.
Take action now
It’s clear fraudsters are targeting your contact centre long before they strike. By focusing on early warning signs in the contact centre, and leaning on shared intelligence from existing Smartnumbers customers, retailers have the opportunity to prevent fraud without adding friction for genuine customers.
To learn more about how Smartnumber Protect can help your organisation prevent fraud, read our solution overview.
