Contact centres: The new frontier in fraud prevention
We carried out an independent survey of 250 senior fraud professionals to gain a clear picture of the scale of fraud that they are currently aware of. Read on to find out more.
Fraud seen in all sectors
The research, which spans the financial services, travel, retail and telecoms sectors, suggests that organisations understand that contact centres are a target. More than 85% of respondents report high fraud-related activity across all business sectors, with telephony channels being just as vulnerable as online or mobile channels.
Certain industries, such as travel, report particularly high fraud activity in both interactive voice response (IVR) at 66% and with contact centre agents (55%).
“Fraudsters are constantly looking for softer targets in sectors like retail or airlines, where they can conduct last-minute attacks such as fraudulent ticket purchases”
Tim Burton • Smartnumbers • Chief Product and Success Officer
Humans are an easy target
Human vulnerabilities are easy to exploit. Among the most common fraudster tactics are:
- Tricking agents (social engineering), reported by 40% of respondents
- Using devices to change the caller’s voice, reported by 32%
- Suppressing notifications by going paperless, reported by 31%
Agents are trained to be helpful and they’re under time pressure, which means they might unwittingly overlook security rules for a fraudster who they think is a genuine customer with a difficult problem.
Fraudsters are becoming more skilled at manipulating agents into giving away information or carrying out small account changes. These are early signs of fraud that often happen long before the cash-out stage.
Yet human-to-human fraud is the tip of the iceberg and it’s not scalable. It’s the bots we should be scared of.
Beware the bots
It’s the bots we should be scared of.
As with many legitimate organisations, fraudsters are turning to automation technology to increase the speed and volume of their activity.
Mass attacks on multiple companies in multiple sectors use bots to target IVRs and identify high-value accounts to ensure maximum return on fraud.
“Fraudsters exploit the IVR by making numerous attempts to extract or validate information, a process that can take multiple calls before they get what they need. This activity is often invisible to businesses.”
Matthew Addison • Smartnumbers • Chief Revenue Officer
Current fraud-prevention gaps
Many companies still take a reactive approach to fraud.
Fewer than half of those surveyed have automated fraud-detection methods in the contact centre, such as:
- Flagging incoming calls from denylisted or numbers, reported by 44%
- Flagging incoming calls because of unusual behaviour (e.g. making multiple calls in quick succession or using withheld numbers), reported by 39%
Many are relying instead on outdated or manual processes – some large organisations still use sticky notes on agents’ desktops to flag denylisted numbers.
Fraud signals in the contact centre should be fed into overall fraud-prevention strategies because they’re signs of reconnaissance or data acquisition.
Missed opportunities for data sharing
Data sharing is key because fraudsters commonly exploit weaknesses in one organisation or channel to gather the data needed to attack another target.
- 94% of respondents report sharing some form of fraud data internally, yet only half have formal processes for this.
- There is a hesitancy to share fraud intelligence externally – because of fears about data quality, giving away a competitive advantage or concerns about perception.
But fraud threatens entire sectors, not just a few companies.
Sharing should be easy and standard practice, because insights about fraudsters’ activities and behaviour patterns could make everyone safer.
Moving beyond financial loss
When organisations prioritise and measure fraud prevention at the financial transaction stage, they overlook the critical role that protecting customer data plays in preventing fraud.
Better awareness at the early stages can make it easier to catch fraudsters. An organisation that has the tools to identify suspicious data-gathering activity can flag the accounts being targeted so its fraud-prevention team can watch those accounts and catch fraudsters in the act.
“By using early-warning systems and sharing fraud intelligence, companies can spot suspicious activity sooner. This means less damage and fewer opportunities for fraudsters to exploit data across multiple channels.”
Tim Burton • Smartnumbers • Chief Product and Success Officer
