Pindrop, leader in call center fraud protection and authentication and developer of call analytics security solutions, released a report about alarming trends in phone fraud incidents and costs in multiple areas. The report is made by Pindrop Labs researchers using Pindrop’s Phoneprinting technology. It analyzed more than 10 million call center calls in the US and UK and was published in the 2016 Call Center Fraud Report. The data validated that the phone fraud attempts have risen 45% since 2003. Furthermore, the report outlines impact by vertical, attacker device type, and attacker location for enterprises in the US and UK, as well as new trends and attack vectors used by organized crime.
The researchers found that organizations lost about $0.65 per call to fraud. The cost multiplied by the amount of calls received every single working day can add up to millions worth. In line with the rising threat to security due to these fraudulent activities, Pindrop suggested that there is a need to advance online and mobile security especially in what is commonly tagged as the weakest link: the call centers.
Here are the key findings in Pindrop’s 2016 Call Center Fraud Report published in their website:
- One (1) in every 2000 calls is fraudulent
- 45% increase in cases related to fraud in two (2) years
- Fraud loss increase 14% in two (2) years
- In 2015, enterprises lost an average of $0.65 to fraud per call. This means a large call center that receives 40 million calls per year can expect to lose between $17 million and $27 million per year.
- UK financial institution call centers are being hit with very high levels of fraud attacks when compared to its counterparts in the US. In the UK, fraud rates are at 1 in 700 calls, which is more than double the 1 in 1,700 calls in the US.
- Fraud rate and exposure vary by industry. This past year, credit unions had the potential to lose $29 million in fraud exposure. Life Insurance companies faced a greater risk of $31 million in potential loss, which is three times larger than the average of other financial institutions.
Call centers: The weakest link
The Human Element Is Unreliable – Call centers that rely on live agents to look for suspicious callers are at high risk for social engineering attacks. They also risk customer experience, by forcing agents to enforce policy before helping the customer.
The IVR Is A Blind Spot – Most companies do not have sufficient insights into customer IVR activity. Pindrop researchers analyzing IVR calls found repeated PIN resets, account mining, extremely long calls, and other suspicious activity that indicates IVR fraud at a rate close to that seen in live agent fraud.
Caller ID Can’t Be Trusted –Call metadata like Caller ID numbers, Automatic Number Identification (ANI), or Calling Line Identification (CLI ), is completely unreliable today. Fraudsters have cheap and easy solutions to spoof this information.
Knowledge Based Authentication Doesn’t Work – Gartner estimates that 10 to 30 percent of legitimate callers fail KBA, while criminals are sometimes able to answer successfully. The abundance of customer information available on the black market mean fraudsters can easily find the correct answers.
That, of course, is where Pindrop’s technology comes in, analyzing calls’ contextual data in order to determine fraud risks; it complements similar behavioral biometrics platforms such as NuDetect, which looks at user behavior with respect to online and device interfaces in order to detect potential fraud attempts. And, of course, voice biometrics solutions are on the rise, with companies like Nuance Communications seeing increasing call center deployments – particularly at banks – that can improve both security and the customer experience. As they are adopted, these emerging solutions should help to mitigate the rising risks outlined in Pindrop’s new report.
There is an alarmingly large increase in attackers targeting call centers to gain access to funds and steal key assets including money, merchandise and proprietary information. This problem is not restricted to US financial institutions — this is a growing problem on a global scale. The common thread is that criminals go where the likelihood of detection is lowest and the rewards are high.
~ David Dewey, Director of Pindrop Labs