Topics Types of Bank Fraud 12 Most Common Types of Bank Fraud Account Takeover (ATO) Fraud Advance Fee Fraud Check Fraud ACH Fraud Real-time Payment Fraud First-Party Fraud Wire Fraud Zelle Fraud Types of Card Fraud Credit Card Fraud Debit Card Fraud Lost or Stolen Card Fraud Card Skimming Card Cloning Chargeback Fraud Card Not Present (CNP) Fraud Fraud Defenses Anti-Money Laundering (AML) Behavioral Biometrics Crowdsourced Abuse Reporting Device Fingerprinting Real-time monitoring Email Reputation Service IP Reputation Service SR 11-7 Compliance Supervised Machine Learning Suspicious Activity Reports (SARs) Tokenization Transaction Monitoring Two-Factor Authentication (2FA) Unsupervised Machine Learning Fraud Tactics Bot Attacks Call Center Scams Credential Stuffing Data Breaches Deepfakes Device Emulators GPS Spoofing Money Mule Scams P2P VPN Networks Phishing Attacks SIM Swap Fraud URL Shortener Spam Web Scraping Fraud Tech Anomaly Detection Device Intelligence Feature Engineering Generative AI Identity (ID) Graphing Network Analysis Natural Language Processing Fraud Types Application Fraud Transaction Fraud Payment Fraud Pump and Dump Scams Bust-Out Fraud Buyer-Seller Collusion Content Abuse Cryptocurrency Investment Scams Money Laundering Loan Stacking Romance Scams Rug Pull Scams SIM Swapping Synthetic Identity Theft Cryptocurrency Scams Pig Butchering Scams Call Center Scams What is a Call Center Scam? A call center scam is where a fraudster phones a call center and impersonates a real customer with the goal of taking over that person’s account or obtaining personal information that can be used for other fraud attacks. Some fraudsters target a financial institution (FI) call center to commit application fraud through the call center itself. Some fraudsters target a call center not only to take over an account but also to obtain information that can be used to commit application fraud at other financial institutions. What Should Organizations Know About Call Center Scams? Call center security measures typically include knowledge-based authentication (KBA) questions which are used to verify the identities of callers. Call center agents often ask callers for personally identifiable information (PII) such as home address, last four digits of a social security number, or birth date. However, the growing number of massive data breaches and social engineering attacks such as phishing and vishing schemes has led to vast volumes of PII available to fraudsters, usually through dark web marketplaces. Today, it is not difficult for fraudsters to obtain information they can use to beat KBA questions and impersonate real customers. Once a fraudster has successfully fooled a call center agent into believing they are a real customer, the fraudster could do many things with that account access. For example, the fraudster could ask the call center agent to send them a new credit card right away to a different address. The scammer might tell the agent that they were traveling and lost their credit card. Or the fraudster may tell the agent that they lost everything in a house fire including their credit card and a new card must be sent to their hotel right away. Another example is that the fraudster could trick the call center agent into adding them as a secondary on a customer’s account. As a secondary on an account, the fraudster can build good credit over time for bust-out fraud schemes. Financial institutions lose millions of dollars each year to bust-out fraud schemes which are in large part, orchestrated by organized crime rings. These crime rings often engage in fraud stacking where they target numerous FIs and create thousands of fraudulent credit applications. Call center scams are a growing, industry-wide problem that cost financial institutions hundreds of millions of dollars each year: Contact center loss is expected to increase from $393M in 2015 to $775M in 2020. 61% of fraud in the U.S. can be traced back to call centers. Call center fraud increased from 1 in every 2000 calls in 2016 to 1 in every 937 calls in 2017- a 113% fraud rate increase. Prevent Call Center Fraud with DataVisor In comparison to many of the newer and more cutting-edge emerging fraud techniques, call center scams are often seen as somewhat old-fashioned, in that they have traditionally been perpetrated at smaller scale, and often by single individuals working one account at a time. This is changing as more and more illegally-obtained data is becoming available on the dark web via massive breaches, and as call center scams become part of larger and more coordinated fraudulent actions. Fighting these scams at the account level is no longer sufficient; to prevent the large-scale damage that call center scams help make possible, fraud solutions must be able to detect the coordinating authority behind the scams, and correlate the patterns that reveal the larger orchestrations. Call center scams are no longer isolated incidents. They are becoming components of highly sophisticated and coordinated fraudulent activities managed by agile and tech-savvy fraudsters working hard to obscure their digital footprints. Only a solution like DataVisor Fraud Platform, that can quickly and accurately connect the dots between seemingly disparate incidents, can expose fraud rings and defuse their attacks before damage occurs. Additional References Blog: Emerging ATO Tactic: Call Center Scams – Part 1 Blog: How Call Center Fraud Leads to Account Takeover Fraud – Part 2 Blog: Deconstructing Recent Data Breaches Blog: What Fraudsters Are Doing with Breached Data Source: Call Center Fraud Attacks Have Increased by 113%, Pindrop Source: 61% of Fraud Traced Back to the Contact Center, Pindrop