arrow left facebook twitter linkedin medium menu play circle

Digital Fraud Wiki

Call Center Scams

What is a Call Center Scam?

A call center scam is where a fraudster phones a call center and impersonates a real customer with the goal of taking over that person’s account or obtaining personal information that can be used for other fraud attacks. Some fraudsters target a financial institution (FI) call center to commit application fraud through the call center itself. Some fraudsters target a call center not only to take over an account but also to obtain information that can be used to commit application fraud at other financial institutions.

What Should Organizations Know About Call Center Scams?

Call center security measures typically include knowledge-based authentication (KBA) questions which are used to verify the identities of callers. Call center agents often ask callers for personally identifiable information (PII) such as home address, last four digits of a social security number, or birth date. However, the growing number of massive data breaches and social engineering attacks such as phishing and vishing schemes has led to vast volumes of PII available to fraudsters, usually through dark web marketplaces. Today, it is not difficult for fraudsters to obtain information they can use to beat KBA questions and impersonate real customers.

Once a fraudster has successfully fooled a call center agent into believing they are a real customer, the fraudster could do many things with that account access. For example, the fraudster could ask the call center agent to send them a new credit card right away to a different address. The scammer might tell the agent that they were traveling and lost their credit card. Or the fraudster may tell the agent that they lost everything in a house fire including their credit card and a new card must be sent to their hotel right away.

Another example is that the fraudster could trick the call center agent into adding them as a secondary on a customer’s account. As a secondary on an account, the fraudster can build good credit over time for bust-out fraud schemes. Financial institutions lose millions of dollars each year to bust-out fraud schemes which are in large part, orchestrated by organized crime rings. These crime rings often engage in fraud stacking where they target numerous FIs and create thousands of fraudulent credit applications. 

Call center scams are a growing, industry-wide problem that cost financial institutions hundreds of millions of dollars each year:

  • Contact center loss is expected to increase from $393M in 2015 to $775M in 2020. 
  • 61% of fraud in the U.S. can be traced back to call centers. 
  • Call center fraud increased from 1 in every 2000 calls in 2016 to 1 in every 937 calls in 2017- a 113% fraud rate increase.   

Prevent Call Center Fraud with DataVisor

In comparison to many of the newer and more cutting-edge emerging fraud techniques, call center scams are often seen as somewhat old-fashioned, in that they have traditionally been perpetrated at smaller scale, and often by single individuals working one account at a time. This is changing as more and more illegally-obtained data is becoming available on the dark web via massive breaches, and as call center scams become part of larger and more coordinated fraudulent actions. Fighting these scams at the account level is no longer sufficient; to prevent the large-scale damage that call center scams help make possible, fraud solutions must be able to detect the coordinating authority behind the scams, and correlate the patterns that reveal the larger orchestrations. Call center scams are no longer isolated incidents. They are becoming components of highly sophisticated and coordinated fraudulent activities managed by agile and tech-savvy fraudsters working hard to obscure their digital footprints. Only a solution like dCube, that can quickly and accurately connect the dots between seemingly disparate incidents, can expose fraud rings and defuse their attacks before damage occurs.

Additional References

Blog: Emerging ATO Tactic: Call Center Scams – Part 1

Blog: How Call Center Fraud Leads to Account Takeover Fraud – Part 2

Blog: Deconstructing Recent Data Breaches

Blog: What Fraudsters Are Doing with Breached Data

Source: Call Center Fraud Attacks Have Increased by 113%, Pindrop

Source: 61% of Fraud Traced Back to the Contact Center, Pindrop