A report issued last month reported a 45% increase in call center fraud between 2013 and 2015, along with an increase of losses from fraudulent call center transactions of 14%. This includes an increase in domestic fraud calls (calls originating from within the targeted country increased from 36% to 51%.
There are three primary factors driving this increase in fraud through call centers. The first is the EMV rollout within the US which makes card-present fraud much more difficult, shifting fraudulent activity towards easier targets. The shift towards remote (customer not present) targets for fraud was largely anticipated based on trends seen after the UK adopted EMV more than 10 years ago.
The second factor driving this increase in call center fraud is the ease of “spoofing”, or altering the number that is displayed for caller ID, phone calls. There are now hundreds of services, including free apps, which allow consumers to easily falsify the telephone number reflected on caller ID without having a high level of technical sophistication.
While call centers are aware of the threat of fraud, traditional methods of verifying the caller (caller ID, verifying account information) are no longer sufficient to prevent fraudulent transactions. The combination of massive breaches and phishing scams has armed fraudsters with the information needed to get past these hurdles.
To combat the increasing fraud, call centers need to remember what is driving the fraud shift – fraudsters are seeking the easier target. By adding additional layers to verification such as outgoing one-time passcodes or dynamic knowledge based authentication questions call centers can make their operations more difficult targets. Just as with the adoption of EMV, fraudsters will shift towards the targets that are still easy.