Call Center Fraud
Detect Call Center Fraud Through Behavior Based Analytics
Call center fraud is a large and growing problem. Research and advisory firm Aite Group claims that 61% of all fraud cases can be traced back to a call center. Fraudsters can use a call center for data mining and account takeovers – for example, by changing an account password or customer address – and this becomes a launching point for cross-channel attacks.
According to one report, call center fraud has increased more than 350% in recent years. Several factors are causing the increase. Since personally identifiable information (PII) has and continues to be stolen in an endless stream of data breaches, most of the details required to carry out these type of attacks using phishing and social engineering are available for purchase on the dark web. However, it’s also possible that the fraudster could be working with a malicious insider who provided the PII required to compromise the target account
“A US insurer told Forrester that 50% to 60% of all fraudulent activity the firm experienced involved the CCC (customer call center) in some form.”
Best Practices: Customer Call Center Authentication
Forrester, March 22, 2019
Fraudulent Behavior in Call Centers Is Becoming More Difficult to Spot
A criminal might make several calls to set the stage for his eventual fraud attack. For example, he may call one day to reset an account password and call again days later to provide a new mailing address. Those activities, in and of themselves, don’t typically raise an alert, especially when a different Customer Service Representative (CSR) handles each call. However, viewed holistically with other transactions, these actions could show a pattern of high-risk behavior. A CSR would not see this pattern due to his limited view of a single call ticket.
Another common fraudster trick is spoofing the phone number shown through Caller ID using software readily available on the Internet. The fraudster can appear to be calling from the victim’s geographic region or actual phone number. This means data such as the phone number and the call location origin are poor sources of caller authentication.
Gurucul Fraud Analytics Identifies Risky Calls and Transactions
In any call center, CSRs focus on taking care of customers’ needs and providing good customer service. Screening for fraud is not their job. Instead, technology must be used to find fraudulent behavior and bring it to light. This is what Gurucul Fraud Analytics, a modern fraud management engine, can do with incredible accuracy.
Legacy fraud management platforms lack the capabilities to make critical data associations and identify anomalous behaviors of user accounts. But Gurucul Fraud Analytics leverages a range of modern technologies from Big Data to machine learning to analyze millions of datapoints from a variety of siloed, cross-channel sources, such as ticketing systems, phone systems, core banking systems (CBS), and even public databases – all linked to a user identity. By ingesting and linking vast amounts of data from these disparate sources, Fraud Analytics can identify anomalous behavior in real time, so that companies can intervene before a financial loss occurs.
Gurucul Fraud Analytics produces a risk score that, if sufficiently high, alerts the Security Operations Center. Mitigation actions can be automated; for example, canceling a scheduled payment transfer before it can happen.
Financial institutions are highly regulated, with a fiduciary responsibility to protect their depositors’ and investors’ interests and assets. Gurucul provides the advanced fraud analytics solution necessary to accurately detect call center fraud in real time in order to disrupt the scheme and prevent loss.