Last week, Symantec released its 2011 Global State of Security Survey. The report highlighted a number of online-related concerns, and also stated that IT Executives have a heightened awareness (49%) coming from hacking, spoofing, and the rise of social engineering.
Not surprisingly, the report indicated that financial losses coming from all attacks are substantial, and additional sources of those costs can include lost productivity, lost organizational, customer or employee data, and damage to a company’s brand reputation.
As IT departments try to pinpoint what areas to focus on to ensure their systems are protected from evolving threats, many are overlooking the primary attack vector – the call center.
Many well-intended security professionals seem fixed solely on Internet authentication and security. However, if you want to automate business processes, enhance customer communications, and take advantage of new technologies, you’d better “bake” cyber security and risk management into the customer channels, including ATMs, the Internet and the telephone.
One of the reasons why telephone fraud and social engineering has picked up in recent years is the fact that criminals now have the ability to gain or change an address or account data, which is necessary to perpetrate larger and more profitable online crimes. Once a criminal controls your customers’ information – primarily through the telephone channel – criminals use the newly acquired personally identifiable information (PII) data to commit crimes through the online channel.
In the article, “PCI Council Issues Advice for Securing Card Data in Call Centers,” Jeremy King, European director of the security council, said one of the prime targets for criminals today is the call center.
Cybercrime is fueled by social engineering over the telephone. Knowing this, it is critical that financial institutions become aware of evolving criminal tactics designed to trick call center agents into divulging legitimate bank account information. Caller ID spoofing is a key component for creating the false trust needed to commit telephone fraud. Stopping criminals from stealing and changing personal and financial data in the call center is the smartest Internet security investment a bank can make.
Doing so, however, requires a bank to deploy an effective, yet non-intrusive identity authentication solution like the TrustID® Telephone FirewallTM validation solution, which converts ANI and Caller ID into a powerful physical security and authentication tool that can be used to close the security gaps that call centers have today.
By combining real-time telephone network data, telephony reference databases and powerful risk-scoring analytics that include proprietary and customer-specific modeling, TrustID enables banks and financial institutions to undetectably validate the calling party number to reduce their risk of more sophisticated telephone schemes targeting bank call center representatives. If phone hacking, spoofing and social engineering are becoming a growing concern for your business, a free trial of the TrustID Telephone Firewall is a quick and easy way for you to gain greater insight into who’s calling your call center.
Tags: ANI, ANI Spoofing, Caller ID Spoofing, phone hacking, social engineering, telephone authentication, Telephone firewall, telephone fraud, TrustID
