Variety is the spice of crime

Posted on: May 03rd, 2017 by Art Barger

They say variety is the spice of life. For bad actors, it’s becoming the spice of crime. 

Unlike traditional ways to defraud banks, today’s criminals have many ways to penetrate a bank’s contact center. Knowing the different ways impostors can fool telephone systems and unsuspecting call center agents is important to spotting and stopping fraud attempts that target customer accounts.

Many of the most common credit card fraud types facing today’s contact centers involve Caller ID spoofing. They include:

  • Lost or stolen credit card: Using a spoofed Caller ID, an impostor calls a bank claiming they’ve lost their credit card or says their card was stolen. With enough personal information in hand, they correctly answer knowledge-based questions to gain the trust of the telephone agent. As a result, they order a new replacement card sent to an updated address or to the actual customer’s address without the victim’s knowledge.

  • Non-Receipt (NRI): When a crook intercepts a credit card that’s mailed to an old or invalid address, they spoof their Caller ID before calling the contact center to activate the card. Once activated, they can use the card to illegally purchase items.

  • Card-not-present fraud: Whether the thief has stolen the card or has obtained the cardholder’s personal and financial details such as their name, billing address, and the card’s 3-digit security code and expiration date, fraudsters call merchants using spoofed phone numbers to make fraudulent transactions.

  • Account takeover: When attempting to take over a customer account, a crook uses a fake Caller ID when phoning into the bank’s contact center. Impersonating a real customer and using valid customer information such as their address, Social Security number and date of birth, the criminal requests a change of address or pin number to gain access to the account. Once in, they can transfer money to another account or request a new card before the legitimate customer is aware of the takeover or transaction.

To stop these and other types of telephone scams like fraud application, phone counterfeit and bust-out fraud, it’s essential to identify the risk of each call without relying on knowledge-based information. As we know, personal and financial details can be gathered, bought or stolen from a number of sources including data breaches, the Internet and the underground economy. When calling contact centers, crooks mask their true identities with spoofed Caller IDs and personal data to access bank accounts and obtain private financial information.

While criminals use a variety of methods to trick telephone reps into believing they are someone else, financial institutions need to use various methods to verify callers outside of knowledge-based authentication (KBA) tools. The TRUSTID® Physical Caller Authentication instantly spots spoofed calls early in customer identification process to allow banks to make quick, real-time decisions on high-risk calls.

Using advanced telephone network forensics to identify the exact location of the calling device, financial institutions have another factor of authentication needed to stop bad actors before they can socially engineer call center agents. No matter what method fraudsters use to gain the trust of bank reps, automatic caller authentication helps create a stronger defense against all types of telephone fraud.