Not long ago we talked about the alarming amount of people that fell prey to cyberscams in the first half of this year. Sadly, as the ongoing pandemic is still nourishing a general feeling of uncertainty among everybody, especially since unemployment rates have skyrocketed with a rate of 11.1% in the US alone (as of June 2020), and the FCC’s efforts against robocalls are yielding results, we can observe a worrisome rise in contact center fraud, as well.
In this article, we will be looking at the most common scenarios employed by scammers when targeting a contact center together with possible solutions to outsmart them and keep your agents, your business, and the goods of your customers safe from cybercrime.
What Is Contact Center Fraud?
Contact center fraud, or call center fraud, is an illegal activity conducted by a person posing as a customer, trying to redirect funds from an unsuspecting victim by tricking the customer service department using data obtained from illegal fishing.
To put a long definition short, it’s when cybercriminals use information stolen from victims via phishing scams to obtain all cyber-possessions linked to the information they stole.
Or, it’s what happens when you click on that suspicious work email from a person you never heard of and open the attached invoice that you had no idea your department was due to pay it. You brush it off at the moment. But during the next week, you’re desperately trying to find out why your credit card is both maxed out and canceled at the same time.
However, this article is not about popular phishing techniques, but about how to teach contact center agents to be the second line of defense between scammers and their clients.
Here are 6 popular contact center frauds and how to teach your agents to identify and report them.
6 Popular Contact Center Fraud Scenarios
Though the approach may differ from scam to scam, there are, statistically, some crowd-favorites among individuals that love to obtain their revenue through illicit activities. From the quarantine shopping addict to the unlucky tourist, here are some red flags that you need to include in your call center agent training briefs.
For the sake of fluidity and for increased readability, in all these scenarios all the scammers shall bear the name John and all the victims will be Mr. Smith.
Mr. Smith has a tendency to open a lot of pop ups when shopping online for all kinds of gadgets. John managed to obtain his credit card details and shopping habits.
John calls Mr. Smith’s bank of choice to ask for an insert scenario. Before talking to a real operator, he has to identify himself as Mr. Smith by answering some routine security questions.
John already knows Mr. Smith’s spending routine, how many credit cards he tends to use while indulging in online shopping, and, with some quick snooping around on a public social media profile, John knows Mr. Smith’s parents, his pet history, and so on. So, the IVR designed as the first line of defense against people like John has no real power against his cyberskills.
Enter the call center agent.
The Quarantine Shopper: I Want to Increase My Spending Limit
It’s not a farfetched story. And many agents that have been trained to never say no and always find solutions may opt to help Mr. Smith out. He did pass the security tests, didn’t he?
The solution: Always filter these claims through a manager. The more people John has to get through, the more the chances of him making a mistake and answering a question wrong. Double-check with the client on how permissive they want to be with their established protocols during these uncertain times.
And most of all, find an excuse to call back. If they’re adamant on calling them back on a different phone number than you have in your records, that is one of the biggest red flags.
The Pandemic Traveler: I’m Going on A Trip, Ignore Fraud Alert for The Next Week
The scenario: While there are limited flights leaving the United States at this time, people are still moving across the country with no major issues. So, there’s really nothing stopping an enthusiastic Mr. Smith from taking a little road trip. However, depending on the bank of choice, Mr. Smith may have taken the necessary measures to prevent any data theft from draining his accounts by adding suspicious spending behavior alerts to his accounts.
Enters John, the scammer, that, according to protocol, notifies the bank of the upcoming trip. There’s no reason to carry on sending alerts, right? Wrong!
The solution: Now this is a bit complicated as it really depends on internal protocols. But a good solution would be to always double-check these claims with the customer using data that is already registered with the bank. This means a follow-up call and e-mail. It may be annoying for the real Mr. Smith, but arguably, less annoying than having to prove he was scammed.
The Unlucky Tourist: I’m Trapped in a No-Fly Country – Please Wire Me Money
The scenario: The sudden onset of the pandemic may have caught some unsuspecting travelers off guard. People that were enjoying a prolonged vacation have been stuck in other countries during nation-wide quarantines. And there are still countries imposing travel bans.
Mr. Smith usually travels with just one credit card and lots of cash. John knows that. So, John calls the bank to tell them all about Mr. Smith being trapped in a no outbound flights country or a country with no outbound flights towards the US. Funds are getting really low and his credit card has been stolen. He already proved his identity and answered security questions. What else does he have to do to get access to his own money while stranded in a foreign country?
The solution: Double check the whereabouts of Mr. Smith. Contact the emergency contact if needed before making any transfers. While if the story is real, there is an urgency to the situation that limits all preventative security measures, it’s still better to apply them than to risk Mr. Smith losing his savings.
The Ditsy Nomad: I Moved and Lost My Credit Card – Please Send a New One to the New Address
The scenario: A lot of people were forced to relocate during the pandemic. And moving all your things while having to deal with an ongoing outbreak can become a little too much to handle. So, it’s understandable, human even, to misplace your credit card. However, while moving, Mr. Smith also came into contact with a lot of people.
One of them was diagnosed with COVID-19, so Mr. Smith is now not allowed to leave the house for the next 2 weeks and really needs a new credit card sent to his new address. Happens to the best of us. Even to John that is lying through his teeth, pretending to be Mr. Smith.
The solution: This is maybe the most popular call center scam out there at the moment. And it’s so deeply rooted in the reality that it’s hard to tell which is a fake or which is a genuine request. The simplest solution is to, again, come back with a phone call to the number registered with the bank.
The Good Samaritan: MR Smith Is Gravely Ill, Has No Relatives Near and I’m Her Caretaker
The scenario: John either has a power of attorney (which indeed makes it more complicated for the agent to detect fraud) or claims to be the caretaker of Mr. Smith who, in every scenario, is currently incapacitated. The onset of the disease was sudden, so he didn’t have time to confirm this with the bank.
In today’s strenuous times where otherwise healthy people fall prey to this indiscriminate virus, it’s not an unlikely situation. And medical bills usually pile up fast. Mr. Smith may be really in need of a thoughtful caretaker. He may also be really incapacitated and the caretaker is acting within rights, but the money never makes it to the hospital. What do you do?
The solution: This is not a problem with a straightforward solution. It needs the delicate approach of a lawyer that can help devise an emergency protocol that respects personal security and allows real caretakers of incapacitated people to access the money needed for treatment and care. It’s hard to distinguish fake from real stories, and it’s even harder to say no to every request.
The Victim: I Fell Victim to a Scam, You Allowed It, You Give Me My Money Back
The scenario: Now this is, indeed, a terrifying scenario. Imagine Mr. Smith’s bank account registering suspicious activity. He verified his identity when completing one of the scenarios described above, the call center agent did everything in their power to assist the customer, and now, Mr. Smith is claiming he was robbed and the call center facilitated the process.
The solution: Unfortunately, there isn’t a simple solution that doesn’t involve the presence of at least one very good lawyer and a police investigation. However, be prepared, in a time where scarcity fuels imagination, for Mr. Smith to turn into the villain of the story.
Identifying a call center scam is, in most cases, trickier than a personal scam mainly because the perpetrators are smarter and have access to crucial information. That personal data in the hands of a cyberscammer combined with a tired agent that is motivated by how fast they can resolve a customer query could translate into disastrous consequences for the victim and the call center company.
However, never dismiss every request as a scam. The reason why these scams are so popular is because they are rooted in reality, drawing inspiration from the real misfortune of people.
The real solution is to study these scenarios and meet the criminal ingenuity with more efficient security measures. It’s important for the contact center to make efforts to protect the consumers