You might think that today's scammers spend most of their effort on the Internet, but a new report by call center authentication specialist Pindrop Security reveals that phone fraud is still big business.
More than 86.2 million calls per month to US consumers are down to scammers, and 36 million of those calls can be traced to one of the 25 most common phone scams. It also finds a 30 per cent rise in enterprise attacks.
Financial and retail institutions have seen an increase in phone fraud of more than 30 per cent since 2013, with one in every 2,200 calls being fraudulent. This rate increases for retailers that sell popular, expensive products with a high resell rate. The report also indicates that credit card issuers are getting the highest rate of fraud attempts, with one in every 900 calls being fraudulent.
The report attributes this to cards being one of the most common ways for the public to complete transactions, and thus card numbers being at greater risk of theft.
Attackers have also been quick to embrace technology, using VoIP lines for 53 per cent of their calls, compared to 7.8 per cent of the general public using VoIP as a means for phone communication. Robot dialers are common too with 1 in 6 numbers calling consumers using auto-dialers. Fraudsters are also using spoofing to manipulate their caller IDs to mimic legitimate organisations.
"These attackers are sophisticated, using a variety of tactics, including automation, working in criminal rings and using both the phone and cyber channel to make tracking their actions more difficult," says Matt Garland, vice president of research and head of Pindrop Security’s newly formed Pindrop Labs team, which analysed the data behind the report. "As major data breaches such as Anthem and Target have occurred, attackers have found the phone channel to be the vulnerable underbelly for corporations and consumers, allowing them to monetise the breaches through social engineering and account takeovers".
This isn't just a US problem, however, rates of phone fraud are similar across all economically developed countries, regardless of security regulations and legislation in place. Fraudsters rely on casting a wide net and catching people who aren't informed about the latest scams. Phone fraud rates are lower in developing countries and when it does occur it tends to be local in origin.
Pindrop expects the shift to chip and pin cards in the US to make attackers shift more attention to the phone as it's traditionally the least protected of the card-not-present channels. It advises call centers to begin preparing now for an increase in attacks.
The full report is available to download from the Pindrop Security website.