Call centers are becoming a hacker’s favorite point of entry in infiltrating a company s database of sensitive client information and protected strategies. Whether or not your contact center handles financial and banking accounts, it could still be a potential target for cross-channel fraud because of its vulnerability to social engineering techniques.
While there are security programs, that you can adapt in order to protect your company from threats, fraud detection fundamentally starts by identifying the tactics that intruders can use to gain access to your confidential assets. Let’s group the common techniques according to the channel where they usually come from.
Dubious emails with “legit” attachments
Phony phone calls
You should therefore be wary of people requesting remote access to your desktop. Ultimately, don’t entertain anyone from “tech support” if you didn t request for assistance at all. Common users are not the only targets of the fake support call tactic; small businesses and call centers can also become victims to scammers who ask for money in exchange of “solutions” to nonexistent technical problems like malware infestation.
A more elaborate way of squeezing information from agents is by obtaining publicly available information about customers and using it to ask for password resets, money transfers, and other sensitive transactions. So, it should be mandatory to make security questions trickier than the usual ones you ask. Better yet, invest in voice biometrics, which can detect unauthorized voice patterns even if the person at the other end of the line aces the checkpoint questions.
Social engineering techniques such as these only press the immense protection that simple security practices can give to the whole company. Wearing IDs, being aware of tailgaters, and not sharing access badges can really go a long way, and more so if everyone follows workstation policies. By cultivating a culture of individual responsibility, fraud detection can become a workable group initiative instead of something shouldered by only a selected few.
If they can’t attack from the outskirts, offenders can personally plant viruses or launch malware payloads right inside your office. An effective way of doing so is through the “misplaced flash drive” trick—hackers will leave an infected drive near your office, which a curious employee will hopefully pick up and plug into a company computer. Others simply camouflage as an employee and do their deeds even with unsuspecting workers around.