Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Endpoint

4/26/2017
08:00 AM
50%
50%

Call Center Fraud Spiked 113% in 2016

Criminals are increasingly spoofing caller ID using VoIP apps including Skype or Google Voice to hide their identity and location, according to a report released today by Pindrop Labs.

Call center fraud is rising at an astronomical rate, as technical weakness becomes one of the three key contributors to its rapid rise, according to the 2017 Call Center Fraud Report released today by Pindrop Labs. 

Based on a review of more than 500 million calls last year, Pindrop found fraud rates soared 113% over the previous year. That has resulted in a fraud rate of 1 in 937 calls in 2016, compared to 1 in 2,000 calls in the previous year. And this problem has morphed from being a responsibility of the call center operations to one of IT security.

"When we first started the company [Pindrop]..., it was a call center operations headache. As the attacks have increased, losses continue to increase, and the phone is being used as part of a multichannel attack, the CISO is becoming more and more involved," says David Dewey, director of Pindrop Labs.

One of the catalysts for this growth comes from attackers' enhanced skill in social engineering to coax information, or inadvertent nefarious action, out of call center employees, as well as the discovery of new spoofing and voice distortion technologies to give criminals more options when using the phone, according to the report.

Additionally, as digital methods for pilfering information becomes harder to crack, fraudsters are moving onto the path of least resistance rather than get smarter in figuring out workarounds for these digital challenges, Dewey says.

"Reaching a call center and speaking with an agent provides the fraudster with an upper hand. A call center agent’s job is to provide quality customer service and not stop fraud," he added.

The report identifies three key areas where call centers are particularly weak, one of which is technical.

"Caller ID Spoofing coincided with the advent and popularity of VoIP in the mid-2000s. We are seeing more and more fraudsters discover how easy this is to do and we expect this to continue to grow. Heck, there's even an Android app out there that will spoof calls for you," Dewey says.

With the advent of VoIP, users have access to the caller ID field and can set it to whatever they want, Dewey noted. This allows fraudsters, some with minimal technical skills, to be able to spoof their calls. In the case of Skype or Google Voice, the same Caller ID is applied to tens or hundreds of thousands of subscribers with the recipient having no idea who they are speaking too, Dewey explained.

When it comes to fraudsters who are developing software to reset pins, access accounts, etc., most interactive voice recognition (IVR) systems are available to the public and most go unprotected and unmonitored.

Going forward, Dewey noted new techniques and technologies are being tested by attackers.

"We are starting to see attacks where fraudsters are calling victims to record their voices and then using those recorded voices to pass as the real person," he said. "On top of that, we are seeing technology that allows fraudsters to generate speech based on a minimal recording and use that to make statements that the person never originally said. Getting the audio of the victims is no longer a problem because so much exists on all of us in our social channels like Facebook Live, on Youtube, etc."

Related Content:

Dawn Kawamoto is an Associate Editor for Dark Reading, where she covers cybersecurity news and trends. She is an award-winning journalist who has written and edited technology, management, leadership, career, finance, and innovation stories for such publications as CNET's ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
joye121
50%
50%
joye121,
User Rank: Apprentice
5/17/2017 | 2:34:25 AM
thanks
good information :)
HackerOne Drops Mobile Voting App Vendor Voatz
Dark Reading Staff 3/30/2020
Limited-Time Free Offers to Secure the Enterprise Amid COVID-19
Curtis Franklin Jr., Senior Editor at Dark Reading,  3/31/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
6 Emerging Cyber Threats That Enterprises Face in 2020
This Tech Digest gives an in-depth look at six emerging cyber threats that enterprises could face in 2020. Download your copy today!
Flash Poll
State of Cybersecurity Incident Response
State of Cybersecurity Incident Response
Data breaches and regulations have forced organizations to pay closer attention to the security incident response function. However, security leaders may be overestimating their ability to detect and respond to security incidents. Read this report to find out more.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-11565
PUBLISHED: 2020-04-06
An issue was discovered in the Linux kernel through 5.6.2. mpol_parse_str in mm/mempolicy.c has a stack-based out-of-bounds write because an empty nodelist is mishandled during mount option parsing, aka CID-aa9f7d5172fa.
CVE-2020-11558
PUBLISHED: 2020-04-05
An issue was discovered in libgpac.a in GPAC 0.8.0, as demonstrated by MP4Box. audio_sample_entry_Read in isomedia/box_code_base.c does not properly decide when to make gf_isom_box_del calls. This leads to various use-after-free outcomes involving mdia_Read, gf_isom_delete_movie, and gf_isom_parse_m...
CVE-2020-11547
PUBLISHED: 2020-04-05
PRTG Network Monitor before 20.1.57.1745 allows remote unauthenticated attackers to obtain information about probes running or the server itself (CPU usage, memory, Windows version, and internal statistics) via an HTTP request, as demonstrated by type=probes to login.htm or index.htm.
CVE-2020-11548
PUBLISHED: 2020-04-05
The Search Meter plugin through 2.13.2 for WordPress allows user input introduced in the search bar to be any formula. The attacker could achieve remote code execution via CSV injection if a wp-admin/index.php?page=search-meter Export is performed.
CVE-2020-11542
PUBLISHED: 2020-04-04
3xLOGIC Infinias eIDC32 2.213 devices with Web 1.107 allow Authentication Bypass via CMD.HTM?CMD= because authentication depends on the client side's interpretation of the <KEY>MYKEY</KEY> substring.