As worrisome as cybersecurity may be, it’s just one of the many threats facing contact centers, and perhaps least understood among them would be telecom fraud.
For most people, the term telemarketing comes to mind here, and it is associated, for good reason, with fraud. And while annoyingly pervasive, telemarketing fraud is just one form of telecom fraud.
Few terms have the degree of negative connotation as telemarketing, and for that reason, it’s a good entrée to start a conversation about the broad reach of telecom fraud in the world of customer service.
Whereas fraud, by nature, always involves manipulation and deception from bad actors, many forms of telemarketing are legitimate pitches by real brands trying to sell you something. Since these calls come from a contact center, they can easily give the broader customer service space a bad name.
...while annoyingly pervasive, telemarketing fraud is just one form of telecom fraud.
The FCC and FTC in the U.S. and the CRTC in Canada have long had consumer protection regulations in place to minimize these ongoing annoyances, but as we all know, those calls keep coming. Whether malicious or benign, telemarketers keep doing what they do for a simple reason – it works.
Spam and Scams – Know the Difference
Telecom fraud is a messy, moving target that would take many articles to cover, and my objective here is simply to draw attention at a high level to the threats impacting contact centers.
In terms of the types of activities, there are two main categories – spam and scams. While it’s easy to see how these terms could be used interchangeably, they mean very different things.
Spam would be automated outbound calls, done at scale, for all kinds of marketing and promotional campaigns. This is a low-cost form of mass marketing for legit brands, but it can also be done for fraudulent purposes. Robocalls would fall into this category, and while measures like STIR/SHAKEN (a set of technology protocols and procedures) are in place to mitigate them, they have limited effectiveness.
Scams are more sophisticated, since they try to entice individuals to enter into schemes that are ultimately designed for illicit purposes, such as credit card fraud, stealing money or property, and identity theft.
You may not care to distinguish between scams and spam, but they operate very differently, and both touch the contact center. To further illustrate, here are two core fraud scenarios that contact center leaders need to be acutely aware of.
Two Contact Center Scenarios for Fraud
Scenario 1 - Fraudsters impersonating customers
In this scenario, the contact center itself is the target, so these would be inbound calls that agents are handling. Not only are there countless varieties of schemes, but they are constantly being tweaked to avoid detection, so this is very much a whack-a-mole challenge.
In most cases, however, the perpetrator is impersonating a customer, doing one of two things.
First, they may have stolen ID from a real customer, and would be using that to make new purchases or request refunds for earlier purchases.
Secondly, they may only have partial information about the customer being impersonated and are calling in an attempt to get an agent to provide other pieces of personal ID that give them enough information to call later to make purchases.
Whatever the approach, fraudsters can determine pretty quickly if the contact center has strong or weak capabilities to detect fraudulent activity. If they don’t have success with the first agent, they’ll call back and try again with another agent, and so on. Savvy fraudsters can spoof phone numbers, so even if you detect repeated attempts from the same number, they can keep trying using other numbers.
Scenario 2 - Fraudsters impersonating contact centers
Now the focus shifts to outbound calling, where consumers are the target, and the tactics are even more deceitful.
This form of fraud is far more pervasive, not just because there are many more consumers to exploit than contact centers, but also because most consumers are not well-schooled to respond effectively when these calls come to them.
...fraudsters can convincingly give the appearance that their operations are making calls that are coming from your contact center...
We’ve all been targets of these calls, and there’s a healthy mix of both spam and scam offers. Regarding spam, fraudsters have become so adept at every step of the process that it’s become very difficult for consumers to tell if the messaging is from a legitimate source or brand, or from someone trying to appear that way.
While these calls aren’t coming from your contact center, they become problematic for your company as their brand is being misrepresented. In many cases, these spam efforts are then used to propagate scams that further damage your company’s brand. Once a fraudster gains the trust of their targets, they can convince buyers to place orders and make payments for your products they will never receive.
Contact center leaders need to recognize that fraudsters can convincingly give the appearance that their operations are making calls that are coming from your contact center, and that makes the targets think they are dealing with your company.
Two Ways to Manage These Risks
Despite there being an array of regulations and consumer protection laws aimed at eradicating telecom fraud, enforcement is difficult, and the deterrents aren’t strong enough to keep determined fraudsters in check.
To be fair, many do get caught, shut down, and even prosecuted, but the bad actors can shape-shift enough to stay one step ahead, always finding new ways to exploit their targets. That’s because there’s always serious money to be made in fraud.
For contact center leaders, the main message is to be aware of the various types of risk at play here. Clearly, there is financial risk – both for lost sales for the company, and monetary losses for your customers when duped. There is also risk to your company’s brand and reputation, especially for large-scale fraud campaigns that become public.
When that happens, there is also legal risk if litigation arises from plaintiffs who believe your company did not take proper precautions to prevent these forms of misrepresentation. For your customers, there can also be privacy risk when your agents unwittingly provide personal information to fraudsters impersonating them.
While this may seem like a losing battle, there are many responses to protect against all these risks. This article can only set the stage, and hopefully get you on the right path to develop a targeted strategy for managing telecom fraud. With that in mind, here are two basic approaches for driving that strategy.
1. More fraud prevention training
Technology has an important role to play, but ultimately, fraud requires human-to-human interaction to be effective. That said, the opposite is equally true, so the more prepared your contact center personnel are for this, the less of an issue this will be. Both agents and supervisors need to be more attuned to the various types of fraud, along with the tactics used by fraudsters.
The bigger the brand, the bigger the target for fraudsters, but this also means smaller brands may think it won’t happen to them. That’s exactly what fraudsters want them to think, making them even easier marks since they won’t be prepared for it.
As consumers, when suspicious-looking calls come in, we simply don’t answer, so no harm is done. Contact centers, however, have to answer every incoming call, so agents must be on constant alert, with a clear sense of the red flags to be watching for.
2. Deploy more AI tools from your vendors
To be fully prepared, contact centers need the right technology capabilities to support their agents and supervisors.
If you’re not deploying artificial intelligence (AI) yet, fraud detection is one of the strongest use cases for it, especially if this has been an ongoing issue. If your current vendor doesn’t have these capabilities, then you’ll need to look further afield. All contact center vendors have an AI story now, but you need to find out what specific applications they have for mitigating fraud.
Key capabilities would include machine learning to detect speech patterns used by fraudsters and voice biometrics to validate the caller’s identity with the customer they are claiming to be. These technologies aren’t foolproof, but as with all things AI, they get better the more you use them. The more datasets you have to work with, the better the results will be over time, so a bit of patience is needed.
As those capabilities are being fine-tuned, always keep in mind that the strategic value of AI is the ability to process vast amounts of data and make it usable in real time.
This means that every agent will have this support for every call, and when red flags are detected, they’ll be alerted in real time. That’s a vast improvement over how contact centers handle fraud with legacy technologies. And keep in mind that when you’re no longer an easy target, the fraudsters will quickly move on to find other marks.