Pindrop Security, the leading provider of call centre anti-fraud and authentication solutions for enterprise call centres, today announced the findings of its annual Phone Fraud Report. For the report, Pindrop analysed several million calls for threats using the company’s patented Phoneprinting™ technology and Phoneypot™ monitoring technology. The research found a 30 percent rise in enterprise attacks and more than 86.2 million attacks per month on U.S. consumers.
Phone fraud continues to threaten enterprises across industries and borders, with large financial institutions’ call centres exposed to an average of more than $9 million in potential fraud each year. Financial and retail institutions have seen an increase in phone fraud of more than 30 percent since 2013, with one in every 2,200 calls being fraudulent. This rate increases for retailers that sell popular, expensive products with a high resell rate. The report also indicates that credit card issuers receive the highest rate of fraud attempts, with one in every 900 calls being fraudulent.
“These attackers are sophisticated, using a variety of tactics, including automation, working in criminal rings and using both the phone and cyber channel to make tracking their actions more difficult,” said Matt Garland, vice president of research and head of Pindrop Security’s newly formed Pindrop Labs team, which analysed the data behind the report. “As major data breaches such as Anthem and Target have occurred, attackers have found the phone channel to be the vulnerable underbelly for corporations and consumers, allowing them to monetize the breaches through social engineering and account takeovers.”
As part of their ongoing monitoring of phone threats, Pindrop Labs tracks common scams targeting consumers, such as the IRS or Technical Support scams. These attacks have successfully defrauded millions, particularly consumers in vulnerable populations, such as the elderly, immigrants and young college students. Robocalling services, which provide a cheap method to make thousands of calls per day, have increased in frequency to one in every six phone numbers calling the average consumer, with 2.5 percent of U.S. phones (8.1 million in total) receiving at least one robocall per week.
Key report findings include:
- On average, large financial institutions exposed more than $9m in funds to attackers last year. Exposure measures the value of accounts in which an attacker was able to authenticate to the account.
- Banks experience a fraud call rate of one in every 2,650 calls. Brokerages report slightly less, with only one in 3,000 calls being fraud.
- More than 86.2 million calls per month in the U.S. are phone scams, and 36 million of those calls can be traced to one of the 25 most common phone scams.
- Attackers use VoIP lines for 53 percent of their calls, compared to 7.8 percent of the general public using VoIP as a means for phone communication.
Pindrop Labs is focused on threats and vulnerabilities in the audio and telecommunications realms. This area is traditionally neglected from a security perspective, but is increasingly favored by attackers for reconnaissance, exploitation, account takeover and other attacks. Pindrop Labs’ research falls into two main areas: phone fraud prevention and securing the increasingly ubiquitous voice interface. Phone fraud prevention includes security for call centers, telecommunications infrastructure and phone-reliant systems, organisations and consumers. Securing voice interfaces includes providing authentication, threat detection and fraud prevention for voice-enabled infrastructure.
To download the report in full, click here