Blog Home

25 Indicators of Fraud on Inbound Calls


The Team at CallMiner

November 09, 2020

Cyber fraud on binary background
Cyber fraud on binary background

Call center fraud is no laughing matter. Fraud is not only on the rise in call centers generally (jumping by 350% between 2013 and 2019), but the spread of fraud in the midst of the COVID-19 pandemic means businesses and consumers alike must be more mindful than ever.

Organizations need to be prepared to effectively combat call center fraud. Scammers are armed with advanced technology and access to private user data obtained through illicit channels. Further, malicious callers can manipulate customer service agents and automated systems to change account information, transfer money and more.

Luckily, there are ways to spot inbound call fraud in real time, allowing agents to take back control over customers’ security without jeopardizing the overall customer experience. Speech analytics software, for example, enables call centers to review past fraudulent calls, customize a fraudulent scorecard, and leverage real-time analytics to provide guidance to agents while on the call if a call is flagged as potential fraud.

For more information on fraud prevention through the use of speech analytics and AI, download our white paper, Sitel + CallMiner Survey: Preventing Fraud and Preserving CX with AI.

By understanding key indicators of fraud and malicious callers, organizations can single out threats efficiently while continuing to satisfy real customers’ needs.

Read through the tips below, and then tell us: How does your company prevent inbound call fraud?

Indicators of Fraud on Inbound Calls That Agents Can Recognize

1. Fraudulent callers may attempt to build rapport with a particular agent.

“Fraudsters use many approaches to trick call center agents and retail associates. Most don’t even know they’ve been a victim of fraud until after the incident is over. Some fraudsters build a rapport with a particular agent or retail associate over time before requesting that they send a financial sum to their bank account. They use tactics like flattery to build trust and name drop authorities in the business to instill fear. Other fraudsters call pretending to be a customer and slowly, over a few contacts, they change passwords and make updates to the account, so they have full control before making substantial purchases. The approach a fraudster chooses to take depends on the industry and type of calls you manage daily.” – Detecting Fraud with Speech Analytics, CallMiner; Twitter: @CallMiner

2. Caller has difficulty answering KBA questions.

“Knowledge-based authentication (KBA) is a security measure that identifies end users by asking them to answer specific security questions in order to provide accurate authorization for online or digital activities. The idea behind KBA is that by selecting questions that only the target individual would know the answers to, systems can verify whether a user is the legitimate owner of a password-protected area or not.” – Knowledge-Based Authentication (KBA), Techopedia; Twitter: @techopedia

3. Caller cannot answer questions related to their business with your call center.

“Remove and replace the traditional knowledge verification process. Don’t just ask callers to identify themselves with their date of birth, mailing address or any other generic piece of information. Instead, replace these questions with those that relate specifically to the individual’s business with your call center. Use information only the caller and agent would know. You want to rely on knowledge specific to the account that is unavailable outside the organization.” – Matt Grech, Call Center Fraud Prevention: How to Stop Fraud Once and For All, GetVoIP; Twitter: @getvoipreviews

4. Customer history does not line up with caller information.

“Historical data is essential and should provide agents with details of transactions, previous support interactions (across every channel) and their resolutions, account balance alerts, payment reminders and more. This 360-degree visibility forms the foundation of true omnichannel service and a gateway to fully understanding a customer’s journey. Not only does this insight provide the agent with the necessary context to vet the person on the other end of the line, but it also facilitates better customer experiences.” – John Cray, Beating crooks at call center fraud, BAI; Twitter: @BAI_Info

5. Caller is irate and overly demanding of procedural exceptions.

“According to an interview with Bank Info Security, Jerry Silva – an analyst with International Data Corp. – noted that call centers with banks and call center agents fall victim to social engineering. This occurs because agents end up bypassing regulation to satisfy ‘an angry customer’ who is actually a thief attempting to obtain critical personal information.” – Decrease Risk and Manage Fraud in Financial Call Centers, Trisys; Twitter: @TrisysInc

6. Caller insists on updating their email account to a less secure provider without verification.

“Gmail accounts are easy to open and may look like the real email account. It is sound practice to confirm the email address that the organization has on file and to email only that account if a customer asks for forms or information to be emailed. Replying to the email account sent by the fraudster only feeds into the fraudster’s scheme. Verify the customer’s email account and only send information to the verified email account.” – Linn Foster Freedman, Call Center Fraud Threats, Lexology; Twitter: @lexology

7. Caller makes multiple requests to change sensitive information over a short time.

“Our clients in the financial services sector report that up to 30 percent of fraud perpetrated against customer accounts is cross-channel. For example, many times fraudsters start by socially engineering call center agents to give away or change sensitive information, which the fraudsters use during follow-up online transactions to steal money out of customer accounts.” – Avivah Litan, Preventing Fraud in the Call Center with Phone Printing and Voice Biometrics, Forbes; Twitter: @forbes

8. Caller uses any known “social engineering” technique to get access to sensitive account information.

“The human element – the very factor that makes call center fraud so attractive to crooks – can also be a financial institution’s first and most effective line of defense. For example, education on how to identify people that are attempting to “socially engineer” conversations to get information.” – How Banks can Hang Up on the Growing Problem of Call Center Fraud, Deluxe FS; Twitter: @deluxecorp

9. Caller makes an emotional appeal for standard procedure to be flounced.

“With financial call center fraud, scammers can request to change passwords to bank accounts or request new credit or debit cards be sent to a new address while canceling any valid cards tied to an account. They might use emotional appeal, saying they’ve lost everything in a house fire and need a new card sent to their hotel right away. Or they might say they lost their credit card while traveling and need a new one sent to a different address than what’s on file.” – Kevin Tu, How to Detect Call Center Fraud, DataVisor; Twitter: @datavisor

10. Scammers may fail to keep up with questions asked in a conversational style.

“Effective verification questions are important, but while the answers matter, the way it is answered can typically be much more affirming. Additionally, creating a rapport with your customer while inadvertently authenticating them will increase loyalty and the customer lifetime value.” – Sam Bouso, Preventing Call Center Fraud Using Non-Conventional Verification Methods, Precognitive; Twitter: @precognitiveInc

11. Caller attempts to get special treatment through manipulative behavior.

“The basic definition of social engineering is the use of deception and manipulation to persuade unsuspecting call center employees to share confidential information that can be used to steal other sensitive information and commit fraud or execute an unauthorized transaction.” – Call Center Employee Fraud Training, Identity Management Institute; Twitter: @identitymate

12. Pauses after being asked questions may indicate that the caller is fraudulent.

“Most American adults can recite their social security number fairly easily when prompted. If this is a part of your authentication process and the caller pauses, asks your representative to wait or claims that he or she forgot it, these are all indications that something isn’t quite right.” – Call center fraud is on the rise – here’s how you can protect your credit union, MAP; Twitter: @mapcuso

13. Scam callers may show a trend of repeated access attempts with the wrong information.

“By using key indicator phrases, patterns and trends can emerge – for example, a contact center might see that someone called in eight times to open a new account but the caller offers erroneous information when asked for a piece of information that they should know.” – Michele Masterson, 3 Best Practices to Avert Contact Center Fraud, Smart Customer Service; Twitter: @smartcustserv

14. Fraudulent callers may not be able to answer particularly personal questions about a customer.

“When a customer calls a call center, service representatives should be equipped with asking security questions that only an authorized customer has the ability to answer. This is why it’s important to have questions that allow customers to provide responses that are unique and specific to them, and that are strong enough to enforce the protection of their data.” – Mia Papanicolaou, 5 Call Center Security Tips For Protecting Customer Data and Preventing Breaches, Call Center Management; Twitter: @MonetSoftware

Indicators of Fraud on Inbound Calls That Software Can Identify

15. Real-time, multi-layered verification methods may deter prospective scammers.

“The ability to complete the authentication process in real-time with multi-layered verification methods deters fraud while also making it easier for legitimate customers to access or open accounts.” – John Dancu, The steady rise of call center fraud, CUInsight; Twitter: @CUinsight

16. Scammers may give up if two-factor authentication is required using an existing account phone number.

“When a call centre agent encounters a caller who wants to make a transaction on a certain account, the owner of the account is notified of this transaction through his mobile phone. A customer needs to enter a code sent to his or her mobile to proceed with the desired transaction. It’s effective because few fraudsters have the know how to defeat it, and doing that usually requires considerable time and resources.” – Anna Rodriguez, Seven ways call centre managers can fraud-proof their business, MyCustomer; Twitter: @MyCustomer

17. Scammers may attempt to circumvent knowledge-based authentication processes.

“On the front-end dynamic, KBA stops fraudsters by verifying someone is who they claim to be using multiple-choice questions. What is important is to evaluate the controls and processes operating on the back-end to prevent bad guys from tricking the system.” – How to Prevent Fraud in Call Centers, EVS; Twitter: @goevs

18. Caller’s phone activity or number are out of the ordinary for their location.

“Pindrop Security founder, CEO and CTO Vijay Balasubramaniyan says an in-depth look at a phone number can also be useful in detecting fraud. ‘An example of this is a phone number that’s completely unallocated as far as the numbering plan of U.S. phone numbers. It’s not a valid phone number, and yet you’re seeing it appear,’ he says. ‘You can also look at the velocity of the phone number – how many times is it calling over different periods, and what are its calling patterns?'” – Jeff Goldman, How to Prevent Contact Center Fraud, eSecurity Planet; Twitter: @eSecurityP

19. Customer behavior across channels does not seem normal.

“A customer’s journey today to accomplish a single task might involve several channels – say, logging into an account, then a webchat, followed by a call. Feeding contact center behavior into an analytics or even rule-based fraud detection platform can identify anomalies for a given customer or in comparison to a peer group to detect fraud.” – Peter Mullen, Preventing fraud in the contact center, VXI; Twitter: @vxiglobal

20. Incoming call and phone information does not hold up to automated scrutiny.

“Enabling accurate identity assessment in the contact center relies on endpoint-centric measures, which look at the originating call and the originating phone that is making that call in order to assess the legitimacy of the user that’s calling. Litan describes phoneprinting technology combined with voice biometrics as ‘the strongest method for detecting fraudsters who call into enterprises.'” – Gartner Review & Recommendations: 3 Key Call Center Questions Answered, Pindrop; Twitter: @pindrop

21. Caller device and access details differ significantly from normal.

“Identity-based risk detection helps find patterns of an identity’s use across a wide spectrum of consumer activity to identify when a specific identity may be in hands of fraudsters that are actively working to exploit it. Monitoring the characteristics of digital-identity proxies such as mobile phone numbers and email contact information isolates cases where fraudsters change customer contact information to shield the victim from follow-up verification attempts.” – Call center fraud prevention, Experian; Twitter: @Experian_US

22. Session Initiation Protocol for Telephones shows suspicious information on the caller’s side.

“Fraudsters with a minimal level of telephony knowledge can spoof the ANI, which stands for Automatic Number Identification and proxies for the phone number of the dialing party. The ANI value can be changed, but when it is, it leaves behind other information incongruous with the new value, which are the tell-tale signs of spoofing.” – Using advanced signaling to detect call center fraud, Flowroute; Twitter: @flowroute

23. Caller is stumped by the multi-factor authentication process.

“Multi-factor Authentication, or MFA, is a superior choice to KBA. The MFA uses an approach that provides each caller with their own one-of-a-kind identity token. This token is taken from your phone device and carrier information. Another way MFA is useful to companies is that it can understand the characteristics of certain sounds which can be translated into a voice print. By collecting all of this information, you can then enter it into a database. The computer then scans all the information to send fraudsters into a database that will then blacklist them from the company and customers’ data.” – Ilsa Morales, Authentication and Fraud Prevention in Call Centers, United World Telecom

24. Callers who cannot complete callback verification for important account changes and transactions may be scammers.

“Out-of-band authentication is a process where access to an account requires two signals from two different channels. Attackers would have to compromise two separate and unconnected authentication channels, rather than one. For instance, if you get an email from a vendor, you should call them using the number you previously had on file and confirm that they sent the email. This is especially true if they are giving you new account information. One example is asking you to send money to a different account than one you’ve used in the past.” – The Key to Wire Fraud Prevention: Out-of-Band Authentication, Bridge Bank; Twitter: @bridgebank

25. Caller fails voice biometrics screening.

“Voice Biometrics software identifies a person through their unique voiceprint. In the same way that everyone has a unique fingerprint or retina, voice biometrics technology is used to identify a person through their voice patterns.” – David Evans et al., An Introduction to… Voice Biometrics,; Twitter: @callcentrehelp

Contact Center Operations Risk Management & Compliance Speech & Conversation Analytics