Here is an interesting article on contact center fraud. There are many different types of fraud that can affect a contact center - classic social engineering (facilitated by spoofing caller ID), information harvesting, etc. The article covers some of that - confirming that it is easy to imitate a legitimate user, since it is easy to get basic personal information that is used for authentication.
The article also describes the issue where a consumers phone number is changed (via malware on their device) and then the bank uses that to call back for verification, but it turns out to be the attackers number.
http://www.bankinfosecurity.com/articles.php?art_id=4593&rf=2012-03-16-eb&elq=e1769a0bae1547359d6ec38f2958342e&elqCampaignId=1587
While many banks and credit unions have invested in technology to thwart phishing attacks and online fraud, some have ignored the call center. As a result, fraudsters have redirected their aim.
Posted by: gaylordsecurity.com | June 20, 2012 at 07:04 AM