The Transatlantic State of Fraud

For financial institutions, fraud loss can be damaging – both in terms of cost and customer confidence. It’s a crime that has affected many institutions to the extent that fraud loss has evolved into an incurred cost that is considered somewhat inevitable.

Our 2016 State of Fraud Report found that financial institutions in the UK are losing £0.51 to fraud on every call. This means that large call centres, receiving an estimated 40 million calls per year, are losing an average of £20million each year to fraudsters. 

The UK isn’t alone when it comes to being vulnerable to this type of attack but it has suffered double the rate of fraudulent attacks than the US.  In 2015, the UK experienced 1 in 700 fraudulent calls compared to the 1 in 1700 in the US during the same period. It is evident that call centre fraud is on the rise on both sides of the Atlantic and is continuing to grow at an alarming rate.

The drivers of this can be mostly attributed to the sophistication of security measures online and on the physical channel, particularly with Chip and Pin (EMV card technology). Fraudsters have since changed tact and are seeking additional ways to commit this type of attack. Combined with the increase in data breaches that subsequently widens the availability of personal data via the dark web, fraudsters have been driven to attack the weakest line of defense – the call centre.

What we need to remember is that call centre agents aren't fraud experts. They are tasked with providing genuine customers with a great experience and as such are being targeted by criminals. By equipping agents with solutions to better identify a suspicious call quickly, banks can prevent the pre-fraud data gathering activities that can happen over the phone that subsequently leads to increased fraud across the phone and other channels.

But why is the rate of attack so much higher in the UK than in the US? This is likely because the UK has had Chip and Pin cards much longer than the US, and the fraudsters have effectively transitioned to attacks that do not rely on physical cards, such as those in the call centre. According to the Aite Group, these attacks grew 79% in the UK in the years following the Chip and Pin rollout (2005 to 2008).

So what are the other differences between the UK and US?

In the UK, 72 per cent of fraud calls to financial institutions originate on home soil. This compares to only 48 per cent of US financial institution fraud calls originating within the US. Again, this trend can be linked to the UK’s extended use of Chip and Pin.

The UK also has some regionally popular phone scams, like mail intercept fraud and shipment redirect, that require a local presence. The popularity of these scams could also influence the amount of domestic fraud calls seen in the UK.

Additionally, most UK fraud comes from mobile devices. UK financial institutions see 64 per cent of these calls coming from mobiles, while US financial institutions only see 37 per cent from these devices. In the UK it is easier for mobile phones to be programmed to show a restricted caller ID. In fact, 70 per cent of fraud calls in the UK use a restricted caller ID, rather than spoofing a phone number.

To really tackle the problem at hand, financial institutions need to start implementing solutions that monitor and detect phone fraud. This requires multi-layered solutions that quickly and accurately detect it. Pindrop used its patented ‘Phoneprinting™ technology to analyse over 10 million calls to major enterprise call centres in the UK and US, to find out the extent of fraud targeted at call centres. Phoneprinting analyses 147 factors of call audio to uniquely identify the calling device, geography, and other information that indicates a suspicious caller.  Financial institutions need to integrate this type of capability to track fraud attempts in the moment and across multiple channels and flag accounts that have suspicious activity, quickly.