As businesses tighten authentication to their websites with increased taiwan phone number example security like two-factor authentication (2FA), hackers are flocking to less secure channels like call centers to impersonate their victims and gain access to their accounts. Account takeovers (ATOs) like these are growing at a staggering rate, up 72% in 2019 according to the 2020 Javelin Identity Fraud Study , which says this is due in large part to technological advances that have made it easier to manipulate and socially orchestrate information.
As businesses shift more of their operations away from physical stores in the wake of COVID-19, call center security is more important than ever. While an ATO is possible on your website, more than half of financial services firms said call centers were the primary attack channel for account takeovers. This may be because call center agents are susceptible to social engineering , a form of hacking that uses psychological manipulation to bypass human-protected security measures. Not convinced? Watch Rachel Tobac , an accomplished ethical social engineer and CEO of SocialProof Security , hack a CNN reporter last year by calling contact centers at grocery stores, hotels, and airlines, pretending to be her: As Rachel points out, there are things you can do as a consumer but “ultimately, it’s the company’s responsibility to keep their users’ data safe, and updating their phone protocols is a good place to start .
” Here are our recommendations for updating your authentication protocols for inbound calls to your contact center: Recommendation #1: Truly authenticate users Most call centers only identify the user but do not authenticate them . In my research , most companies have used memory factors (which we know of) like phone numbers, emails, or social security numbers to confirm that they are talking to the right person. The problem is that all these bits of information about a person are relatively easy to find (or buy ).