DEEPFAKES
WITH THE RIGHT TECHNOLOGY AND PRE-ANSWER STRATEGIES IN PLACE, CONTACT CENTERS CAN GO BACK TO DOING WHAT THEY DO BEST...
Human agents are the front line of an organization, and the weakest link, making this type of process automation one that pays to scale.
That certainly is the case with account takeovers( ATOs), where, as the name implies, fraudsters take over victims’ accounts. Many of them are multi-staged, multi-channel attacks which involve the contact center. In ATOs, fraudsters use one or more channels to get information, then go to another channel to complete the frauds.
In these attacks, often the fraudsters will spoof the victims’ phone numbers to reach the customer service agents and then use the stolen PIIs to get past the agents’ authentication process to gain access to the accounts. In some instances, threat actors will manipulate the agents and trick them into resetting the victims’ account passwords.
Once fraudsters have these credentials, it’ s game over. They can log on and transfer money out of the victims’ accounts.
If, however, the victims are employees and the threat actors gain access to their accounts, they can infiltrate a company’ s network, which could lead to a ransomware attack.
STEPS TO GUARD AGAINST VOICE ATTACKS
Contact center agents are not fraud experts, nor should they be. Unfortunately, as AI has grown more sophisticated, voice authentication is no longer reliable. To think you’ ll be able to tackle AI voice clones with a singular AI deepfake detection capability is a losing cat-andmouse game.
Instead, organizations should do as much as possible to prevent fraudsters from ever reaching the customer service agent. They should design a pathway that criminals must follow before reaching the agent so that if they get to the agent, they’ ve at least moved through several gates of fraud controls first.
Contact centers should also devise a customer experience( CX) based on their risk signals so they can direct different segments of customers to the right pathways. You want to apply a strategy that implements as many risk signals as possible before a call reaches the customer service agent.
HOW TO EXECUTE THESE STRATEGIES
First, invest in technologies like pre-answer forensic network caller authentication that can verify calling devices with phone numbers before they reach the agents. When combined with technology that automatically matches the calling numbers to the customers’ information in the CRM system, contact centers can be confident that the callers are who they say they are.
These technologies allow existing customers to have a frictionless path to a service agent while being easily authenticated. Customers can avoid the more frustrating, time-consuming experiences of answering a series of knowledge-based questions they may have forgotten; contact centers can aim to avoid this more insecure method of authentication that puts customer information at risk.
Second, when pre-answer technology detects risks, organizations could route calls to additional authentication methods within IVR systems, and eventually to level-two support teams. This would ideally involve agents who are more experienced with certain types of fraud, so they can decide whether to escalate to the fraud department.
For contact centers, pre-answer technology can assess risk before AI deepfakes are attempted, and critically, before the human agents get involved. Because the moment you involve a human, the social engineering risk factor increases exponentially.
It’ s vital to remember that the contact center may not always be“ ground zero” for the ultimate attack, but it plays a large role in the fraudster’ s journey to their end goal – theft – by giving them the additional“ puzzle pieces” they need.
With the right technology and pre-answer strategies in place, contact centers can go back to doing what they do best: providing a seamless, helpful, and satisfying experience for customers.
Richard Tsai is Head of Product Marketing for Fraud Solutions at TransUnion. He brings more than 20 years of experience in B2B technology product management, marketing, and strategy to this role. Richard’ s unique background in business and software engineering allows him to engage in all facets of the product business.
MAY 2025 33