A giant, multinational company had been targeted by scammers before, so its agents knew to be on their guard. Yet the fraudsters brought evermore underhanded methods to their attack – with weaponized insider information.
How did they do it?Profile 1: Charles
The fraudster introduced himself to the agent as Charles and claimed to himself be working at the same company.
"My computer is down," he said. "And I'm on live chat, trying to add a recovery email to a premium email account."
As Charles built a friendly, collegial rapport with the agent, he said he had already verified the customer. When the agent requested an account number, he provided an email address instead. Also, he matter-of-factly told the agent where to go within the company's system, clearly demonstrating insider's knowledge.
Ultimately, Charles succeeded in having the agent add his selected recovery email address to the account, which granted him full access to it.
Later, he repeated this technique under different names with different agents, managing to take over numerous accounts.
Charles was not the only one with this tactic. Matthew was another fraudster who claimed to be a colleague within the same company, and also used insider information – like the Employer Identification Number – to access accounts and take them over.
Profile 2: George
At this same organization, another fraudster, George, called an agent claiming there was an old mobile number on his account and that the number needed to be updated.
The agent wanted to send him a 1-time PIN but George reminded him that the listed phone number was no longer current. He avoided the agent's request to provide an account number by giving an email and postcode instead that were accessed through phishing.
Ultimately, George was able to gain data on the last bill date and on specific transactions, clearing the way to change the phone number and fully take over the account.
This brazen posturing, pretending to be in possession of the "correct information" worked for George numerous times – as evidenced by the many account takeovers all tracing back to his same "new and updated" phone number.
Piecing it together
Charles, George, and other similar scammers employed an unnerving sense of confidence and facility, leveraging what they presented as "in-the-know" information, slickly talking themselves into a position of access, and taking over account after account.
In addition to the steep financial costs to the organization, they eroded a critical sense of trust both from outside it and, also, from within.
Yet top-tier fraud prevention incorporating AI interpretation of their high-risk behavior, voice biometrics detection, and real-time blocking measures, could have stopped their cases cold.
To learn more about such a solution, reach out to us at NICE.
