Robocall bad actors, empowered by artificial intelligence (AI), are becoming increasingly adept at deploying impersonation attacks (also known as imposter scams) to defraud American businesses and consumers. In 2023, an estimated $10 billion was lost to fraud, the highest number ever recorded by the FTC, and a 14% increase over the previous year. Imposter scams accounted for $2.7 billion of those losses, the second-highest reported loss amount.
“Spoofing” is when a bad actor uses a legitimate organization’s phone number to convince victims that they’re talking to a known and trusted source. This type of fraud could be used to access confidential financial information. These scams have serious repercussions: when businesses fall victim to impersonation attacks, their reputations suffer, customer trust erodes and potential revenue declines.
Not only can these attacks rattle customers’ brand faith, but their willingness to engage with the voice channel dissipates. Some 68% of consumers reported they “never answer” phone calls from unknown numbers, and 76% claim they have missed calls they would have answered had they known who was calling.
The inability to drive consumer engagement with brands via the voice channel can be especially damaging to businesses in high-touch industries – finance, healthcare, retail and insurance – that may struggle to communicate critical updates to customers or engage with them to unlock new revenue opportunities.
To counter this rising threat, security executives must build a strategy that includes securing their outgoing communications. This means eliminating the possibility of bad actors launching spoof attacks through the voice channel.
Brands under siege: Businesses can’t hide from the threat of impersonation attacks
Even the largest, most trusted brands may struggle to prevent fraudsters from hijacking their phone numbers and putting their brand reputation at risk.
As one example, a Chase Bank customer lost over $120,000 after engaging with a spoofed 1-800 number that matched Chase’s customer service. When asked to verify a suspicious transaction, he logged in to his account through a secured link sent by text message. From there, the bad actors captured his login information and defrauded the consumer.
In another instance, Amazon is a frequent imposter scam target as well. Scam artists may pose as sales representatives and ask their target to grant remote access to their account to receive a refund. Once in the account, bad actors can extract credit card details and other personal information.
A large national bank started working with TNS after a large-scale, multi-pronged phishing attack impacted millions of customers. Not only were its customers defrauded, but the bank needed to act immediately to retain customer loyalty and restore trust in the voice channel.
Loss of consumer funds is one of many costly ramifications of impersonation attacks. Most businesses struggle to identify in real time when they are being spoofed. Often, they are unaware of the attempts to hijack their brand’s number until it is too late. By then, the company’s reputation may be damaged, and money is lost.
Securing outbound communications: The best defense is a good offense
It has increasingly fallen on CXOs and security leaders to more aggressively secure the voice channel as part of an enterprise-wide strategy. While outbound voice communications have not traditionally been at the top of the risk chart, prioritization is now critical to fortifying phone numbers from fraudsters, securing brand reputation and mitigating the possibility of customers falling victim to fraud.
A robust security strategy for voice communication relies on three essential components:
Call Authentication Proper call validation enables businesses to confirm the origin of each call, ensuring that it originates from their identified number.
Spoof Protection Calls that are not properly authenticated should be blocked before they reach customers, ensuring fraudsters cannot establish contact.
Present Critical Call Information By branding calls with the company’s name and logo, businesses can identify themselves, giving customers a better understanding of who’s trying to reach them.
When combined, these three measures ensure customers know who’s trying to contact them.
The previously mentioned bank implemented this three-pronged approach. In the first few months, more than 130,000 calls were blocked. This has potentially saved many customers from fraud.
As impersonation scams evolve, security leaders have been forced to combat bad actors in an ever-changing and expanding threat landscape. At the center of this fight is the voice channel. By strengthening it with call authentication, spoof protection and branded calls, businesses can help eliminate a vital attack vector for bad actors while increasing consumer trust. As brands battle for consumer mindshare in today’s competitive landscape, companies must be able to engage their customers through a secure voice channel to succeed.
Maurie Munro is Vice President of Enterprise Sales at TNS Communications Market, responsible for the TNS Enterprise Product Suite.
