Impersonation fraud is rising at an alarming rate.
TSB recently warned to be on alert for fraudsters pretending to be from banks or organizations and asking for money as impersonation fraud cases have surged by 300% in the last year, according to UK Finance.
In my experience, these kinds of scams are devastating for vulnerable customers, as the money is often impossible to recoup once it’s been sent.
With the average victim losing £4,000 from scammers who impersonate brands like Royal Mail, Amazon and BT, and consumers already feeling the pinch from the rising cost of living, can banks do more to protect customers from these types of scams?
What is impersonation fraud?
Impersonation fraud is a popular type of authorised push payment (APP) fraud. In these scams, fraudsters often contact the victim via phone, text or email, pretending to be from well-known organizations such as banks, utility companies or governmental organizations such as HMRC. Fraudsters claim the customers’ bank account is compromised, employing social engineering tactics to encourage them to transfer funds to a different bank controlled by the fraudster.
Social engineering is a form of psychological manipulation that scammers use to try and obtain private information. Fraudsters put pressure on people and try to trigger an emotive response to convince them to willingly hand over their details.
Scammers will often already know basic information about the person they’re targeting, like their name and who they bank with. That means it’s easy for them to convince customers that they’re genuine and swindle victims out of their money.
Even if the customer doesn’t send money upfront, fraudsters can use the information they’ve obtained to bypass knowledge-based security checks at the bank’s call center and then gain access to their finances.
How banks can prevent impersonation fraud
Criminals are experts at pretending to be someone they’re not and can fool even the savviest of people. If you don’t have measures in place to protect your customers, you can lose their trust and risk reputational repercussions from those that have fallen victim.
This can ultimately result in lost business, so it’s up to banks to take a proactive approach to protect their customers and prevent impersonation fraud and other APP scams. Here are three ways to protect your customers.
1. Use pop-up warnings to encourage pause for thought
Fast payment systems make it easy to send money anywhere in the world with just a few clicks or taps. While this is incredibly convenient, in my experience, the ability to make payments in a matter of seconds puts customers at the risk of being pressured into making snap decisions. This works to the scammer’s advantage.
Scam warnings and interventions both online and on mobile apps can help create moments of reflection, giving your customers time to think before they transfer large sums of money. Ultimately, pop-up warnings introduce friction into the payment process, slowing the customer down and encouraging them to reconsider any unusual requests.
2. Offer advice and share educational assets
When it comes to preventing fraud, it can be incredibly effective to provide information, offer advice and educate customers on how to avoid becoming a victim of impersonation fraud.
Remind customers to never reveal their security details over the phone, to always double-check the contact information for the recipient bank and be wary of sending money to someone they haven’t met in person.
APP scams are common but giving customers the tools to recognise and avoid them is one of the best ways to mitigate that risk.
3. Use technology to prevent fraud at its source
Perhaps the most effective way banks can combat impersonation fraud is by preventing fraudsters getting the information they need to carry out these scams in the first place. And one of the most common places they do that is via call centres.
Fraudsters often use a bank’s call center to get the sensitive information on their target that they later use to convince the victim that they’re legitimate. They use bots to navigate through interactive voice recognition (IVR) systems and social engineering tactics to elicit security information from call center agents.
Some of these techniques involve playing a recording of a baby crying in the background, shouting loudly down the phone and being abusive to try and stress out call center agents—forcing them to give away sensitive information.
Thankfully, technology can help. With the right tools, you can address these vulnerabilities and identify high risk calls that enter the call center before the call is answered. This ensures threats are quickly spotted and resolved by the bank’s fraud operations teams long before the funds are stolen.
Protect your customers from APP fraud
With the right combination of education, training and technology, you can stick it to the scammers and stop impersonation fraud from harming your customers. By stopping fraudsters from infiltrating your call centers and getting information, you can stop these scams at their source.
APP scams aren’t going away anytime soon. But by spreading awareness, educating customers and safeguarding your call centres, you can keep your customers safe.