News : Pindrop Security Warns Financial Institutions of Phone Scam
Atlanta, GA, Nov 18, 2014 -- Pindrop Security, a provider in phone fraud prevention and call center authentication for banks and enterprise call centers, issued a high-severity advisory for financial institutions and their customers following the company's research into a phone scam, dubbed "Misdial Trap," affecting one in six sampled financial services institutions. The company credits financial industry reporter Tracy Kitten for alerting Pindrop researchers to the scam.
How Misdial Traps Work
Fraudsters purchase phone numbers that are similar to a financial institution's main phone line and use those numbers to target consumers who misdial. When customers accidently dial those numbers, fraudsters pose as legitimate customer service representatives in order to gain personal or account information from the consumer.
Impact to Financial Institutions
To determine the impact of the scam, Pindrop Security sampled 600 financial institutions and determined the most likely "misdialed" variations of their primary phone numbers. Those variations were then run against Pindrop's database of phone number reputations to determine how many were likely being used to perpetrate phone fraud.
More than 100 financial institutions of various size -- just over 17 percent, or one in every six banks -- appear to be affected by Misdial Traps.
Pindrop Security recommends financial institutions and consumers take the following steps to protect themselves from the Misdial Trap scam:
- Conduct a thorough Internet search and verify that all webpages related to your institution are under the institution's control to ensure that all contact information listed is legitimate;
- Determine whether any phone numbers likely to be confused with your institution's phone number(s) are falsely representing themselves as your institution. Common variations are changes to the final digit and changing the area code to a toll free variant;
- Notify customers immediately of the potential Misdial Trap risk and ensure customers have the correct contact information.
- Always verify the phone number for a financial institution by checking it against official communications, or refer to the number listed on the back of the debit or credit card issued by the institution;
- Never leave a message on a voicemail system that asks for personal or account information;
- Never click on any links, open attachments or dial a number unless absolutely certain that the communication is from your financial institution.
"Phone fraud costs banks and financial institutions nearly $2 billion every year and fraudsters continue to develop new attacks to steal from consumers and financial institutions," said Vijay Balasubramaniyan, co-founder and CEO of Pindrop Security. "The Misdial Trap scam is just the most recent example of how sophisticated fraud rings are exploiting inherent vulnerabilities in the phone channel to collect consumer information and defraud financial institutions."
Posted by Veronica Silva Cusi, news correspondent
Today's Tip of the Day - Adherence
More Editorial From Pindrop Security
About Pindrop Security:
Pindrop Security provides enterprise solutions to secure phone and voice communications. Pindrop solutions reduce fraud losses and authentication expense for some of the largest call centers in the world. Pindrop’s patented Phoneprinting™ technology can identify, locate and authenticate phone devices uniquely just from the call audio thereby detecting fraudulent calls as well as verifying legitimate callers. Pindrop has been selected by the worlds largest banks, insurers, brokerages and retailers, detecting over 80% of fraud, even for attackers never seen before. Our solutions are allowing our customers to reduce call time and improve their customers experience even while reducing fraud losses. Pindrop is restoring confidence in the security of phone-based transactions.
Published: Wednesday, November 19, 2014