What is a Vishing Scam?
Vishing is a type of Authorised Push Payment (APP) fraud, or a voice-based social engineering scam. Fraudsters call victims and impersonate bank representatives or other officials, such as the police, to trick victims into transferring funds to a fraudster’s account.
How Big is the Vishing Problem?
Vishing is the fastest growing social engineering scam in the United Kingdom, resulting in £36.6 million in customer losses in the first half of 2018 alone. UK Finance reported that in this period, nearly 4,000 UK banking customers lost an average of more than £9,000 each due to vishing scams. In the U.S., the Federal Trade Commission has reported that 77% of its fraud complaints involve contacts by telephone, of which vishing is a subset.
Analyzing User Behavior to Detect Vishing Attacks
Vishing is the trickiest social engineering scam to detect. Vishing scams don’t trigger traditional alerts because legitimate users, guided by fraudsters, log in from their own device at the correct location to conduct a fully authorized transfer. New fraud detection solutions, however, can address these challenges.
BioCatch’s behavioral biometrics solution discerns whether or not a person is being directed by a criminal to initiate a fraudulent transaction by detecting subtle changes in known user behavior. The technology leverages advanced data science and AI to generate user profiles based on more than 2,000 parameters for user-device and user-application interactions. The unique ways an individual scrolls, taps, or types can be used to confidently validate identity and detect fraud.
BioCatch Detects Vishing Attacks By:
- Detecting behaviors that suggest a person is taking instruction to conduct a transaction
- Analyzing the prevalence of known risky behaviors in confirmed fraudulent sessions versus how legitimate transactions are handled
- Flagging suspicious transactions and generating real-time alerts