Contact center fraud and identity verification gaps: what teams need now

TL;DR: Contact center fraud is rising fast, with nearly 29% of U.S. adults experiencing account takeover in 2024 and fraudulent calls reaching 12.5 billion in Q1 2025, according to 1Kosmos. The real issue is not just fraud volume but the weakness of identity proofing, agent workflow, and monitoring controls built for slower, less adaptive attackers.

NHIMG editorial — based on content published by 1Kosmos: Contact center fraud happens when criminals exploit customer service operations to steal sensitive information, drain accounts, or gain unauthorized access

By the numbers:

• Nearly 29% of U.S. adults experienced account takeover in 2024.
• Fraudulent calls surged to 12.5 billion in Q1 2025.
• Account takeover fraud has increased by 330% in recent years.

Questions worth separating out

Q: How should contact centers verify identity for high-risk customer requests?

A: Use layered verification, not a single check.

Q: Why do traditional call center checks fail against modern fraud?

A: Traditional checks fail because they assume attackers cannot easily obtain the information needed to pass them.

Q: What do security teams get wrong about contact center fraud detection?

A: They often look for a single bad call instead of a pattern of escalating behaviour.

Practitioner guidance

• Remove sole reliance on knowledge-based verification Retire security questions and caller ID as standalone approval signals for account changes, password resets, and high-risk disclosures.
• Correlate fraud signals across channels Join IVR behaviour, agent desktop activity, call metadata, and account-change events so repeated retries, unusual urgency, and rapid profile edits can trigger intervention before takeover completes.
• Train agents against pressure-based bypass tactics Use scenario-based coaching that teaches agents to pause when callers create urgency, claim authority, or present overly detailed personal information.

What's in the full article

1Kosmos's full article covers the operational detail this post intentionally leaves for the source:

• Specific examples of fraud tactics across account takeover, spoofing, IVR probing, and internal misuse
• Implementation detail on passwordless authentication, voice biometrics, and document verification in contact center workflows
• The article’s own deployment example showing 450,000 phoneless agents across 80 countries
• Practical guidance on training cadence, monitoring, and escalation procedures for frontline teams

👉 Read 1Kosmos's analysis of contact center fraud and passwordless identity →

Contact center fraud and identity verification gaps: what teams need now?

Explore further

View Full Forum →  |  NHI Foundation Course →