Contact centers worldwide are experiencing a higher number of phishing attacks every day and, to a large extent, are defenseless. While firewalls and cybersecurity measures help prevent other forms of cyberattacks, they’re not very effective against social engineering attacks. Many contact centers have deployed solutions like authentication apps and implemented clean desk policies across their workstations, but the threat of phishing continues to grow.
Businesses, especially in the BPO sector, need robust phishing-resistant security solutions to defend against sophisticated social engineering attacks. This article discusses why contact centers are particularly vulnerable to phishing and how Twosense helps keep them safe.
Contact center agents regularly have access to card data environments, which presents a lucrative target for bad actors. Instead of trying to get payment information from individual customers, they can get data on a large number of users in a single attack.
BPOs employ different measures to prevent this, but most are vulnerable to human error. The BPO sector is challenged by high employee turnover rates, making it difficult to train agents well enough to detect highly sophisticated phishing attempts.
Contact center agents are also trained to be very helpful and courteous throughout their interactions. The fact that they interact with a large number of customers every day can make it difficult for them to distinguish bad actors from genuine customers.
As mentioned, phishing is a security risk worldwide and is constantly increasing. In Asia, phishing was the leading type of cyber attack and vulnerability exploitation, accounting for around 43% in 2021. In European organizations, phishing was the second most common type of attack (42%), only slightly behind vulnerability exploitation (46%).
This could be because phishing requires less technical skills than finding vulnerabilities in a system or performing a brute force attack. There’s also the fact that organizations are mainly defenseless against sophisticated attacks. While contact centers can remove security vulnerabilities with regular updates and defend against brute force attacks with firewalls, there isn’t much they can do when employees are tricked into giving up their credentials or providing access due to MFA fatigue from prompt bombing.
The risk increases as attackers use advanced phishing techniques, such as deepfakes and voice phishing. While phishing largely relies on fake emails and sometimes even phone calls, deepfake technology allows attackers to even get on video calls with their targets, impersonating someone they may know, like an IT team member.
Traditional authentication solutions typically add a layer of security over login credentials. For instance, in the case of an authentication app, the user has to enter a randomly generated code from the app along with their login credentials to access a system. In the case of hardware tokens, the user has to plug them into their device and tap a button, at which point the key will enter a code.
The idea is that even if someone else gets a user’s password, they will still not be able to access the systems without the security code, which adds an extra layer of security. But if attackers can trick users into giving up their passwords, getting them to share their security codes is only negligibly more difficult.
Researchers have also discovered new techniques that attackers are using to capture authentication codes. For instance, in a reverse proxy attack, attackers can capture user credentials by setting up a proxy server and intercepting traffic between a user and a legitimate website or system.
Another problem with traditional authentication solutions is that they require active participation from the user. This makes them vulnerable to prompt bombing and MFA fatigue. It also means that these systems can authenticate users only so often. If an attacker gains access, they may remain hidden and move horizontally for a long time before they are detected.
Contact centers need a solution that continuously authenticates users with minimal effort and can resist phishing, making Twosense the perfect solution. Twosense uses behavior to authenticate users. It is deployed as software and analyzes how users interact with their system.
Twosense develops a unique profile for every user based on how they type or use their mouse. Once the profile is ready, Twosense continuously monitors how users interact with their systems, compares it with the user profile, and generates a score based on how closely they match. If the score is low, indicating that another person is using the system, Twosense will end their access.
This continuous and behavior-based approach is best suited for contact centers because it enables them to implement phishing-resistant MFA, which is also compatible with clean desk policies. With Behavioral MFA, contact center agents don’t have to carry their phones to use their authentication apps.
Contact centers can also reduce their team's training costs since Twosense requires minimal effort from the users. The entire authentication process happens without any action from agents, reducing the risk of phishing since attackers cannot trick agents into giving away their credentials.
Unlike other authentication solutions that rely on passwords or randomly generated codes, Twosense uses behavioral biometrics, which are innate to each user. While even physical biometrics such as fingerprints and facial recognition have been replicated, behavior cannot be, which makes it impossible for bad actors to fake or even store and replay.
This makes Twosense immune to replay attacks and other threats to which most authentication systems are vulnerable.
Another key difference is that most other systems authenticate users only at specific points in time. While IT admins can configure them to perform authentications more often, there’s a limit before it starts negatively impacting productivity since it takes active participation from the users. On the other hand, Twosense performs continuous authentications invisibly throughout the day and can detect an unauthorized user in less than a minute.