Contact centres are now involved in 61% of fraud cases as criminals target customer service teams
– 61% of fraud cases now involve a contact centre interaction at some stage of the attack
– Fraud now accounts for 40% of all crime in the UK, making it the most common criminal offence
– Security experts at FourNet warn that criminals are systematically targeting contact centres using social engineering tactics
Fraud experts at Fournet are warning organisations to strengthen their contact centre defences as criminals increasingly use emotionally manipulative tactics to pressure agents into bypassing security procedures.
The warning comes as fraud continues to surge across the UK. More than 2 million fraud cases were recorded in the first half of 2025 alone, with over £629 million stolen, according to industry data.
Across the wider economy, fraud now accounts for around 40% of all crime in the UK ,while organisations recorded over 421,000 fraud cases in the National Fraud Database in 2024, the highest number on record.
Alan Linter, Group Consulting Director at FourNet, explains that
“Contact centres sit directly in the path of fraud activity”.
The research the team references suggests 61% of fraud involves a contact centre at some point, which means a large proportion of incidents either start, progress, or are completed through an interaction route your agents handle daily.
Kevin Prone, Head of Security Operations at FourNet, summarises the pattern clearly, saying attackers are “changing the way they operate”, using AI to amplify what works, then “repeating things, particularly within contact centres… based on a sort of a campaign”.
Emerging tactics
One emerging tactic, sometimes referred to as the “crying baby” scam, involves fraudsters playing the sound of a distressed child or family emergency in the background of a call. The aim is to create a sense of urgency and empathy that pressures agents into resetting passwords or updating account details before full identity verification can take place.
“Fraudsters are deliberately creating high-pressure emotional situations,” explains Kevin. “They know that agents are trained to help customers, and they try to use that instinct against them. The goal is to make the situation feel urgent enough that security checks are skipped.”
The experts say these types of attacks are also becoming more sophisticated as criminals begin to combine social engineering tactics with artificial intelligence tools.
“With the advent of AI, these attacks are now being amplified,” Kevin says. “They’re becoming more believable, and attackers can refine their approach incredibly quickly.”
The pace at which fraud tactics evolve has accelerated significantly. “Attackers can now rewrite their toolsets every two- or three-weeks using AI,” Kevin adds. “That means organisations need to be constantly reviewing and strengthening their security approach.”
Consistent processes are the strongest defence
The security specialists emphasise that preventing these attacks requires more than agent training alone. Instead, organisations need a layered approach that combines technology, consistent processes and real-time guidance.
One of the most effective protections is ensuring identity verification procedures are applied consistently in every interaction, regardless of the circumstances.
Fraudsters often succeed by persuading agents to bend the rules during emotional situations. But experts warn that allowing exceptions is exactly what criminals rely on.
“The rule has to be simple,” Kevin says. “Never let the caller dictate the process. Even if someone sounds distressed or claims there’s an emergency, verification still has to happen in exactly the same way.”
In practice, this means introducing structured checks before sensitive actions such as password resets or contact detail changes. For example, sending a one-time code to a customer’s registered mobile device before any changes can be made creates what security specialists call a “pattern interrupt” a step that fraudsters cannot easily bypass.
Identifying suspicious calls before agents answer
Many organisations are also introducing telephony intelligence tools that analyse incoming calls and assign a risk score based on known fraud indicators.
These systems can examine phone numbers, call history and behavioural patterns before a call is even answered.
“Technology can read the number that’s coming in and compare it to known risk databases,” Kevin explains. “If the call looks suspicious, it can be flagged or routed to a specialist team before the agent even picks up the phone.”
Providing agents with this context early can make a significant difference, as it gives them situational awareness before the conversation begins.
Spotting patterns across multiple calls
Fraud attacks rarely happen as a single interaction. Instead, criminals often test systems repeatedly until they identify a weakness.
Analysing contact centre data can reveal these patterns, from repeated authentication failures to clusters of password reset requests across multiple accounts.
By connecting telephony data with CRM systems and customer journey insights, organisations can identify suspicious activity earlier and intervene before a successful account takeover occurs.
Supporting agents under pressure
Organisations also need to recognise the pressure agents face in real-time conversations.
Contact centre teams often handle difficult and emotionally charged calls back-to-back, while trying to maintain strong customer service standards.
“Agents are wired to help people,” explains Sandip Patel, Senior CX Insight Analyst at FourNet “They want to solve the problem quickly, especially when someone sounds distressed. That’s exactly why fraudsters use these emotional tactics.”
Expecting agents to remember every fraud indicator in those situations is unrealistic. Instead, organisations are increasingly introducing real-time guidance tools within the agent desktop.
This can include prompts confirming verification steps have been completed, alerts when a call has been flagged as high risk, or reminders about security checks before sensitive actions are approved.
Sandip describes this as a “single pane of glass” approach, where agents can see all the relevant information and prompts in one place.
“The system guides the process while the agent focuses on the conversation,” he explains. “That support makes it much easier for them to follow the correct security procedures every time.”
Fraud defence must be a continuous process
Ultimately, the experts say organisations must treat fraud prevention as an ongoing process rather than a one-off security project.
Attackers are constantly evolving their tactics, particularly as AI allows them to test and refine scams more quickly than ever before.
“Security is a journey, not a destination,” Kevin says. “The organisations that are most resilient are the ones constantly reviewing their processes, analysing data and improving their defences.”
By combining strong verification procedures, early risk detection and better support for agents, businesses can significantly reduce the likelihood that emotionally manipulative scams succeed.
To listen to the podcast Click Here
For more information on how to improve your customer experience and cyber security Click Here
Award-winning FourNet is one of the fastest growing privately owned technology companies in the UK, providing CX, communications, cloud, contact centre, managed service, cybersecurity and secure network infrastructure solutions. We work with some of the most secure, critical and commercially driven customers in the UK, including more than 30 UK Government departments and agencies, as well as emergency services and local authorities. FourNet is an ethical and environmentally responsible business, committed to maximising our positive environmental and social impacts and championing transparency in all our business operations.
