Skip to content
All Blogs

Accurately detect impersonation scams to protect CX

Author: Laura Ballam


Impersonation scams — it's a topic no one wants to think about but one that's important to understand. Scammers will go to great lengths to trick people into thinking they're trustworthy and legitimate. This can take many forms, from copying company logos and creating fake email addresses to pretending to be someone from your bank or even the police. In 2022, over £177M was lost to impersonation scams in the UK. In 2023, the Federal Trade Commission (FTC) received nearly 400,000 reports of impersonation scams in the first half of the year.

How do impersonation scams work?

Impersonation scams can come via phone call, text, or email. The scammer pretends to be someone else, typically a well-known company or government official, requesting immediate payment or trying to obtain financial information. They often have personal details they acquired elsewhere and use a sense of urgency or fear to pressure victims into obeying their demands. The scammer may tell the victim their accounts are being attacked, or a fine is due, and send a link to click or number to call immediately. The victim clicks the link to make the payment or calls a fraudster-operated hotline. They often don't realize anything’s wrong until it's too late and they’ve already made a payment to the fraudster.

How to identify impersonation scams 

Modern fraud prevention solutions can detect and prevent impersonation scams before they cause damage. For example, a comprehensive data platform can identify red flags like changes in a customer's banking behavior or suspicious account activity in real time. When detected, it notifies the customer and bank in milliseconds empowering them to take action to prevent the fraud from going through.

Flagging new payment destinations, recipients, and accounts is standard operating behavior for fraud detection, but the usual rules don’t apply to impersonation scams because a real, authenticated customer is logged into their account to make the payment. This is why context is key to detecting and preventing impersonation scams. Without context it’s difficult to know which actions are legitimate versus prompted by a scammer. And if you create too much friction for legitimate customers, they’re not going to be happy. The goal is to rapidly identify high-risk activities while also recognizing legitimate activity in real time.

Comparing real-time user interactions against that customer’s identity profile, as well as known good (legitimate) or bad (fraudster) profiles enables proactive fraud prevention. A modern data platform collects real-time signals, then scores and adds insight from data models for machine learning, model building, investigation, and reporting. Layering behavioral biometrics such as navigation habits, typing patterns, response time, and copy/paste behavior into the identity profile builds a comprehensive understanding of every individual.

Capturing payee data in real time enables further tracking and investigation into potential mule accounts. When a compromised account is identified, it can be traced back to a larger mule network for greater fraud prevention and bigger impact.

Analyzing whether a user’s activity is in line with typical interactions from the customer, identifying and tracing flagged mule accounts, and layering behavioral biometrics on top of it all creates a recipe for success in identifying and preventing impersonation scams.

Behavioral biometrics — the secret ingredient 

Behavioral biometrics is the secret ingredient in detecting and preventing scams, because it can spot fraud while it’s happening. With a data platform that incorporates behavioral biometrics, you’re consistently building a profile of legitimate user behavior. Think of a typical banking customer who doesn’t request wire transfers on a regular basis, if at all. When that customer attempts to initiate a wire transfer at the request of a creative scammer, they’ll likely hesitate and take extra time to find what they’re looking for, fill out the information, etc.

A victim’s biometric behavior signals are also very different when they’re upset or in a hurry. People worried about losing their life savings or rushing to pay a fine and avoid a penalty can’t help but translate these emotions into their typing speed, gestures, etc. An impersonation scam victim may hesitate, worrying whether this is really who they say they are.

Behavioral biometrics provides an extra layer of defense by identifying these signals in real time. Advanced data capture can even detect when a customer is on their mobile phone at the same time as they’re logged into their banking account — a strong sign of an impersonation scam in progress. Capturing, detecting, and sending these anomalies as signals to your fraud management systems and teams in milliseconds enables instant decisioning for fraud intervention.

When the user is unknown or anonymous, a modern data capture platform leveraging behavioral biometrics can also detect behaviors that are commonly exhibited by scammed individuals, based on hundreds of thousands of interactions tracked over time. Advanced scoring and artificial intelligence (AI) further contextualize known behaviors of scam victims, comparing “me vs. fraudster” to identify potential fraud.

Financial institutions are great at educating customers about potential scams and offering tips on how to spot and stop them. With an integrated data platform, triggers can also be set to display a notice on the victim’s device when an impersonation scam is detected. A strong message, “Stop! This account has been flagged for possible fraud. Please call us immediately.” can be the difference between your customer becoming a victim, or a loyal advocate. You can even set rules to block or stop the payment in real time until further investigation can be completed. In some cases, it can be beneficial to let the payment go through while putting guards in place to protect the customer — for example, to trace a mule account or reassure an upset customer.

Impersonation scam prevention in action 

HSBC is a perfect example of proactive fraud prevention. Leveraging Celebrus real-time data and Teradata technology they protected a 78-year-old customer from losing a lot of money in an impersonation scam using Automated Push Payment, a form of Remote Account Takeover (RAT) fraud. It happened so fast, the victim thought she’d already lost the money and didn’t realize the money was back in her account until the next morning. HSBC leveraged predictive fraud models and behavioral biometrics to detect the RAT fraud. They allowed the experience to happen so the fraudster wasn’t alerted, but then suspended the payment and contacted the customer directly to review the details. Talk about a happy (and loyal) customer! And of course, the customer and her family are spreading the news – enhancing the bank’s reputation in a way no advertisement could match. Here’s one of the related posts:

Scammers can be incredibly convincing, but with a comprehensive fraud prevention strategy, you can protect your customers and your organization from costly impersonation scams.


The clock is ticking to prevent fraud! Are you ready?

Fraud is increasing at a dramatic pace and businesses must act now to protect and retain consumers. Fraud prevention requires four essential elements working in harmony within your fraud data platform. Is your solution up to date?

Subscribe to our blog for regular updates!