By Milind Borkar, Illuma
Contact centers sit at the crossroads of account holder experience and fraud prevention. They handle sensitive financial transactions, authenticate identities, and often serve as the first line of defense against fraud. Unfortunately, fraudsters know this – and they’re evolving faster than many defenses.
Here are the most pressing risks contact centers face in 2025-26.
The biggest fraud story of 2025 is AI-powered voice cloning. Fraudsters can now generate synthetic voices that sound nearly identical to a real person, even with just a few seconds of audio.
Industry reports show a 1,300% surge in deepfake fraud attempts in the past year, with banks, credit unions, and insurance companies among the hardest hit. As AI gets more accessible, fraudsters are using deepfakes not just to bypass systems, but to erode trust between account holders and their financial institutions.
Legacy “voice recognition” tools can’t keep up.
Fraudsters don’t always need deepfakes. Most of the time, manipulation is enough. Using data stolen in breaches or purchased on the dark web, they pressure agents into granting access or resetting credentials.
Contact centers are a prime target for account takeover (ATO) attempts because once criminals get in, they can drain funds, change contact details, or move the attack into digital channels. Agents, often under pressure to resolve calls quickly, can be tricked into bypassing controls.
Human error becomes the weak link.
Many contact centers still rely on outdated methods like:
Fraudsters often already have this data. Social media, phishing, and data leaks make it easy to answer these questions. At the same time, these methods frustrate legitimate account holders, adding friction to every call.
This creates a lose-lose situation: weak security and poor account holder experience.
Fraud risk isn’t just external. Internal personnel, whether acting inadvertently or under manipulation, can unintentionally expose sensitive information. For example, helpdesk agents trying to assist employees may unknowingly provide access to cybercriminals posing as legitimate employees. These attackers often leverage publicly available information or stolen data to convincingly impersonate staff, creating significant security gaps.
Many organizations keep high-value transactions off their IVRs or voicebots out of fear of fraud. Without strong authentication, letting a caller transfer funds, change an address, or lock a card in self-service channels feels too risky.
But this forces more calls to live agents, driving up costs and wait times – while fraudsters still probe for weaknesses.
The fraud landscape is evolving quickly. Deepfakes are making legacy voice systems obsolete. Social engineering continues to exploit human vulnerabilities. Knowledge-based authentication frustrates account holders without stopping fraud. And without stronger tools, IVRs and voicebots remain underused for higher-value transactions.
IllumaSHIELD™ is purpose-built to address these risks with existing and evolving roadmap offerings:
Fraudsters are evolving with AI, but Illuma helps contact centers evolve faster. By eliminating outdated authentication methods, resisting deepfake attacks, and securing both agents and self-service, Illuma delivers the balance of security, efficiency, and account holder trust that today’s environment demands.
Connect with Illuma to learn more.