Insurance impersonation scams: What you’re up against and how Group-IB can help

How impersonation scams work in the insurance industry

Impersonation scams are on the rise, not least due to the exponential growth of technologies such as AI. Nowadays, any piece of data can be faked. Caller ID and emails, voices, and images can easily be altered. Scammers leverage names of trusted service providers (such as insurance companies) to gain access to personal information or money.

As a matter of fact, insurance companies are among the main targets. Fraudsters use sophisticated social engineering tactics to pose as insurance employees, thereby establishing trust with customers. One of the most popular vectors among scammers is making phone calls. Criminals use phone call spoofing to appear as if they’re calling from legitimate company numbers, draft phishing emails that mimic official communications, and even send text messages and QR codes. As a pretext, they often offer cheap policies or impersonate other people for fake claims.

Both customers and employees at insurance companies can be targets.

The ultimate goal is usually to obtain sensitive personal information (like social security numbers, policy details, or banking data) or to directly manipulate individuals into making fraudulent payments.

Our experts recommend that insurance companies combine Group-IB Fraud Protection’s Call ID and Global ID technologies to counter scam calls and that they use Group-IB’s Business Email Protection to protect against email-borne imposter threats.

How insurance companies can benefit from Group-IB Fraud Prevention’s Call ID and Global-ID features

The combination of the two patented technologies creates a robust layer of defense against impersonation scams, for both your employees and customers. Your clients will feel more confident knowing that their insurer is tirelessly guarding against sophisticated fraud tactics, which will enhance their overall trust in the service you provide. The combined intelligence shared via Call ID and Global ID within the Group-IB ecosystem bolsters fraud prevention for all the parties involved, creating a united front against fraudsters. By minimizing false flags on genuine inquiries, integrating the technologies leads to smoother and more efficient interactions with customers.

Representatives will be able to spend less time validating calls, freeing up valuable time and resources for other tasks. The combination of Call-ID and Global ID makes it significantly harder for fraudsters to remain anonymous, which disrupts their operations in the long term. Additionally, Global ID helps identify compromised accounts used in impersonation attacks, providing an extra layer of protection. Insights from one insurer can also protect the entire network thanks to the collaborative nature of Group-IB Fraud Protection augmented by Global ID.

Let’s discuss how the two technologies work in detail.

Call-ID: How to protect against imposter scams and call spoofing in real time

Real-time Fraud Detection and Spoofing Protection, also known as Call ID, is a technology that helps protect users from fraudulent calls. It comes with several features that allow flexible customization, active call details, and an up-to-date list of fraudulent numbers.

With Call ID, you can customize the possible risks configuration and device score to check calls only from numbers not listed in the user’s contacts. The feature excludes contacts from the analysis and optimizes data processing if necessary.

The technology also details active calls on the user’s device in real time without waiting for the call to end. If the protected application has permission to access the contacts list on the user’s device, the call starts after the protected application is launched.

Call ID performs the following key activities:

• Enriches data for all protected applications. If a fraudulent call is detected on the user’s device while a protected application is open, the Fraud Protection Mobile SDK will add this number to the list of fraudulent numbers and notify the owners of other protected applications.
• Compares phone numbers with fraudulent numbers, updated by banks, insurance companies, e-commerce companies, and other companies using Group-IB Fraud Protection solutions. Additionally, information is added to the list of fraudulent numbers through integration with Group-IB Threat Intelligence and other available internal and external sources (e.g., TeleSign).
• Analyzes the call history on the user’s device with a specified depth. This makes it possible to check whether there have been calls from fraudulent numbers on the device in the past and to take this data into account and calculate the risk level when processing the transaction.
• Verifies calls from their official numbers for authenticity. It notifies users about calls from official company numbers, allowing them to verify and track cases when fraudsters substitute these phone numbers with their own.

Group-IB Global ID: Cross-Application Tracking and Device Identification

Group-IB Global ID adds a crucial element to the fraud prevention arsenal: robust device identification and cross-application tracking. Here’s how it works:

• Global User Identification: Global ID uses a combination of device fingerprinting, geolocation data, and other identifiers to create a unique profile for each user’s device. This profile persists across different applications and browsers, making it harder for fraudsters to hide their tracks.
• Cross-Application Tracking: Global ID facilitates information sharing about fraud attempts across insurance applications and platforms. Even if a fraudster uses different accounts or switches devices, consistent device identification can link those activities together, providing a clearer picture of attack patterns.
• Combating Cookie Restrictions: Modern browsers often limit or block third-party cookies. Global ID circumvents these restrictions, ensuring reliable device identification and activity tracking even in privacy-focused environments.
• Graph Analysis for Proactive Detection: Global ID feeds data into Group-IB’s sophisticated graph analysis systems. This makes it possible to correlate events, devices, and accounts across all protected applications. Fraud patterns emerge much faster as a result, enabling proactive prevention.

How to protect against email-borne imposter fraud

The best approach to tackling imposter fraud is to prevent it at the roots. Group-IB Business Email Protection (BEP) ensures multi-layered protection against email scams through several advanced features and technologies. It uses anti-spam, anti-phishing, anti-spoofing, and anti-evasion techniques to identify and neutralize various types of email-based impersonation attacks.

The solution integrates extensive threat intelligence data, which keeps BEP updated on the latest scam tactics and malware trends. Behavior analysis is used to identify abnormal patterns in email communication that could indicate a scam attempt. Additionally, BEP includes malware detonation capabilities that analyze email attachments and links in a customizable environment, detecting and neutralizing malware that might evade conventional security measures.