Next Caller’s Holiday Fraud Forum: COVID-19 Brings An Early Christmas For Criminals

How Brands Are Preparing for a Bleak Black Friday

Recently, the team at Next Caller held a live discussion with Former FBI Most-Wanted-Cyber Criminal, Brett Johnson and Sam MacMillan Director Sales Engineering Experian to discuss why we’re likely headed towards a historically dangerous fraud-filled holiday season and what businesses and individuals can do to prepare. With Black Friday days away, one thing is clear… thanks to COVID-19, organizations and individuals are in the crosshairs more than ever. 

As we’ve touched on in previous reports, Covid-19 has compounded the holiday fraud landscape in many ways. The scams and schemes over the past several months have left consumers exposed at an alarming rate, and even more worrisome is that fact that most have not taken any precautions to keep themselves safe. While the reasons given for not taking precautionary measures are logical; ‘not having time’ or ‘having bigger concerns’, additional findings–only half check their accounts for fraud more than once or twice a month–are frightening when weighed against the amount of fraudulent that’s already taken place. An astonishing 55% of Americans believe that they’ve already been targeted by fraud, and even more worrisome, 59% report that they’ve haven’t taken any additional protective measures. Suffice it to say, a perfect storm is brewing.

The crisis has had an equally significant impact on businesses. COVID-19 has forced retailers and e-commerce merchants to make major decisions that are designed to keep them financially afloat. For example, some retailers have actually made Black Friday a month-long event. With the retail holiday season beginning earlier than ever before, we’ve already seen a glimpse of what’s to come with cyberattacks and phishing schemes imitating Amazon spiking 21% last month ahead of Amazon Prime Day, and the release of highly-awaited products like next-gen gaming consoles leading to significant spikes in scams.

Adding to the complexity is the rising rate at which consumers are shopping online. In fact, US e-commerce sales have grown by more than 35% in Q3, following a previous record breaking spike in Q2. And given recent expert predictions, there’s no sign that e-commerce shopping will decrease any time soon. And while shopping online has helped alleviate the bottom line impact from shutdowns and social distancing, it’s also brought with it droves of fraudsters looking to exploit the increase in activity.


Normally, it’s the bad guys that are desperate. But this year it’s different. 

Reeling from the impact the crisis has had on their bottom lines, businesses are desperate for sales this holiday season. They are also operating in new configurations and with less resources. And while the majority of businesses are no doubt exercising due diligence, the question of whether some businesses may accept sales over security in an effort to bolster their financial health isn’t an unreasonable one. But one thing is for certain, for many organizations and their teams, this year’s holiday rush will be akin to an unrelenting avalanche leaving overwhelmed employees and victimized customers in its path.

Consumers are also desperate. The economic stressors and constantly changing circumstances over the last several months  have caused them to bombard contact centers with requests and concerns at unprecedented levels. Retailers and financial institutions can expect a similar flurry over the next few weeks. And then there are those  individuals whose desperation has turned them to fraud in a desperate attempt to stay afloat and provide this holiday season, even if it comes at the expense of someone else. With these new entrants into the nefarious world of fraud, attacks over the next few weeks will come from all directions, adding to the confusion and chaos for businesses..

Criminals, however, are calm, cool and collected.

Armed to the teeth with an unprecedented amount of PII from scams and schemes carried out over the last several months, they know how vulnerable their targets are and, with the means to systematically exploit the new gaps that exist, we can assume that they are more excited about the holidays approaching than anyone. 

And while the picture here is bleak, the good news is that, for the most part, organizations seem to be aware of the elevated threat that they face this season and are taking measures to prevent themselves and their customers from being victimized.


With this all as a backdrop, we wanted to see what attendees of our Holiday Fraud Forum — professionals in fraud and customer experience positions at  dozens of today’s top brands — were doing to prepare for this unprecedented threat. To do so we asked a series of poll questions. Here’s what we found:

Anticipating What’s Around the Corner

The first question we asked attendees was “Is your organization anticipating an increase in fraudulent activity this holiday season?”  60% of respondents said “Yes”. And while it’s reassuring to see that the majority of brands are aware of the increase, the 40% of those who responded with “I’m not sure” (30%) or “No” (10%) is a bit worrisome. While fraud will undoubtedly hit different industries in different ways over the holiday season, no brand today is impervious to the fraud landscape. As Brett Johnson put it during our conversation, “I don’t care who you are, you should understand your place in the cyber crime arena – because you have one”.

Next, we wanted to see if organizations were taking additional steps to ensure employees are aware of elevated raud risks and up-to-date on current security policies and procedures. An overwhelming 80% of companies reported that they are taking additional steps. With the crisis forcing employees to adopt new configurations and processes, and past Next Caller research finding that 44% of Americans believe that their information is more vulnerable because of this, it’s good to see that organizations are preparing those who will be on the front lines.

However, we also found that the security measures that inevitably frustrate consumers such as one-time passcodes and knowledge-based questions are still more heavily embraced than other, more advanced tools. Only 30% of companies reported using passive call verification and ANI validation as opposed to 70% that are strictly using one-time passcodes and knowledge-based questions. With 40% of companies reporting a desire to learn more about these tools, that means when you factor in the companies that haven’t considered integration at all, half of these companies are entering the holiday season without any additional technology to bolster their security. 

Still, if they haven’t already, the majority of companies are at least considering integrating more advanced technology, as only 10% of companies reported having not considered call verification or ANI validation as part of their contact security process at all. This goes to show that although some companies may be more prepared than others this holiday season, the majority of them are still being proactive about getting in front of fraud for the sake of their customers.

Striking the Right Balance Between CX & Security

Past Next Caller research has found that 56% of consumers believe brands are equally responsible for providing flexible and accommodating customer service and protecting personal information and accounts from fraud this is an especially positive sign.

Asking for the right balance between security and service is reasonable under normal circumstances, but today’s environment is anything but normal. So, fair or not, the onus falls to businesses to figure out how to make it work while customers want their cake and plan on eating it, too. In their weakest moment, consumers expect their experience to be accommodating and free from frustration, while also expecting total protection against fraud, even if they’re not doing much to prevent those attacks themselves. All the while indicating that a lifetime of brand loyalty is at stake.

And it seems like brands understand this. When asked “Which of the following best describes your organization’s approach to prioritizing customer service and security this holiday season?”–80% of respondents said “Both are equally important and we make every effort to balance the equation.”At the end of the day, criminals will move on and you don’t have to make it harder on real customers in the process. 


With COVID-19 compounding the threats that consumers and businesses face, it’s likely that we are headed into one of the most unpredictable and combustible fraud seasons in history. The lack of preparedness among consumers and shift in desperation is especially alarming. However, as Sam McMillan reminded us during our discussion, “A cyber criminal has a tool box he will use to defraud you. You as a business or consumer should have a toolbox too to defend yourself.” With a starting point of awareness, every individual and organization can take the preventative measures — many of which we’ve covered — needed to ensure the holiday season remains the most wonderful time of year.