If You Have to Visit a New Website to Verify the Call, It Isn’t Verification

The call comes from your bank’s fraud department. The caller ID shows the bank’s real fraud number, the one printed on the back of the card. The person on the line knows the account balance and reads back the last four digits. They explain that a suspicious charge has hit the account. Every detail fits, so the customer does what the caller asks.

In 2025, a Chase customer lost roughly $40,000 to a call like this. The caller ID displayed the bank’s genuine fraud line, and the scammer recited the account balance to the penny before walking the customer through the steps that drained it. Falling for it is not carelessness. We are built to trust a voice that sounds right and a number that looks right, and both are now cheap to fake.

The fix the industry reached for

Companies see the problem, so vendors built a category of caller verification tools to close it. The logic is sound on its face. If your customer cannot tell a real agent from an impostor, give them a way to check. The agent generates a short code during the call, the customer enters that code on a verification page, and the page confirms the call is genuine. The weakness is where the check happens.

Where the model breaks

In the common version of these tools, the customer types the code into a separate verification portal. Your customer has never been to that portal. They have no memory of it and no sense of what the real one should look like. They depend on the caller to tell them where to go.

That is the entire opening for an attacker. A scammer does not break the verification system. They send the victim somewhere else. “Don’t go to the bank’s site, go to this verification page instead and type in this code.” The victim never knew the real destination, so they cannot tell the page in front of them is fake. The code itself does nothing, because the attacker hands the same code to every victim on a site they control. The attacker turns the verification step into one more instruction, and the victim follows it.

It teaches the habit fraud investigators warn against. The FTC’s standing guidance is to ignore the contact details in an unexpected message and reach the company through a channel you already know is real. Sending customers to an unfamiliar site to verify a call trains them to do the opposite, and to feel safe doing it.

Real verification anchors to something you already trust

Sound verification ties the check to something the person already trusts before the call ever happens. Security has a name for this. NIST calls it verifier impersonation resistance: a check that a look-alike site cannot pass. The same idea underlies modern phishing-resistant sign-in, where the browser binds the credential to the real site’s address, so a look-alike site gets nothing, however convincing it looks.

If a check depends on the user spotting a fake destination, it has already failed.

How Agent Verify is different

Agent Verify uses that anchor. Your customer does not go where the caller sends them. They go to your website or app, the one they have used before and can reach on their own, and they confirm the agent’s code there. The caller never supplies the destination, so the caller has nothing to redirect. An attacker can spoof your number and clone a voice, but they cannot put their own page at the address your customer already knows.

During the call, the agent shares a Verify Code that is unique to that agent and that specific call. The customer enters it on your own verified page, and the page confirms the agent’s identity. The codes are single-use and time-limited. Because each one is tied to a specific agent and a specific call, an attacker cannot reuse it or capture it in transit the way they can a static code or an SMS passcode. If a caller cannot produce a code that checks out, that is the signal to hang up.

Why this is worth fixing now

This belongs on this year’s roadmap, not next year’s. The FTC reported that people lost about $16 billion to fraud in 2025, the highest total on record, with imposter scams the largest category at $3.5 billion. Phone scams cost more per victim than any other channel, a median of around $1,500 per person. Voice phishing is climbing to match, and Mandiant ranked it the second most common way intrusions began in 2025.

The weakness is the same whether the target is a customer or an employee. Scattered Spider, the group behind the 2025 attacks on Marks & Spencer and Co-op, runs almost entirely on phone calls to help desks, where an operative poses as a colleague or an IT agent and talks their way to access. Whether the call goes out to a customer or comes in to your support line, it comes down to one question: can the person on the other end prove who they are, or are they counting on sounding convincing?

Caller ID authentication doesn’t close the gap

The network layer does not solve this. STIR/SHAKEN authenticates caller ID, yet about a quarter of calls arrive with the highest level of attestation, and even a fully signed call tells your customer nothing about whether the human speaking works for you. Network signaling can vouch for a number, not for the person using it. Agent Verify covers that gap.

One question for any caller-verification vendor

Ask any caller-verification vendor one question: does it ever send the customer somewhere they have never been? If the answer is yes, an attacker can redirect that step, and a step an attacker can redirect protects no one. The attacker folds it into the script they are already running.

Agent Verify closes that opening. The customer checks the call on a site they already use, against a code an attacker cannot reproduce. The impostor still has a voice that sounds right and a number that looks right, and for the first time, that is not enough.

Sources: FTC Consumer Sentinel Network fraud data, 2024 and 2025 · CrowdStrike 2025 Global Threat Report · Mandiant M-Trends 2026 · NIST SP 800-63B (verifier impersonation resistance) · TransNexus STIR/SHAKEN attestation statistics, 2025