Here is a neutral, objective, and interesting summary of the text: As companies strengthen their website security with two-factor authentication, attackers are increasingly targeting call centers to impersonate victims and gain access to their accounts. This phenomenon, known as account takeover (ATO), has grown at a staggering rate due to technological advancements that enable social engineering tactics. To protect customers' data, it is essential for contact centers to implement robust authentication protocols over the phone. The recommended approach involves using possession factors, such as physical tokens or verbal passwords, to authenticate users, rather than relying on knowledge-based factors like phone numbers or emails. Additionally, call center agents should be trained not to share personal information with customers and instead build guardrails to limit sensitive data exposure. By adopting these best practices, contact centers can significantly reduce the risk of ATO and protect their customers' sensitive information.