This August 2017 Title Matters is presented by:
M & M Title
I checked with my bank and the money isn’t there! Whether you are the title agent, who wired out seller’s proceeds or a payoff amount, a seller expecting sales proceeds to be wired into your checking account, or a buyer wiring money into the title company’s account for the purchase of property, these words can mean that someone may be facing financial ruin and, very often, with no real recourse.
Though there are various means by which thieves can re-direct wire transfers, sometimes employing sophisticated software, the most common scheme is e-mail spoofing or hacking. The Federal Trade Commission very clearly addressed the problem, reporting:
Hackers have been breaking into some consumer’s and real estate professionals’ email accounts to get information about upcoming real estate transactions. After figuring out the closing dates, the hacker sends an e-mail to the buyer, posing as the real estate professional or title company. The bogus e-mail says there has been a last minute change to the wiring instructions, and tells the buyer to wire closing costs to a different account. But it’s the scammer’s account. If the buyer takes the bait, their bank account could be cleared out in a matter of minutes. Often that’s the money the buyer will never see again.
Just as buyers can fall prey to this type of scam, unwary title companies are equally susceptible wiring seller=s proceeds to a thieve=s account after receiving a bogus e-mail, which looks like the real thing.
In its May 4, 2017 Public Service Announcement, the FBI reported that in 2016 the Internet Crime Complaint Center (IC3) saw a 480% increase in the number of complaints filed by title companies that were the primary targets of Business e-mail (BEC) or E-mail Account Compromise (EAC) scams. The perpetrators of these crimes were able to monitor a title companies real estate transactions and time the fraudulent requests for a change in payment type (frequently from check to wire transfer) or a change from one account to a different account.
The FBI suggests that following list of self-protection measures be employed:
- Avoid web-based e-mail accounts.
- Be careful what you post to social media and company websites, particularly out of office details.
- Be suspicious of requests for secrecy or pressure to take action quickly.
- Consider additional IT and financial security procedures.
- Immediately report and delete unsolicited e-mails from unknown parties. DO NOT OPEN SPAM e-mails, click on links in the e-mail or open attachments.
- Do not use the “Reply” option to respond to any business e-mail. Instead use “forward” and either type in the correct e-mail address or select it from your e-mail address book.
- Consider implementing two-factor authentication for corporate e-mail accounts.
- Beware of sudden changes in business practices such as a business contact asking to be contacted through a different personal or company e-mail, phone number, or via text.
- Create intrusion detection system rules that flag e-mails with extensions similar to your company’s e-mail
- Register all company domains that are slightly different than the actual company domain.
- Verify changes in payment requests by adding additional two factor authentication such as having a secondary sign-off by company personnel.
- Always confirm requests for transfers of funds. Call the person believed to be requesting the change directly using previously known/verified numbers, not the number or e-mail address provided in the e-mail request.
- Know the habits of your customers, including the details of, reasons behind, and amount of payments.
- Carefully scrutinize all e-mail requests for transfers of funds to determine if the requests are out of the ordinary.
For additional information on e-mail scams see also:
- Reducing the Risk of Real Estate Wire Fraud by Clareity Consulting, September 1, 2016, updated March 13, 2017.
- Best Practices for Victim Response and Reporting of Cyber Incidents@, Department of Justice, Cybersecurity Unit Publication, April 2015
 See See FBI Public Service Announcement Alert No. I-050417-PSA, at https://www.ic3.gov/media/2017/170504.aspx for a more detailed list.