We’ve all heard the horror stories about hackers infiltrating real estate transactions to steal closing funds. As fraudsters become ever more sophisticated, we all have to be vigilant to protect ourselves.
What are the latest tactics?
Fraudsters create emails that appear to be from an escrow officer—known as “spoofing”—and ask you to re-route funds needed to close their transaction. And, because they know responsible settlement professionals have begun using call-back procedures to validate and verify emails regarding wiring of funds, thieves also may try calling you using prepaid “burner” phones and applications that can spoof the caller ID of any phone number the caller chooses—even valid phone numbers of actual businesses.
How do they get the information?
The fraudsters hack and monitor non-secure communications between agents, buyers and sellers to gather information about the transaction. They then copy an email template and pose as the escrow officer in a message to clients. They may even add publicly available information about the “sender’s” personal identity that can be found on flyers, company web pages and social media to help make the message appear legitimate to the unsuspecting recipient, who then acts accordingly not realizing that their response is being routed to a hacker who is trying to steal their funds.
What can you do to help prevent this fraud?
While you can’t stop hackers from impersonating parties in a transaction, you can minimize the likelihood that you might act on fraudulent instructions.
- Make sure you (or anyone you know) who is buying a home understand that a title company’s wiring instructions should never change. If you are ever asked (via an email) to change the wire information, it’s probably a scam. Contact your title company to verify the wiring instructions and verify that your lender has the proper information to wire funds to your title company.
- Many title companies use encryption to protect confidential information going back and forth through email. However, be aware that if you forward that email through an unsecured method, the encryption—and hence the security of the information—is lost.
- If you suspect an email account has been spoofed, pick up the phone and speak with your escrow officer directly. Don’t use email for any communication if you believe an account has been compromised.
Buyers are prime targets for fraudsters, but title companies, today, have established a number of procedures to help keep them safe.
Make sure you are aware of this latest scheme so you can avoid becoming an unwitting victim.