Dear Realtor: We are writing to alert you to the increased activity with Cyber theft in the real estate industry. Please educate your clients on these threats. The following information may be helpful when discussing these issues with your clients.
Consumers have been targeted by scammers who alter or send false wire instructions to commit wire fraud. Buyers and Sellers should not send any wire funds until they have verbally confirmed with their title company the wire instructions. Buyers and Sellers should never rely on just email communication for wire instructions. We recommend Buyers and Sellers visit the title company and meet the staff in person and exchange wire instructions in person. Some title companies will never publish their bank account number; At Majesty Title, our account number will only be provided via encrypted email, and our wire instructions will never change once they have been delivered. If your clients get an email with changed wire instructions, or an unencrypted email with an account number, it is likely a fraudulent attack, and we ask that you contact your title office immediately.
Our industry has been dealing with these threats for years. They target both buyers and sellers, however, most recently a hacker successfully compromised a payoff for a mortgage and diverted the funds. The issue is growing. Hackers commit the fraud by creating spoof email addresses for all parties in the transaction, so the parties are not actually communicating to each other, but through the hacker who filters and changes the messages.
Buyers and sellers need to protect themselves. There are a few things they can do, and a few things you the realtor can do to deter the thieves.
- as you develop a relationship with a buyer or a seller, please educate them on this issue so they are informed and prepared.
- When you get a contract, and deliver it to the title company you trust, make sure you provide email addresses and contact numbers for your clients Immediately. The longer you wait, the increased likelihood a hacker will intervene and divert the communication. Encourage your client to visit the title company and meet the staff and agree at that time how funds are to be exchanged.
- If you have time before closing, encourage your buyer to deposit the EMD via check, not wire. If you represent the seller, encourage them to take a Title company check for proceeds.
- As the closing date approaches, that is when the hackers get more active. Make sure your clients increase their VERBAL communication with the title company. Hackers avoid getting on the phone. Before a buyer wires any funds, make sure they speak directly to the title representative they have previously spoken with. If a seller wants a wire, they should be prepared to speak with their title company the day of closing to confirm wiring instructions. We suggest sellers bring a voided check to closing. Sellers should also confirm with the title company any mortgages they expect to be paid off.
- Hackers create email addresses that resemble the addresses of the parties in the transactions. Be alert. If you get an email from a title company or a bank that does not have the “companydomainname.com”, be suspicious. Furthermore, rather than just replying to an email, try typing the email address you believe to be correct for the intended person. Chances are you will see both the correct email address and the hacker’s email if someone is attempting cybercrime.
- Finally, buyers should never send a wire to an account that is not titled in the name of the company listed as the Escrow agent on the contract. Hackers posing as the title company have been successful in telling buyers their bank is having issues and to redirect funds to a third party.