I ran into an old friend the other day who also happens to be an attorney at a national title company based in Michigan. He mentioned that he had had a number of transactions in recent months in which someone attempted wire fraud. In one case, the fraud was easily preventable, but the attorney handling the transaction refused to get on the telephone with the title company to confirm wire instructions. As a result, over $2 million was diverted, and the attorney was likely responsible.
These incidents are on the rise, and they are the fastest growing form of real estate cybercrime in the United States according to an analysis by the Miami Herald. FBI information provided to the Herald showed that for fiscal year 2017, nearly $1 billion was diverted or attempted to be diverted from real estate transactions.
Hackers typically monitor e-mails of lenders, real estate agents, title companies, and even the seller or purchaser, reports Doug McIntyre in Northern Nevada Business, in order to identify a pattern of communication that indicates a transaction will occur and when. Then they send a fake e-mail to the buyer or seller with information about a change in the wire instructions. Phony e-mails can come in all shapes and sizes, but this actual e-mail illustrates the kinds of things that might be requested as well as indicates red flags, such as the e-mail’s being sent from someone you don’t know, the e-mail in the signature block not matching the URL where the e-mail was sent from, and the indication of urgency with respect to the wire transfer.
In Grand Rapids, Sun Title Agency owners Lawrence Duthler and Thomas Cronkright founded their own technology company, CertifID, after losing $180,000 during a residential closing. CertifID is a real-time platform to help authenticate parties in transactions and securely communicate wire instructions.
Beyond using a tech company, attorneys can do more to ensure that their clients don’t become victims of wire fraud. Catherine Crosby Long at Baker Donelson recommends six protocols to help identify fraudulent e-mails before a wire is sent. In addition, if an incident does occur, the bank or other financial institution must be contacted immediately in an attempt to stop the transfer.
Finally, always exercise these common-sense precautions during a transaction:
- Verify and reverify wire instructions either in person or using telephone verification combined with required security questions.
- Get to know the transaction and the parties. Review the wire instructions keeping in mind who the players are.
- Be suspicious of last-minute wire instruction changes.