TitleBytes News & Happenings

Beware the Cyber-Jungle

Geoff Prichard, Title Express

Navigating through communication in the Real Estate Industry can be a challenging experience. Constant emails, text, and calls from real estate agents, lenders, buyer’s, seller’s, and even other title companies can take up ones entire day, added to routine daily tasks. Sometimes the overwhelming communication can lead a person to overlook important details within the message. This is exactly what cyber criminals are counting on in order to be successful. More and more cyber criminals, who are often located in other countries, are hacking into the emails strings of title companies. They will follow the communication from the beginning and try to mask their identity as one of the parties within the transaction.

A recent example of how a cyber criminal was able to pull off a six figure theft of money will hopefully make everyone a little more conscience of the details within email or any other form of communication. This story begins after the closing of a house takes place. During the closing, a husband signed as a power of attorney for his wife, because she was out of town, and it was mentioned within the email exchange between all parties in the transaction. The cyber criminal who was following the trail of emails up to the closing, was able to create an account similar to the seller’s name at a bank in California, which helped legitimize what happens next. Aware that the husband was going to be unable to cash the check given to him at closing until his wife returned from out-of-town, the cyber criminal, masked as the listing agent, sends an email the next day asking the title company to wire funds.

The title company representative, who missed the fact that the email address was slightly different from the listing agent’s actual email address, obliged the cyber criminal. Instead of picking up the phone to confirm this request was legitimate, the title company representative accepted the wiring instructions to the cyber criminal’s account and subsequently sent the wire. Two days pass, and then the title company representative answered a phone call from the seller asking why the bank wouldn’t cash the check given to them at closing. By the time the title company representative was able to realize the wire was sent to a cyber criminal’s account, the money sent was re-routed oversees. This type of story is occurring more frequently all over the country, and can be prevented by giving greater detailed attention to all communication.

Another common practice that could prevent cyber criminals from accomplishing their theft is the use of encrypted or secure emails. Cyber criminals are successful at intercepting and replacing wiring instructions which are sent unsecure. In another story, a title company sent their wiring instructions to a purchaser for a cash purchase. The wiring instructions were sent unsecure, so the cyber criminal who again, followed the email exchange between the buyer and the title company was able to incept the email from the title company containing their wiring instructions. The cyber criminal then alters the email and attaches wiring instructions to their account. Unbeknownst to the purchaser the email was altered. The purchaser then wires their funds to what they believed was the title company’s account. The purchaser then arrives at the closing with the wire confirmation, which is when the title company notices the routing and account numbers are different from their escrow account. Like in the previous story, the money sent has already be re-routed oversees. This crime could have been prevented if secure emails were exchanged between the purchaser and the title company. So, beware, it’s a cyber-jungle out there.