Real Estate Cyberscams Continue: Average amount Stolen $130k

Cyber Liability

A study shows that Los Angeles area homebuyers are losing five million dollars a month to cybercriminals. In a scheme that started in 2013, and which shows no signs of slowing down, buyers are tricked into sending their down payments into the pockets of cyberthieves.

The thieves, after hacking into the email accounts of real estate agents, escrow offices, or title companies, are posing as legitimate parties and giving clients last minute money-wiring instructions, diverting the money into another account. By the time the crime is detected, sometimes just hours later, the money can be gone for good. The average loss to a homeowner is about $130,000.

The modern-day real estate transaction, with so many parties involved and so much money at stake, is a growing target. Many times, there is a rush by homebuyers, realtors, brokers, mortgage lenders, and escrow companies to close on a home sales contract quickly and efficiently. In many instances, the homebuyer has never met all the players involved. Instead, all the parties exchange information via text message or email, rather than by telephone or in face-to-face discussions.

This creates a great opportunity for a hacker to monitor the emails and text messages flowing between the buyer and the various players, and at the appropriate moment, usually hours before closing is to occur, insert themselves in the conversation, posing as the realtor or escrow company. It is then a simple matter to direct an unsuspecting homebuyer to wire-transfer the money to a different account. The homeowner, unaware of the switch, sends the money and, in most cases, never sees it again. Josie Huang “Cyberscams are bleeding millions from LA homebuyers” www.scpr.org (Jul. 07, 2017).

Shannyn, a financial blogger, was the victim of this type of fraud. She received legitimate closing information six business hours before her scheduled closing time. Minutes later, she received a follow-up email, purporting to be from the same title company, changing the account information. Suspicious, she called her real estate agents who were working the sale. One did not return her phone call, and the other dismissed her suspicions, suggesting such last minute changes were not unusual. Shannyn followed the bogus email instruction and sent her $50,000 down payment to the new account. Fortunately, after realizing she had been victimized, she was able to recover most of her losses after a few months of frantic phone calls, social media discussions, and with the FBI exerting pressure on the banks holding the money. This was a rare case in which the homeowner got the funds back.

In her matter, Shannyn called her real estate agent, who dismissed the change as routine. Based in part on that endorsement, Shannyn sent her money. It was later determined the real estate agents were aware of similar schemes, but neither one took the time to investigate the change or verify the authenticity of the email. In this case, it was the title company’s email account that had been compromised, but it could have just as easily been the email account of the real estate company.

Protecting your clients and yourself starts with cybersecurity basic that are too often ignored. Use strong passwords, regularly update computer systems, and install anti-virus software. If you supply the wire-transfer information to your client, do it in writing on paper and in person. Do not send the information via email or text. If your buyer is out of town and you must do this electronically, use a secure company portal such as DocuSign or SignNow.

Warn your client to be aware of last-minute changes in financial accounts, amounts, or closing instructions. If your client calls you regarding last-minute changes, take the time to investigate and confirm any changes and report your findings to your client.

When you investigate, use the phone, and do not confirm changes with a title company via email. If you use the phone to verify the information, look up the number yourself. Do not use the number listed on the email because that could be fake.

* Hanover Insurance Group . Every coverage situation is different, and the final outcome depends on the unique facts, law and insurance policy involved. The E&O policy contains reductions, limitations, exclusions and termination provisions that impact coverage for a specific event. Full details of the coverage are contained in the policy