By Ryan P. Mellinger, Esq.
“Did you hear about Smith’s title company? They received a phone call from their client saying that they switched banks and therefore the wire had to be sent somewhere else. They did it and sent $75,000 to fraudsters.” Unfortunately, this isn’t a fictitious story. The title company name has been changed, but the scam was real. They received a funds transfer agreement from their real sellers, but then received a phone call saying they had to change banks due to a relocation. The title company did the right thing and asked for a new form to be completed and sent it to the email address given to them over the phone. The seller from the phone call filled it out and sent it back. The phone call and the second form were both phony. Because the title company did not have cyber insurance, they lost the $75,000 and their E&O insurance.
Criminals and fraudsters are becoming bolder and more sophisticated in their schemes, resulting in an increasing rate of victims. In a 2017 Internet Crime report by the FBI, it was stated that in the real estate/rental sector alone there were more than 9,600 victims who lost an accumulated $56 million. The type of fraud with the highest reported business losses globally in 2017 was Business Email Compromise, also known as Email Account Compromise, with losses totaling more than $675 million. It was also detailed that Pennsylvania ranked fifth in the number of reported victims of internet fraud in 2017.
These scams often start with the criminal finding a weak link in a personal or business email account or using phishing techniques to obtain personal information. The victim can be any member of the real estate transaction – the agent, buyer, seller, mortgage lender, attorneys and/or the title company. Once they have compromised the email account, they typically sit and watch. They monitor the conversations back and forth and wait for the perfect time, usually towards the end of the transaction when communications pick up pace and it is easy to slip in without anyone noticing. They will either use the actual email account of their victim or they will create a fake account closely resembling it. They will copy everything from your email account including your signature line, addresses and logos. Sometimes they will even give a phone number to confirm the last-minute change, but it goes right to the criminal. Their goal is to get your money into their hands as soon as possible after settlement and it usually works.
It is not just title companies that are the victims; it could be your client as well. An example is a couple in Colorado who lost their life savings during the purchase of their retirement home. The couple sold their previous home and planned to use the $272,536 dollars in proceeds as a down payment. Somewhere along the line the hackers gained access to the accounts of someone in the transaction and the couple received an email with instructions on wiring the down payment in preparation for the settlement. In the lawsuit that followed against the mortgage lender, the real estate agent and mortgage broker alleged that “during the negotiation, inspection, and closing process, the defendants routinely sent sensitive financial information through non-secure email, violating their own and industry guidelines.” The money was never recovered from the scammers and the resolution between the defendants and the plaintiffs is unknown.
Is there a solution to this problem that doesn’t involve hiding under our desks? The hard answer is no. While the FBI and other state and local organizations have increased their efforts to take down the cyber hackers, they seem to be one step ahead using technology and industry knowledge to their advantage and making it harder to stop the fraud scheme once it starts.
As an industry, we need to use a mixture of common sense, due diligence, and some simple technological enhancements to protect ourselves. Here are a couple of suggestions from the FBI to mitigate the risk of being scammed:
- Avoid free web-based email accounts: Establish a company domain name and use it to establish company e-mail accounts in lieu of free, web-based accounts.
- Be suspicious of requests for secrecy or pressure to act quickly.
- Do not use the “Reply” option to respond to any business emails. Instead, use the “Forward” option and either type in the correct email address or select it from the email address book to ensure the intended recipient’s correct email address is used.
- Verify changes in vendor payment location by adding additional two-factor authentication such as having a secondary sign-off by
- Confirm requests for transfers of funds. When using phone verification as part of two-factor authentication, use previously known
numbers, not number provided in the email request.
- Know the habits of your customers, including the details of, reasons behind and amount of payments.
- Beware of sudden changes in business practices. For example, if a current business contact suddenly asks to be contacted via their personal e-mail address when all previous correspondence has been through company email, the request could be fraudulent. Always verify via other channels that you are still communicating with your legitimate business partner.
- Be very aware of emails that come before a long weekend or bank holidays. The scammers love to use these extra days to gain more time and distance between you and your money.
If you believe you have become the victim of wire fraud, it is important that you report the fraudulent wire transfers to both the sending and receiving banks as soon as possible after the transaction. It is also imperative to contact the FBI and report the transaction to the FBI’s Internet Crime Complaint Center at www.ic3.gov. Once seventy-two hours pass, the chances of getting the money back are slim to none.
On June 11, 2018, federal authorities announced a major coordinated law enforcement effort to disrupt international Business Email Compromise schemes that were designed to intercept and hijack wire transfers. Called Operation WireWire, the six-month maneuver culminated in 74 arrests, with 42 in the United States. The operation resulted in the disruption and recovery of approximately $14 million in fraudulent wire transfers. Even with this coordinated effort, all indications are that this fraudulent activity is far from over; in fact, we will most likely see an increase in the future. Just last week, a new scam alert was sent out from an underwriter where the criminals intercepted a request for a payoff. They sent the unsuspecting title company a payoff on bank letterhead saying that they would only accept wired funds for payment. After settlement occurred the title company wired the funds expecting a satisfaction to be filed in the courthouse. A month later, the seller received a notice of payment from the mortgage company and contacted the title company, but by that time the money was long gone with no chance of ever being recovered. Fraud is an issue that impacts everyone involved in the mortgage process, but by being proactive and making wire fraud a hot button issue in the industry, we can protect our colleagues and clients from suffering unimaginable losses.
By Ryan P. Mellinger, Esq.
Prime Transfer, Inc.
Ryan P. Mellinger, Esq. earned his law degree from Widener University in 2011. He joined a private practice for two years until he opened Prime Transfer, Inc. in Lancaster in 2013. In 2017, he expanded the company and opened a second location in Lemoyne. Prime Transfer, Inc. is an independent title company that prides itself on being very competitive in the local markets with a large emphasis on good customer service.
Featured in Harrisburg Commercial Real Estate Report – November 2018