Are you at risk of wire fraud in Real Estate?
Closing on a new house is very exciting, but it’s also busy and expensive. It also could make you very vulnerable to hackers who know there is a lot of money on the line.
Any industry involving wiring transfers of large sums of money is vulnerable to this new type of hack. Purchasing a car, home, or piece of art are large transactions that are not usually done in cash. In well-established industries like real estate, there are some checks and balances, but while one would think it would be very tough to pull off this scam in real estate, it is just as easy.
When looking at the home buying process, according to the FBI's Internet Crime Complaint Center, email fraud involving real estate transactions rose 1,110 percent in the years 2015 to 2017. In addition, the amount of fraud dollars lost rose almost 2,200 percent which means scammers are getting more efficient.
Nearly 10,000 people reported being victims of this kind of fraud in 2017 with losses over $56 million, the FBI report said. Real estate is only now tightening its belt and fighting back. However, the real estate industry’s security is not even close to the levels of security in the art world. Yet, both industries are susceptible to this new hack.
How the Hack Works
Although it’s not entirely a new concept, this is the freshest approach with hackers targeting real estate agents and their clients. This needs to be on your radar! This is a pretty simple hack. Basically, criminals are breaking into the email accounts, and then, they monitor the email correspondence. Breaking in, in other words means “logging in”, because millions of email addresses and their associated passwords are in the hands of criminals due to massive data breaches. When the agent sends an email to a client perhaps with wiring instructions, the hacker is triggered and steps in. The bad guy will now impersonate the agent and warn that the instructions had a mistake on it, or the hacker might say he needs change up the instructions. The criminal does this to justify a wire transfer. He may offer a slight discount, and then ask the buyer to send the money to a different account. Once the hackers have the money, the hacker just disappears.
The Victims of This Scam
Both buyers and sellers are victims here. In many cases, both are left in the dark because the hacker hijacks the conversation. In other words, they take control of the emails and play both parts giving the hacker plenty of time to cover their tracks and get away. In the meantime, money and time is lost for all parties involved. A wire fraud happening in the finance industry used to be a “thing,” but there are so many security protocols in place within finance making it difficult to pull off a transfer scam within the financial space.
Tips to Keep Email Fraud at Bay
These tips are for buyers, brokers, and real estate agents.
- All email account passwords should include uppercase and lowercase letters, numbers and characters. Never use the same password twice—NEVER.
- All emails should have two-step authentication. This means after logging in, a one-time password is texted to the user’s mobile for account access.
- Make sure to change all passwords for online accounts, including Wi-Fi, regularly and especially after a data breach.
- Escrow services are your friend. There’s a ton of them. The gallery or broker will, or should, have a relationship with a trusted source.
- Pick up the phone and confirm every aspect of a transaction until you are blue in the face and annoying everyone involved to the point where you are satisfied that your money is safe.
- Update all of your anti-virus software.
- When you send an invoice via email, call or text a trusted number of the recipient to double check that they got it and that they have the correct account number.
- Urge all of your staff to remain vigilant when opening emails and make sure that they do not click on any links or download attachments unless the correspondence has been verified by phone. If you have doubt, contact the sender by phone.
There is so much more to this, and, while I can’t solve all the world’s problems, I can at least make you cyber-security smarter and digitally literate.
ROBERT SICILIANO CSP, is a #1 Best Selling Amazon author, CEO of CreditParent.com, the architect of the CSI Protection certification; a Cyber Social and Identity and Personal Protection security awareness training program.