In 2017, the real estate industry saw almost $1 billion in attempted or diverted funds from buyers, sellers, title companies and escrow agencies into the pockets of online hackers. Wire transfer fraud is not a new problem for the industry, but agents, buyers and sellers may not know its frequency or severity.
The FBI’s most recent statistics show the real estate industry had $969 million compromised or successfully stolen in 2017, an over 5,000 percent increase from 2016’s figure of $19 million, according to The Washington Post. Even if an agent or buyer is familiar with the statistics, learning how to identify fraudulent transfer instructions, report conspicuous emails and prevent email hacking is increasingly important now more than ever.
When money is wired and never gets to its proper destination, there is little to no chance of recovering it unless the fraud is caught immediately. Due to the nature of these online attacks, all members involved in the closing of a home are at risk of losing money and getting involved in a lawsuit.
What is wire transfer fraud?
In order to protect clients and agents alike, everyone should understand the basics of how wire transfer fraud works:
- The most common form of wire transfer fraud utilizes email in what is called Business-Email Compromise (BEC) or Email Account Compromise (AEC). Due to the growing similarities in these crimes, they are constantly grouped together.
- Rather than targeting bank accounts, hackers take advantage of unsecured email accounts where they either hack into an agent’s email or create an identical email address for impersonation.
- Once email communication is established between the hacker and client, faulty instructions for the wire transfer process will be sent.
- Believing the email is from their agent, the client will then follow the instructions, complete the request, and deposit money into the hacker’s account.
- The bank does not flag the transaction as fraudulent because they only ensure the money is entering a legitimate account. And because the client unknowingly selected the hacker’s account, the transaction is legitimate and approved.
What makes this internet crime so successful is the diligence and attention to detail from the hacker. Although BEC/AEC crimes only account for 4 percent of all internet crimes, it is by far the most profitable, totaling over $676 million in 2017.
Hackers will go so far as to learn an agent’s schedule, ensuring their fraudulent transfer instructions arrive on the correct day and time agreed on between the agent and client. They will copy agent’s email signatures, and even warn clients about wire transfer fraud in their fraudulent email in order to establish a sense of security.
Read more from our Tech Issue
- Cover story: Starting a tech revolution in real estate
- The real estate sign: Now redesigned with modern tech
- Smart home technology is the new standard
- Why real estate agents play a central role in stopping cyber attacks
- Survey: Agents talk real estate technology
How has the real estate community reacted?
During the Professional Standards Forum & Committee Meeting, Jessica Edgerton, associate counsel for the National Association of Realtors in Chicago, told Realtors that “the more we raise awareness of these scams, the more red flags consumers will recognize.”
Although awareness can prove effective in preventing wire transfer fraud, a process as lengthy and complicated as closing on a home means that details can be be overlooked or forgotten. Agents who are familiar with wire transfer fraud prevention have become victims themselves when buying a home, proving everyone is at risk.
California Association of Realtors president-elect Dave Walsh told NBC that just about every wire transfer transaction made in California has been targeted at some point.
“One of the local county managers talked about getting almost 200,000 cyber-attacks a day on their servers,” Walsh said. “If you just simply trust the wiring systems, based upon getting a single call or a single email, there could be problems.”
Some companies have begun to adopt secure softwares in which all of their wire transfer instruction takes place. These multi-level encryption platforms keep communication out of email and behind safe, coded barriers.
Experts and agents seem caught off-guard to the recent spike in wire transfer fraud.
“It’s unbelievable how often this is happening,” Edgerton told The Washington Post.
What can agents do to protect themselves and their clients?
In a recent article, an agent details steps one can take in order to avoid wire transfer fraud. These steps align with the FBI’s suggested countermeasures laid out by their Internet Crime Complaint Center (IC3) and security consulting companies.
These steps include:
- Educating buyers and sellers
- Establishing a double-check system that involves confirmation of instructions over the phone,
- Taking extra care when receiving and responding to emails
Although largely unknown to the general public, the FBI does offer a fund recovery process if certain requirements are met. At this time, the “Financial Fraud Kill Chain” requires that the:
- Fraudulent transfer is caught within 72 hours
- Transaction was made internationally
- Amount exceeds $50,000
- Bank issues a recall notice
Educating clients and creating a bolded, red email signature about wire transfer fraud may prevent some cases, but if wire transfer fraud continues to grow at this rate, it may be time to seriously look at alternative avenues for client-agent communication when dealing with the most important purchase of many people’s lives. Reporting all wire transfer fraud to ic3.gov helps the FBI understand the threat, develop preventative measures, and inform the industry of threats to come.