Subscribe to Blog
Cybersecurity: How to Protect Yourself Before It’s Too Late
Industry News Real Estate Technology Title Agent Tips

Cybersecurity: How to Protect Yourself Before It’s Too Late

Justin Nedell

As reported by the FBI’s 2020 Internet Crime Report, the amount of money lost due to cybercrimes has increased in recent years, totaling $4.2 billion in 2020. Nearly 6,000 businesses are targeted every month by some sort of Business Email Compromise scam. 

While cybercrimes related to the wiring of funds are nothing new, the chaos of the real estate market during the pandemic has led to more elaborate schemes being used against stressed homebuyers, real estate agents, title agents, and other real estate professionals specifically.

The American Land Title Association, ALTA, recently reported that roughly one-third of all real estate transactions in 2020 showed signs of attempted wire fraud.

During our recent interview with Tom Cronkright of Michigan’s Sun Title and CertifID, we gained some insight into how wire fraud begins, how it is prevented, and how a title company plays an essential role in protecting the real estate transaction.



How Does Wire Fraud Occur?

Tom told us that more than 90% of wire fraud attempts begin with a “phishing email that has been curated and then sent to someone that is active in a transaction.” This tactic is part of a larger process called a Business Email Compromise scam.


What is a Business Email Compromise?

A BEC scam in real estate is simply when either a real estate agent, title company, or lender’s email account is compromised and used to trick a buyer into taking the bait of wiring the funds to the wrong account.

The process usually takes the following steps:

  1. The fraudster identifies the target
  2. They utilize email spoofing/phishing and social engineering tactics
  3. The target falls for the trap and takes the bait
  4. The funds are transferred into the cybercriminal’s account


There are several ways they can utilize the information sent through emails to spoof someone into wiring the money to the wrong place.

Methods for email spoofing:

  • Forging the contact’s name and email address that the recipient sees
  • Setting up a new, valid email address with a name from within an organization
  • Creating a new email address that looks highly similar to the original


How Are These Schemes Evolving?

While many people think of scams as a questionably written email detailing a person they know who needs money “wired to them immediately,” fraudsters are becoming much more sophisticated in their approach, according to Tom.


“These scams are becoming more and more sophisticated by the month, not by the year.” - Tom Cronkright


According to Tom, what used to be a 72-92 hour window for recovery has now dwindled to 24-48 hours in recovering funds, “it’s a right now issue.” The use of cryptocurrency has also made it easier for fraudsters to deplete phony accounts by simply converting the digital currency into something tangible, effectively washing the money.

Another emerging trend that Tom reflected on was a fraudster converting an account to cashier’s checks immediately, cashing in the cashier’s checks, and then using the money to buy something they can sell, like cars, for instance.


What Do You Do If You’ve Fallen Victim to Wire Fraud?

It’s essential to consider the process in terms of a recovery plan before the fraud takes place. That way, when it does happen, the steps are clearly defined in your action plan. This plan should include a designated person in your office to manage the process and a predetermined point of contact in your local FBI office.

6 steps once a mistake has been made:

  1. Identify where the money was coming, the amount, and the time frame
  2. Alert the banks; both the initiating bank and the receiving bank
  3. File an IC3 complaint form online with all the required information
  4. The FBI begins its investigation and attempts to freeze the funds
  5. Follow up with the banks to see if they’ve uncovered any information
  6. Complete a notice requirement with your insurance company and contact local law enforcement


Why Wire Fraud Targets Real Estate

On a list of more than 30 types of crime, real estate wire fraud was the fifth most reported. As Tom pointed out to us, there are several reasons behind fraudsters attacking the real estate industry, specifically buyers.

Three main reasons why buyers are susceptible:

  • Real estate is the largest transaction that consumers will engage in
  • They [buyers] typically only engage in it a few times in their lifetime
  • This causes a lack of “muscle memory” when they’re in and out of a transaction cycle


Between the Earnest Money Deposit (EMD) and the Cash to Close, there is a huge opportunity for a cybercriminal to turn a quick profit. Additionally, buyers are very dependent on their real estate agent or lender for information regarding the transaction process.

Consider that new digital communication tools are not fully understood, transactions involve multiple vulnerable parties, and a lack of education surrounding the topic; the potential for fraud is high.


“We’ve seen transactions where the fraudster, on the same exact file, tried to divert the buyer on the cash to close, was unsuccessful but was able to convince the title company to send the mortgage payoff to a fraudulent account, same file.” - Tom Cronkright

Everyone is At Risk

According to Tom, while buyers may be more at risk, no one is entirely safe from a wire fraud incident in the real estate transaction. Buyers, sellers, real estate agents, solo attorney practitioners, mortgage brokers (not just lenders, but banks too), and title agents are all at risk. 

Any person involved in the real estate process can have their email account compromised, exposing buyer and seller information, timelines, transactions amounts, and so much more.


How to Protect Buyers and Your Team

While everyone in the process can be a target, there are steps to prevent malicious emails from reaching an inbox or becoming a victim of the other numerous schemes. Email security is arguably the most important, but education around the subject and clear communication during the transaction process are equally important in improving cybersecurity.


Understand How Fraudsters Take Over

When an account is compromised, the attacker usually takes several steps to maintain access to the emails. It’s not just them sifting through the inbox for information, as Tom stated in our interview.

Steps taken:

  • Auto forwarding rules are created, so they [frausters] have access to the emails, even if your password is changed
  • Auto-deletion rules of forwarded messages so they won’t be noticed by the account owner
  • Blocking of certain emails from coming into the account (e.g., the real email from the title company with wiring instructions)


Improve Your Email Security

While “actors” placing calls as a title agent or other professional are not unheard of, email hacking or compromising accounts makes up a majority of initial attacks. You should avoid sending private information or account details via email because it’s not secure.

How to be more secure:

  • Turn on multi-factor authentication
  • Use long-form and unique passwords
  • Checking email rules for anything abnormal


Tom also mentioned other ways to secure your email through third-party applications like Mimecast, Proofpoint, Agarri. These email monitoring tools can take your security to the next level (for secured accounts only).


Educate Your Employees and Customers

Educating employees and customers can be done in various ways, but Tom pointed out a few approaches for the beginning. The most important thing is just having honest conversations about cybersecurity. Let your employees know that they’re the greatest defense against cybercrimes. 

Another thing to discuss is the nature of when the attacks are more likely to happen. Busy teams are more distracted at the end of the month and over holiday weekends, thus leading to higher risk.

Other training ideas:

  • Create phishing emails as internal tests to see if employees take the bait. If they do, use it as a learning opportunity and gather metrics on how much information is given by each team.
  • Create a plan of action for any suspicious activity and foster a culture where employees feel empowered to speak up, even if it might delay a transaction.
  • Have clearly defined processes that help protect against cybercrimes, support clear communication, and utilize technology to support those processes securely.


Engage With Buyers and Agents

Bringing together title agents, real estate agents, and buyers is another vital part of protecting everyone from wire fraud. Having clear communication about the transaction process prior to the transaction taking place is the most effective way to make sure a fraudster can’t slip in.

As mentioned before, the COVID-19 environment has created a rushed and chaotic homebuying process. Buyers can be worried about wiring money quickly to get the house of their dreams and are therefore prone to fraudsters’ tricks.

Allowing for the education process to extend beyond the walls of a title company is another way to engage with buyers and their agents. Informational guides on wiring funds and other parts of the real estate transaction, like those created by CertifID, will help buyers understand how the process works.

While wire fraud and cyber crimes may be on the rise, there are myriad tactics to help diffuse the situation at hand. Educating your employees to bring awareness, opening up the lines of communication in the transaction process, and utilizing internal preventive measures are all part of a multi-layered effort to tackle this mounting problem within the real estate industry.

laptop with cybersecurity lock

This content is provided for informational purposes only. PropLogix, LLC (PLX) is not a law firm; this content is not intended as legal advice and may not be relied upon as such. PLX makes no representations as to the accuracy, reliability, or completeness of this content. PLX may reference or incorporate information from third-party sources, upon which a citation or a website URL shall be provided for such source. PLX does not endorse any third party or its products or services. Any comments referencing or responding to this content may be removed in the sole discretion of PLX.

Justin Nedell Content Marketer

Justin Nedell is a full-time Content Marketer for PropLogix and writes blogs, facilitates webinars, and crafts up other digital content for the company. He lives in Austin, Texas, and enjoys traveling near and far, hiking, trail running, snowboarding, and spending time outdoors as much as possible.