Rinat Klier Erlich

There are many forms of cyber fraud, including stolen information, cyber ransom and identity theft. In those situations, a perpetrator attacks a business and is able to steal the business information of third parties, snag financial documents or even shut down the business’s data in exchange for a ransom payment. Those forms of cyber-attack are carried out with the intent of gathering information that can be used later; however, since businesses are aware of possible vulnerability to cyber-attacks, many companies regularly update their systems against viruses and malware, using encrypted data storage and firewalls.

As defenses to cyber fraud are developed, the perpetrators become more sophisticated as well. A new form of cyber fraud has emerged, and this one is based on targeting a specific group of professionals. Most recently, the targets have been real estate professionals: brokers, escrow officers and title agents. This form of fraud involves spying on transaction activities and identifying the players and the amount of money at stake. This results in wire fraud.

Cyber thefts around the globe grew last year to an alarming $1.2 billion, compared to $100 million in more traditional theft from financial institutions. In light of those developments world-wide, in the last few months, there has been an increase of focused attacks on real estate transactions resulting in wire fraud. Real estate transactions involve several parties, all eager to close the transaction, which cause the parties to pay less attention to detail. This is especially dangerous when there are large amounts of cash that exchanges hands.

In a typical scenario, a perpetrator locates e-mails of real estate agents, brokers, escrow or title agents. An inexpensive software can be used to run a search of these professionals and identify them. The perpetrator then engages in phishing by sending e-mails to the first victim with purportedly business-related documents attached. A perpetrator can, for example, send a document through DocuSign or GoogleDocs, and the e-mail invites the recipient to log in from the e-mail into what appears on the receiver’s e-mail to be the sign in page for the document-hosting software. The perpetrator then records the password and uses it to start monitoring the real estate agent, broker or escrow officer’s e-mail.

Once the perpetrator learns of an existing escrow transaction, the perpetrator can then pose as a party to the transaction. For example, the perpetrator can send an e-mail from the real estate agent, broker, escrow officer or title agent’s actual e-mail account with wiring instructions to the buyer. The perpetrator is able to accomplish an e-mail exchange with the buyer, unbeknownst to the actual person whose e-mail has been hacked, by changing the action in the first victim’s inbox, so that the inbox will not show incoming e-mails, while the first victim would not suspect that another person is communicating from their e-mail account. The second victim is the person who is instructed to send the wire to the wrong bank account. The perpetrator can also send an e-mail to the escrow or title officer, posing as the seller and instructing the escrow officer where and how to send the sale proceeds by providing a new routing number for a wire. To add credibility, the perpetrator copies other parties to the transaction, but uses false e-mail addresses that appear similar to the originals.

These new forms of scams are very sophisticated, because they are different than an anonymous perpetrator penetrating the business firewalls. In these newer forms of scams, the perpetrator actually monitors an e-mail account and learns valuable information about the account holder’s business. This is like a house burglar monitoring when the occupants leave the house and when they go to sleep. These scams are also fast! The sooner discovered, the better for one’s own protection and the recovery of funds.

There are several ways to avoid phishing that results in wire fraud. Internet users are encouraged to use two methods of verifications. One example is when they log into their e-mail account, it sends a verification to the person’s phone. They are also encouraged to update their software when updates are available instead of continuing to use older software versions. Parties should always include a phone conversation when a transaction involves money transfer, and everyone should always read their e-mails carefully.

Yet most importantly, when a problem occurs, all parties must assist each other to immediately address it and prevent the spread of the information. Unfortunately, parties have been reluctant to call the FBI Cyber Crimes division due to concern with the IRS and other regulatory bodies. The FBI informs, that if it learns of wire fraud within the first 72 hours, it has the best chances of recovering the funds.