How REALTORS® Can Prevent the Risk and Liability of Wire Fraud in Residential Closings

Wire fraud is a common concern in residential real estate closings, and unfortunately, it has become rampant in recent years. Wire fraud occurs when a cybercriminal intercepts an email containing wire transfer instructions and replaces the legitimate instructions with their own fraudulent ones, tricking the buyer or seller into wiring money to the wrong account. This is often referred to as a “man-in-the-middle” attack, which is not a “hack” in the traditional sense, but involves a fraudster “spoofing” a legitimate email address of a party involved in the transaction by creating nearly indistinguishable fake accounts. The fraudster then uses those fake accounts to communicate independently with the real accounts, gathering enough information from one party to then communicate with another. Each email is timed to correspond with the expected closing date of the transaction.

How the legitimate email accounts become known to the fraudster in order to initiate the attack is usually through a related third party such as a real estate agent, a related third party’s use of an easily compromised email account, or a business associate that’s not included in later communications. This method of spoofing scams is so effective because the fraudster is able to “show” whatever name or email address they want a recipient of their fraudulent email to see. This means that an email sent by the fraudulent account will appear to the recipient as coming from a recognized and legitimate email account. Generally, the only way the fraudulent email address will be visible is if the recipient hovers their cursor over the email address or if they review a reply to the fraudulent email in their sent folder.

The other common way a fraudster is able to successfully “spoof” an email address is to register a fake domain name which is identical to the legitimate domain name but may be a letter or two off. By way of example, if a closing agent’s email address is jane_ smith@closingattorney.com, the fraudster will register the domain name jane_smith@closingattorneys.com. The addition of an “s” to the end of the legitimate domain is generally indiscernible to the parties in a transaction.

Important Tips And Best Practices

When a “spoofing” scheme effort is successful, the victim will often file a lawsuit against the closing attorney, the REALTOR®, and the bank who received the fraudulently attained funds. In order to help avoid having a transaction be the victim of a “spoofing” scheme, or to help insulate yourself from liability following a successful “spoofing” scheme, here are some important tips and best practices:

1. Avoid using free email services to communicate with clients like Gmail and Yahoo. Instead, ensure you are using encrypted email and two-factor authentication when sending sensitive information electronically, including when sending the purchase contract.
2. Engage an IT professional to ensure your computer system and malware protection is up to date.
3. Help educate your clients about the risk of wire fraud by including an automatic admonishment in your emails regarding the prevalence of wire fraud and instructing them to call and confirm wire instructions before initiating any wire transfer. Generally, the fraudster makes the first contact after the initial deposit has been made and before the closing funds are requested. Clients should be advised that wiring instructions will not change throughout the transaction.
4. Inquire about the wire transfer practices of the closing agent and encourage your clients to contact the closing agent via telephone to discuss how and when a wire transfer will be requested.
5. Educate yourself and your team on the risk of wire fraud and how it can be prevented. Human error is the biggest risk! This includes knowing how to identify suspicious emails and how to verify wire transfer instructions.

Closing funds that a fraudster successfully diverts as part of a “spoofing” scheme are very rarely recaptured. Victims of fraud, therefore, inevitably look to all parties involved in the transaction to attempt to recover their funds. As a result, it is imperative that you remain abreast of the current risks affecting real estate closings, educate yourself, your staff, and your clients regarding wire fraud, and engage qualified IT professionals and systems to help mitigate the associated risk of cyber criminals. To learn more about how to protect yourself and your clients from fraud, register for the How to Avoid Real Estate Fraud class at RASM South on June 15.