Broker Risk Management LLP Logo

Wire Fraud and Phishing Scams Persist

by | Apr 5, 2022 | Advisories and Forms

BROKER RISK MANAGEMENT

WEEKLY PRACTICE TIP

Despite repeated efforts to alert consumers, including people involved in real estate listings and sales, our office continues to hear about efforts to fraudulently misdirect buyers’ initial deposits and sellers’ proceeds from escrow into the hands of criminals.  The most common scheme involves e-mails allegedly sent by the escrow officer providing wire transfer information for the buyers to transmit initial or increased deposits for their purchase transaction. Unfortunately, hackers intercept legitimate escrow company e-mails and then slightly modify the account and contact information in the e-mail transmissions so as to re-direct the buyers’ funds to another bank account, often a well-known US bank, where the funds are then accessed and transferred to an overseas account where it is out of reach of US banks and authorities.

“Phishing” is the term used to describe acquiring sensitive information such as usernames, passwords, and credit card details for malicious purposes.   Cybercriminals often design their e-mail messages to make it appear that they are coming from an easily recognized entity (such as the IRS or the Better Business Bureau) or a legitimate enterprise (such as your bank, your internet service provider or your school’s reunion committee).  Cybercriminals have been known to use social engineering to convince people to provide their personal information so they can steal their money; the first indication of these scams is requesting that the victim click on an embedded link or to go to a spoofed website.

We have uncovered several variations of these scams including, but not limited to, hacking into real estate agents’ e-mail accounts and, in some cases, the e-mail accounts for lawyers.  When the broker’s client receives the instructions regarding where and when to send the money, the hacker intercepts that e-mail and changes the wire routing address.  Once the funds are wired by the client to the fake account, the money is gone and is usually not recoverable.

It appears that hackers monitor the e-mail traffic of various individuals and companies who are involved in real estate and other types of  businesses where funds are routinely wired.  The altered e-mails from the hacker appear to be genuine, containing sufficient information about the transaction, including the names and logos of the entities involved in the deal, so as to confuse the unsuspecting victims.

In some recently reported cases, the compromised e-mail accounts were the personal/individual e-mail accounts for the real estate Sales Associates themselves, not the brokerage accounts of large brokerages which typically have better firewall protections.

PRACTICE TIPS:

  1. Real estate brokers and sales associates should never provide their clients with wire transfer instructions for depositing money into escrow via e-mail or text.
  1. It is recommended that agents separately email their clients the California Association of Realtors’ Wire Fraud Advisory with the following email instruction:

The real estate industry has recently experienced a high number of wire fraud instances.  I have attached our Wire Fraud Advisory to remind you of this issue.  Please review the Advisory carefully.  Please also note that as an agent, I will NOT provide you with wiring instructions.  If you receive an email that appears to be from me with wire instructions, it is fraudulent and do NOT wire the money.  Escrow companies send wiring instructions pursuant to secured emails.  If you receive an unsecured email from an escrow company, it is likely fraudulent.  Call your escrow officer immediately upon receipt of an email with wiring instructions to confirm its validity.  When contacting the escrow officer only use the contact information, I have provided to you, NOT the phone number or email address on the escrow company email changing the wiring instructions.

  1. That email should be sent independently of the Residential Purchase Agreement and by email and not through DocuSign. Agents should ensure that a signed Wire Fraud Advisory is in every file.
  1. If your client informs you that they have fallen for such a scheme and sent funds to an account in accordance with the spoofed wire instructions, advise them immediately to contact the FBI number in the Wire Fraud Advisory. The FBI can, in some cases, retrieve those funds before they are transferred to an offshore account if they are informed soon enough.

The FBI Financial Crimes Unit phone number is (310) 477-6565 and is accessible 24/7

WEEKLY PRACTICE TIP: DO NOT FORWARD TO CLIENTS.  This Weekly Practice Tip is an attorney-client privileged communication for the exclusive use of clients of Broker Risk Management and their agents.  It may not be reproduced or distributed without the express written consent of Broker Risk Management.  The advice and recommendations contained herein are not necessarily indicative of standards of care in the industry, but rather are intended to suggest good risk management practices.