Cybercrime poses perhaps the single greatest risk to all participants in a real estate transaction.  Over the past several years, cybercriminals have targeted the mortgage industry with increasingly sophisticated schemes designed to steal funds or gain access to NPPI data.  Unfortunately, despite the widely publicized reports detailing exactly how these schemes work and the preventative measures individuals and organizations should implement, these criminals continue to feast on the unwary. 

It is easy to understand why cyber-criminals have targeted the mortgage industry. Given the amount of money that flows through a typical real estate transaction, one successful heist could easily yield a six-figure payday.  Here are some recent FBI statistics to illustrate the severity of the threat.  In 2017, from the real estate sector alone, the FBI received over 9,000 complaints of wire fraud with losses exceeding $56 million.  In total, there were more than 300,000 victims of wire fraud in 2017 with losses of more than $1.4 billion.  A truly mindboggling number. 

Cybercriminals understand how the mortgage industry operates as well as its greatest vulnerability – its people.  These highly sophisticated schemes are borne from that knowledge.  In particular, they understand and prey on the pressures of getting the deal closed and the hurried pace with which it is often done.  This is why they frequently choose to strike the day before the closing.  This is when anxiety is at its peak and people are more susceptible to falling victim to a fraudulent request.  The pressures of the clock demand speed.  Cybercriminals understand this and exploit it.  

One of the most common schemes is the email delivery of fraudulent wiring instructions.  The fraudster either hacks the email of a transaction participant (buyer, seller, realtor or attorney) or creates one that looks nearly identical to it.  Just prior to the date set for closing the fraudster emails the title or escrow agent with a request that the monies be wired to a new account instead of the one that was originally given to the agent.  If the account was hacked, there would be no way of knowing that the email was fraudulent.  Moreover, even if the email address used was fraudulent, only a close inspection would reveal it.  Thousands of agents - in the rush of the closing - have fallen victim to this scheme.  When asked why, the typical answer is that the person was operating under a strict deadline and did not have time to stop and consider the legitimacy of the request.

Despite the very real and present danger of cybercrime, there are some practical tips to remember that will help to keep you and your organization from becoming a victim.  Be skeptical of any change in wiring instructions from any parties involved in the transaction.  Always confirm any such changes directly with the party requesting it using the phone number on file and not the one given in the email.  Be suspicious of emails from free, public email accounts, as these are particularly vulnerable to attack. Watch out for phishing emails with embedded links, even when they appear to come from a trusted source.  And, finally, remember to slow down and consider the information you are receiving before acting on it.