PLEASE BE AWARE OF AN INDUSTRY PROBLEM WE FACE RIGHT NOW.
Hackers, email phishing, and other cyber related crimes are at an all-time high right now, and HACKERS HAVE TARGETED REAL ESTATE TRANSACTIONS-and real estate AGENTS in particular- in an attempt to defraud lenders, real estate brokers, title companies and law firms.
Several agencies have been the victims of multiple attempts to change wiring instructions and funding authorizations and switching checks to wires last minute and wires to checks. At times, it was not easy to determine that they were communicating with the actual party to the transaction. Email services such as AOL, YAHOO, HOTMAIL, GMAIL, etc. offer LITTLE TO NO PROTECTION in terms of encryption and security measures.
Recently, agents have had numerous transactions in which a fraudulent email COMES FROM THE REAL ESTATE AGENT’S account, which starts the misdirection process in an attempt to provide changes to wire instructions. SETCO Services, Inc. has been the victim of this exact scheme.
In one instance, the hacker created an email address “email@example.com,” and persistently communicated with the seller during the transaction, trying to extort money, stall, and retrieve sensitive information from that seller. In another, the hacker created a similar email domain of the title company, along the lines of “______@ABCTITLE.com,” which was altered to “____@ABCCTITLE.com” with the email signature line of the actual settlement agent, and used to send the BUYER’S alternate wire instructions or funding procedures in order to misdirect the funds to fraudulent banking accounts.
Another recent occurrence involved a local area agent, who represented the buyer in a cash transaction. The seller chose a smaller, out of area title agency, and the title agency’s email was similarly duplicated, fooling the buyer into wiring to a fraudulent account.
You should know that in these situations, there is limited or no coverage, title insurance (as it is not yet bound) or E&O. Cyber theft insurance in some cases does not apply, as it covers only if the ACCOUNT is hacked, and not if a party is fooled into sending.
In order for SETCO to provide good service, timely communication, and timely funding to parties, it is crucial for us to know the information provided is accurate. SETCO has now adopted additional measures, including Best Practices, SSL secure website, encrypted emails (logins with user names and passwords), and more verification steps in order to protect our clients and consumers.
We thank you for your patience and cooperation with us as we continue working hard to make sure sales and purchase transactions are memorable and positive for all, for all the right reasons.