Fear of Scammers, For any homebuyer, it’s a nightmare scenario: a scammer tries to trick you into wiring your down payment to an offshore account the day before closing. You’re going to lose your hard-earned cash, and you’re going to lose the home, and there’s no way you can get back any of them.
That’s how the popular “business email compromise” scam, so-called because it used to almost exclusively target corporations, has been modified by some scammers to focus on individuals, particularly people who are involved in a pending real estate transaction.
Two victims of this form of crime who preferred to remain anonymous were talked to by SHIELD FORENSICS. They were shocked to lose six-figure amounts, their dream houses, and the majority of the life savings of the person in one situation.
And, according to Ryan Kalember, senior vice president of cybersecurity strategy for email protection company Proofpoint, which monitors cyber crimes committed through email, it’s a crime that is increasing. Attempts at this form of crime have increased to a pace 14 times greater than last year, Kalember has observed. Several times this year, the Federal Bureau of Investigation has also warned that email compromise schemes, like this form of real estate fraud, are spiking.
How scammers fool homebuyers
Here’s how it sometimes works: a person involved in a real estate transaction has his or her email account hacked by malicious software, known as malware, sent by email by a criminal, such as a real estate attorney or realtor. The fraudster will now track the emails of the realtor to check for future purchases, unbeknownst to the specialist.
Next, just as the closing date is approaching, the fraudster uses the compromised email address to give the buyer a legitimate-looking message that appears genuine, coming directly from the account of the realtor or solicitor. The note advises the buyer that there has been a change of plans, and he or she needs to wire the down payment to a bank account belonging to the seller just before the closing date.
See Also: Get your money back from scam
But the account still belongs to the suspect, out of the control of U.S. law enforcement, and is usually overseas, Kalember said.
In certain instances, Kalember said, scammers also follow up on the victim buyers with phone calls, pretending to be from a representative for the title company or seller’s law office, and reassuring them that the request for wire transfer is legitimate.
“For this crime, the technical skill level is near zero, but the operational sophistication is very high,” said Kalember. “This means that phishing kits and other technical tools are freely accessible on the internet, but they spend more time and effort trying to deceive the consumer.”
The motive is obvious. The criminal’s immediate payoff is lucrative, sometimes even more than other forms of scams against individuals.
“It’s important to remember that they’re permanently losing funds in these cases,” Kalember said.
That’s what makes the implications for users of this form of scam even greater than any other cyberattacks. Since banks usually compensate customers for fraud that happens on their account due to stolen or corrupted checks, savings or credit card numbers, consumers seldom see substantial financial fallout from getting their data, including financial details, stolen and used by scammers.
But banks, even if the customer was fooled into sending it, are rarely liable for a wire approved by the customer. And there’s nothing U.S. law enforcement can do to recover it if the assets are overseas.
See Also: Get your money back from scam
What you can do
Email compromise crimes, including similar assaults on corporations, have been “spiking” in the past year, according to the FBI. Businesses and customers recorded a 136 percent rise in losses due to these crimes between December 2016 and May 2018. The fraudulent transactions were sent worldwide, to 115 nations, the FBI said. Losses for these forms of crimes have surpassed $12 billion since 2013.
According to Kalember and the FBI, there are measures homebuyers can take to make sure they are shielding themselves from falling prey to fraudsters.
- Be vigilant: Homebuyers should first just be aware that they may be a targeted by scammers in this manner, and should act accordingly to verify any suspicious correspondence associated with their home purchase or sale.
- Voice verify: It might seem cumbersome in an already long homebuying process, but following up emails with a voice verification is a must, Kalember said. That’s especially true if the email involves e-signing a document, logging into a new website, transacting money or supplying any kind of financial information
- Talk to your bank: While not all banks may follow the guidelines you suggest, most will honor your request to not allow any wire transfers without a voice verification or other checkpoint from you. This is especially true for business accounts, but even individuals going through a real estate transaction can request a note be added to their primary accounts to put additional steps in place before allowing wire transactions to go through.
- Don’t react immediately to email: Emails asking you to take some type of action, purporting to be from the title company, attorneys, realtors, bank lawyers or others involved in a transaction may not be authentic. Regard any of them with suspicion, and you should follow up on known phone numbers for the individuals making the request to confirm.