Warning to the real estate industry: a widespread fraud is currently underway that could cost you and your client tens, or even hundreds, of thousands of dollars.
The scam is simple: the scammer obtains access to information concerning a pending real estate transaction, using this information to impersonate a party to the transaction to provide fraudulent wire instructions.
Often times, this scam involves a compromised email account of an individual to a real estate transaction (e.g., the agent, escrow, lender, broker, title insurer, seller, buyer, etc.), which the scammer uses to obtain information concerning a pending transaction.
To assume the identity of a party to the real estate transaction, the scammer may send an email that appears to be from a legitimate sender (firstname.lastname@example.org). It is commonly believed that an account must be compromised to send an email that appears to be from that account. This is not the case.
The scammer may also purchase a domain name (e.g., email@example.com) that appears very similar to the legitimate domain name (firstname.lastname@example.org). The scammer may also have control of a compromised email account of a party to the transaction. Under either of these two scenarios, the scammer can send and receive communications with the victim.
Fraudulent Wire Instructions Email
The email will generally inform the buyer/lender of the wiring instructions (or new wiring instructions). With the wiring party expecting an email with escrow instructions from escrow, the broker or the agent, the wiring party may have no reason to think twice about this email.
If the scammer has an ability to read all emails with a buyer, they may be able to convincingly assume the identity of a party to the transaction, picking up where the last email left off (“I’m glad the terminate inspection went well. The new wire instructions are attached.”). With the wiring party having no reason to believe the e-mail to be fake, the wiring party may act on the email without any further confirmation.
This scam can cause a buyer’s deposit, down payment or even the entire balance of the contract to be wired to the scammer’s bank account. The resulting loss of hundreds of thousands of dollars may give rise to legal liability. Lawyers may consider negligence and breach of fiduciary duty claims, in addition to other causes of action.
How the Hackers/Phishers Compromise an Email Account
Although some may refer to the scam artist as a hacker, they may simply have gained access to the email account by phishing, which involves any number of methods to gain a username and password. This can include sending a link to a website that appears to be a login page to Google, Yahoo, Hotmail, AOL or other popular services. Phishers may be able to determine an email password by using a program to repeatedly guess the password (cracking). They may also utilize spear phishing techniques where the recipient receives an email that appears to come from someone that they know. Another technique is to load a virus on the recipient’s computer, which may come by way of an email attachment or even a download from a website that appears to have a legitimate purpose (Trojan horse).
Broad warnings started in 2012, with specific warnings of this precise real estate escrow wire scam beginning in late 2013. The scam was named the “man-in-the-email-scam” by the FBI as it is a variation on the man-in-the-middle scam. Attorney Artin Betpera wrote an excellent description of this scam, warning real estate professionals to avoid free email addresses. Other warnings have been issued by the American Land Title Association, Chicago Title and many other sources. Although this blog post focuses on the real estate industry, the man-in-the-email scam has also impacted other industries.
Professionals should take steps to ensure the security of email communications, including, but not limited to:
- Avoiding business with any party that uses a free email service
- Using encryption in emails and attachments
- Warning buyers/lenders of this potential fraud before it occurs
- Consulting a computer security expert
- Training employees on computer security
- Installing appropriate software to prevent or detect the security issues that give rise to this scam
If you’ve been victimized by this scam, consult an attorney to discover if you may have legal rights.