Hackers prey on unsuspecting homebuyers with false money-wiring instructions.
A new kind of fraud has exploded onto the scene in the real estate industry. Unscrupulous hackers are swindling homebuyers out of their closing costs at a rapidly growing rate. The number of cases involving wire transfer fraud has risen sharply in the past few years, and the Chicago Tribune reported that the FBI tracked down almost $1 billion of misallocated closing costs in 2017 alone.
This phishing scam typically happens when scammers hack into email accounts belonging to mortgage lenders, title companies, or real estate offices, looking for any pending real estate transactions. When they find one, they send an email to the buyer that is materially identical to the emails sent by the actual institution. The email will tell the buyer that the instructions for wiring their closing costs have changed at the last minute, with new instructions for sending the money—to the hacker’s account.
Scammers will look for opportune times to use this ploy, such as when a closing must be done quickly and the buyer is in a hurry. But there may be subtle differences between the hacker’s email and the institution’s that buyers need to be aware of. For example, in an email sent by a hacker that mimics “Jane Doe,” your real estate agent, some of your agent’s information may be misspelled or the email address is a slight variation of the real one.
Scammers will look for opportune times to strike, such as when a closing must be done quickly and the buyer is in a hurry.
It’s easy to be snared with this ploy, especially if you read your emails on your smartphone. But no title company or lender is likely to make a last-minute change to their wiring instructions. If you get an email from your lender or title company to this effect, you need to verify that the email was actually sent by the proper source. And notify them immediately if it is not.
How to Protect Yourself
Here are a few tips to help protect buyers:
- You should never open any attachments from the lender or title company unless you are specifically expecting them because doing so can transfer harmful malware onto your computer.
- You should only contact the lender through an email or phone number that they know is real; they should never use any of the contact information provided in the email with the “new” wiring instructions. Buyers who send their financial information in a way that is not completely secure run an enormous risk.
- If you receive an email with wiring instructions, immediately notify the lender or title company.
If you think that you’re a victim of this scam, there’s still hope. If you used a bank to wire the money, contact your bank immediately and ask for a wire recall. If you used Western Union, MoneyGram, or another money transfer company, then report the fraud to them directly (Western Union at 1‑(800) 325‑6000, MoneyGram at 1‑(800) 926‑9400).
You should also submit a report to the FTC, as well as the FBI’s Internet Crime Complaint Center. Give them as much information as you can; in some cases, it may be possible to recoup some or all of your money. You can also give a copy of your FBI report to the bank if it requests a police report.
The takeaway? Always check with your lending institution before taking any action. And if you do fall for this scam, don’t despair—report!
Val Grasparil is the vice president of technology at Brighton Jones.
Read more on our blog: