Buying or selling a home can be both stressful and exciting! However, you should be aware of the growing concerns of e-mail scams and wiring fraud that is abundant in today’s society. Technology is involved in every aspect of our life, it’s a hackers dream. These hackers are now meddling into every aspect of real estate, whether it’s your typical residential transaction (buying/selling) or rental agreement between 2 parties. Let’s take a look at how they’re scamming people out of their money.

Warnings have come out from both The National Association of Realtors® and the Federal Trade Commission in regards to these email scams and wire frauds. What typically happens is these hackers will break into the consumers/clients or real estate professionals email account. From there, the hacker will scan the email accounts for information about a real estate transaction. Once the closing dates have been figured out, the hacker then sends an email to the buyer acting as the real estate agent informing them that the wiring instructions have changed last minute. The hacker then sends wiring instructions for closing cost to a different account, the hackers account. If the buyer falls for the scam, their bank account could be wiped out and they will most likely never see that money again.

The FBI has released some statistics in regards to E-Mail scams and they are alarming.

• Law Enforcement globally has received complaints from all 50 states in the US plus 79 different countries
• Law Enforcement received complaints from over 17,000 people between October 2013 to February 2016
• Loses have been estimated at over $2.3 Billion dollars
• The FBI has seen an increase of 270 in identified victims and exposed loss since January 2015

Matt Cohen is the Chief Technology Officer for Clareity Consulting. “Clareity is an innovative solutions provider committed to delighting its consulting clients. It provides a wide variety of services and products to MLS, Associations, brokers, franchises, and software and service companies that serve the residential real estate market.” Matt wrote an article about a new way hackers are scamming real estate professionals along with their clients, see below.

1. First the hacker obtains a REALTORS® e-signature/transaction management login credentials by using a phishing email that looks like it came from the e-signature/transaction management system.

A. The agent then types their credentials into the fake management website, which is then forwarded to the real management site where their credentials work. The agent at this time is unaware that he/she has been phished

2. The hacker then logs into the transaction system to look for any active transactions to collect information.

3. If an agent uses the same credentials for both email and transaction/e-signature systems, then the hacker may now have access to the agent’s email.

A. The hacker may then set up an email-filtering rule, so any emails from the client “skip the inbox” and go straight to the hacker

B. Emails can be sent from the agent’s email address and it’s not a spoof email

C. Changing their email passwords may help but the hacker only needs to spoof future emails.

4. Since the hacker has information on the mortgage or title company from the transaction system, they can spoof an email from those parties also. If the client receives a (spoofed) email from multiple parties with the same message. This would lead the client to believe these messages are trustworthy.

5. If the ground work has been laid, this turns into the typical wire fraud scenario.

As stated in the article, this is just one of the many ways hackers defraud clients in a real estate transaction.

Since we’ve touched on a couple different ways these hackers are scamming individuals for money, let’s look at some tips to help prevent these incidents.

Agents

• Inform clients of the wire fraud and email scams that have plagued the real estate industry
• Include a disclaimer at the bottom of your email stating you will not discuss personal financial information over e-mail
• Inform clients what your communication practices are
• If you and your clients engage in a wire transfer, have your client verify via phone, the company receiving the wire, prior to transferring the funds so they know it’s a legitimate source
• If you’re out in public with a client, avoid using the free wi-fi with no firewall
• Always use strong passwords. There are several apps that can store your passwords if you forget them

Clients/Consumer

• Never send and sensitive financial information vie E-Mail, including PINs, routing numbers and bank information
• Prior to wiring funds, contact the recipient via a verified telephone number and confirm that the wiring information is accurate. Do not rely on telephone info or web site addresses provided within an “unverified” e-mail.
• Clean out your e-mail account on a regular basis.
• Change passwords and usernames on a regular basis
• Make sure you have the most up-to-date firewall and anit-virus technologies on your server or computer

If you’re buying a home and receive an email with money wiring instructions, delete asap. Email is not a secure way to send financial information and we as real estate professionals should inform our clients to be on the lookout for emails like this during the transaction.