Wire Fraud and Related Risk Management Issues
Sterling West Escrow News
Wire Transfers a Target For Fraud
All the newsletters I read on a regular basis do pay off. Lately, I have been reading increasingly about wire related fraud. Because knowledge is power, I want to share what I am reading about and how we and other escrow companies are working to protect our clients. Caution: Fraud related to banking and online transmissions is constantly evolving, so this is a starting point, not an end point.
Account Takeover Fraud
Account takeover fraud occurs when a criminal is able to obtain access to an account and use that access to fraudulently wire out your funds. Many of the online banking security protocols are proving vulnerable. Bad guys have managed to steal from banks, retailers and even the US Government. Business and thieves are moving away from overreliance on technology and putting the human element back into play. We have continually practiced, and recommend, retaining that human element in the loop for your protection.
Masquerading fraud occurs when a bad actor convinces someone that they are an authorized person. One recent scenario involves a hack into the e-mail account of a realtor or escrow company where incoming wire instructions are intercepted, altered and then forwarded to the unsuspecting buyer, who used that information to send their funds straight to the crook’s account. Escrow companies are constantly evolving security protocols to protect our clients. Going forward, you will begin to see more encrypted and/or password protected attachments and telephone confirmations. Also, as much of a pain it is to communicate by bank style secure e-mails from your industry partners, be prepared for that too, as we work to protect our customers.
Who Did That Instruction Come From?
This is an old problem, but technology can make that harder to document. Because of the increased regulatory scrutiny on identity related issues, expect to see added requirements for personal appearance or notarization for instructions to authorized proceeds disbursements, particularly by wire.
So much information about you and your life can be gleaned from social media. Whether you actively participate in it or not, many of your friends and family do participate, some with amazing detail that includes you and your activities. We all need to practice a little common sense in our postings, particularly about real estate transactions and their status and their progress.
E-mails are a great communication tool, but they are also a great place for hackers and fraudsters to get information about real estate transactions. Encryption is good, but is not a cure all! Most business class email has long been encrypted in transit, but there are still many weak links in the communication chain that defeat any type of e-mail security you can put in place.
Once the e-mail account of any person in the transaction chain has been breached, the hacker has access to all incoming and outgoing information contained in that inbox, including passwords for secure e-mail that may be stored there. This allows them to get between authorized participants and pretend to be any or all of the legitimate parties by intercepting and altering e-mails to achieve their goal of tricking someone into sending money to their account instead of where it belongs. “Don’t forget, you never really know with certainty who you are talking to online.”
This is a much broader topic and I am not covering all the iterations of transaction fraud in this article, so stay tuned for more. In the meantime, it is time to go old school a little bit.
Escrow Institute of California is cautioning its members to establish and constantly evaluate company policies to combat the theft of escrow funds by wire fraud. So, expect more obstacles in the wire process, both incoming and outgoing, as escrow companies and others work to combat this growing menace.