Anatomy of Wire Fraud
This post may affect many of you not only professionally, but also personally. JP Morgan estimated 27 percent of wire transfers in 2014 were affected by either attempted or actual fraud. Imagine the worst: the funds in the transaction did not transfer from buyer to rightful seller and are now unrecoverable. People's life savings are at stake!
How Fraudsters Target You
The primary attribute of any wire fraud scam is a sense of urgency. Phishing employs an email that frequently appears to be urgent and to be coming from someone with authority, directed to someone else who is responsible for wiring transactions within the organization.
Depending on the level of sophistication, the attacker's email may look very genuine (using corporate logos, style sheets, signatures, etc.). Unfortunately, the more authentic the fraudulent email appears, the more it indicates that some corporate email or system was compromised.
In our industry, fraudsters are targeting sellers, buyers, REALTORS® and title companies participating in a transaction. While there are many different ways for an impostor to commit a fraud, there are two most common ways they get it done. Both are the result of a user's computer infected with malware or stolen credentials.
Many Ways to Sneak In
The initial infiltration can come through a phishing email, infected attachment or a compromised website. The perpetrator might obtain user email account credentials to log in and monitor email flow. Or an attack through key logger malware records every keystroke the user types, which often includes login information and password.
Scammers follow transactions in the MLS and public records, or target REALTORS® and title companies to observe multiple transactions. This gives access to the buyer, seller, and escrow officer's email addresses, and details of the transaction – all he needs to create spoofed email.
He patiently waits for a closing date or completion of a transaction to make a very last minute move – change wiring instructions. No one wants to delay a business deal; that's what criminals are counting on.
Fight Back & Keep Funds Safer
How can you protect yourself?
- Don't use the same password more than once. This way, if your password is compromised on one website with weak security, fraudsters can't use it elsewhere.
- As a consumer, always use second-factor authentication to sign in to your online email account (I will cover this in detail in future blogs). Most online email providers (Microsoft, Google, Apple, Yahoo, etc.) offer some form of the second factor to validate the authenticity of a user.
- As a business professional, always use encrypted email when sending wiring instructions, and use personal communication to confirm any changes.
Remember, home purchasing is the largest transaction most of us make in our lifetime. You and your customers don't ever want to be in the situation where your proceedings did not land in your bank account, and if you wire money to the wrong account, banks will not reimburse it either.
That is it for today. Be safe and stay secure.