My first blog of 2018 discussed a novel lawsuit (at least novel to me) brought in York County against a residential closing law firm. A home purchaser had lost $50,000 in closing funds that were diverted by a third-party criminal posing as the transaction’s real estate agent. Did you hear that? The real estate agent was hacked. The law firm was not hacked and was only involved in the loss because it was the settlement agent.
The law firm’s paralegal and the purchaser had discussed the funds necessary to close by telephone, but no mention was made in that conversation of the wiring instructions. The complaint stated causes of action in negligence and legal malpractice and listed the following breaches of duty:
- Requiring the purchaser to wire funds without counseling the purchaser about methods by which the secure delivery of wired funds could be compromised;
- Failing to counsel the purchaser about the risks and insecurity of email communications, particularly of private, sensitive and financial closing information; and
- Failing to be alerted by the circumstances of the purchaser’s telephone call to the firm’s paralegal.
American Land Title Association’s ALTA News, dated March 9, reports on a similar lawsuit filed in Wisconsin. The original news story was written by Brian Huber and reported by gmtoday on March 8.
In the Wisconsin lawsuit, the email of the settlement agent, Merit Title, was apparently compromised. According to the complaint, a Merit Title employee used an unsecured system to email the closing statement and wiring instructions to the purchaser. The following month, the purchaser received an email purportedly from Merit Title, but with a missing “T” in the domain name (merititle instead of merittitle). The second email provided wiring instructions that were similar in format, structure and design to the ones sent by Merit, according to the complaint. The purchaser lost $82,000 in the scam.
The lawsuit claims Merit “had knowledge or should have had knowledge of a cybercriminal epidemic whereby hackers target title companies to learn about real estate transactions occurring and the hackers then send fraudulent wire instructions to the buyers prior to the closing.” Merit Title should have known of preventive steps to protect the buyers, the complaint stated.
My guess is that we are about to see numerous suits like this, seeking payment from the deepest pockets involved in real estate transactions. As I asked in the earlier blog, would the processes established by your law firm for the protection of your clients defend against this type of fraud? If not, get busy and make changes.
ALTA has a list of resources that can be used to provide the appropriate safeguards, and your title insurance company should be able to assist you in implementing the appropriate resources in your office. Most of the protective procedures involve making sure your own systems are secure. But these lawsuits seems to indicate that consumers must also be advised of the dangers of dealing with others involved in closings who do not use secure systems. You don’t want to be left holding the bag for a comprised email system of a real estate agent!