Beware of new deceptive strains of payroll phishing

Standard

hacker dollar

This blog has recommended KnowBe4 previously as an impressive source of news on cybersecurity. I have subscribed to the newsletter and receive weekly, timely and scary cybercrime updates in my inbox. I recommend to all lawyers that they spend the time and funds necessary to remain safe and vigilant in the arena of cybersecurity. Nothing is more important to us than the safety of our clients’ funds. In this case, however, it is our operating funds and our employees’ funds that are at risk. Those funds are important, too!

The July 10 newsletter was particularly interesting in that it reports a new strain of payroll phishing that has surfaced recently. The bad actors pose as employees and request a specific pay stub from a payroll administrator or corporate executive. KnowBe4 reports that it has seen hundreds of these phishing attempts, all almost identically worded and possibly coming from one set of fraudsters. All of the emails came from an “oddball Comcast.net email address” with nonsense usernames of similar length.

Please read this newsletter carefully and pay attention to the emails and supporting documents. In this particular case, the bad actors opened a bank account, ordered checks for that account and used one of those checks to support the phishing attempt.

Unfortunately, many of the targeted payroll employees, always willing to help employees with their payroll concerns, have responded to the requests. The emails are simple, direct and dispense with any attempt to construct believable backstories or pretexts.  According to KnowBe4, the emails invite an unthinking, reflexive response from targeted users.

Share this information with your staff members and encourage them to avoid those unthinking, reflexive responses!

Advertisements

Redevelopment of golf courses might be possible in South Carolina

Standard

In April, this blog discussed the redevelopment of two Horry County golf courses. The North and South courses at Deer Track Golf Resort in Deerfield Plantation have been closed for more than ten years and are finally being redeveloped as residential lots. Adjacent lot owners waged class actions in Horry County seeking to have the use of the properties in question restricted to golf courses or open spaces. While these battles were being waged in court, nature attempted to reclaim the properties. One property owner testified that his views changed from overlooking a manicured golf course to overlooking a “sea of weeds”.

Similar battles have been successful in other parts of the country. The cases are fact intensive and turn on the law of implied easements, which, of course, varies widely from state to state. Plats showing golf courses may provide rights in adjacent lot owners, depending on the recorded documents, the sales program and the law of implied easements in the location.

golf course

I wanted to invite those interested in this area of the law to take a look at an article published in June by www.citylab.com. The article, written by Nolan Gray, is entitled “Dead Golf Courses Are the New NIMBY Battlefield”. In the interest of full disclosure, I had to Google NIMBY. This acronym stands for “not in my back yard”.

The article states that golf is dying, according to many experts. One study cited in Citylab’s article found that the number of regular golfers fell from 30 to 20.9 million between 2002 and 2016. The thinking is that the fall of Tiger Woods may have led to much of this gloom and doom around golfing. But Mr. Gray believes that the bigger story involves the sport’s aging demographics and the fact that millennials are not interested in the expensive, slow sport that provides few health benefits.

Golf courses and golf clubs across the country are closing, leaving the land to be redeveloped. Mr. Gray’s article states that the average 18-hole golf course sits on 150 acres, property that could host around 600 new single-family detached homes. Add to this mix the fact that many golf communities were built in areas with good schools and work opportunities. These properties are, therefore, particularly valuable in areas where housing inventory is a challenge.

So, what prohibits the development of these properties into residential subdivisions? Zoning is one of the challenges. Many golf courses are zoned for commercial uses to accommodate clubhouses, restaurants, pro shops and bars. But the main stumbling block, according to Mr. Gray, is the NIMBY attitude of neighbors. Residents near golf courses prefer that the properties be turned into parks, open spaces and natural preserves.

Let’s look, for example, at the Deerfield Plantation cases. First, the facts: The golf courses and surrounding residential subdivisions were originally developed beginning in the late 1970’s. The plats contained notes to the effect that the streets were dedicated for public use but the golf courses were to be maintained privately and were specifically not dedicated to public use.

The covenants gave the lot owners no rights, property, contractual, or otherwise, in the golf courses. A Property Report that was delivered to all prospective lot purchasers described the costs of golf memberships, which were not included in lot prices, and stated that to be allowed to use the golf courses, members would be required to pay initial dues and annual dues and fees. The real estate agents made it clear during the sales program that the mere purchase of a lot did not give a lot owner any right or entitlement to use the golf courses. The deeds of the lots did not convey any easements or other interests in the golf courses.

One plaintiff, who was also a real estate agent, testified that he was never told the golf courses would operate in perpetuity and that the real estate agents never told other potential purchasers that the golf courses would always exist on the properties.

What caused the golf courses to fail? When the golf courses opened, there were 30 – 40 golf courses in the Myrtle Beach area. By the time the golf courses closed, there were nearly 125 courses. Property taxes in the golf courses increased from $7,800 per year to $90,000 per year.  And then the economy tanked. These three factors have occurred across the country to varying extents.

Now, let’s look at South Carolina law. In one of the cases, a 38-page Order of Thomas J. Wills, Special Referee, examined the law of implied easements in South Carolina. I’m summarizing and eliminating the citations for this brief discussion.

The Order states that implied easements are not favored by the courts in South Carolina and must be strictly construed. The intent of the parties controls the existence and scope of implied easements, and the best evidence of that intent is the recorded documents. While case law in South Carolina is clear that lot owners in subdivisions hold easements in streets shown on plats by which their lots are sold, the order states that this rule does not extend beyond access, which is necessary and expected for residential purposes. Finally, the order states that no implied easements in views, breezes, light or air exist in this state.

Finally, these golf courses will be redeveloped into new residential subdivisions. Will we see more of this litigation in South Carolina?  Probably. While the law in South Carolina appears generally to favor redevelopment in these cases, there is no doubt that the facts in some of the situations may give rise to implied easements in adjacent lot owners, even in the face of our law. As long as we have NIMBY attitudes of those who live near defunct golf courses, we will continue to see litigation in this area.

SCOTUS refuses to review SC Episcopal property dispute

Standard

It has been close to a year that I wrote in this blog that I was thankful to be a real estate lawyer as I attempted to decipher the South Carolina Supreme Court’s 77-page opinion involving the Episcopal Church published on August 2, 2017*. I continue to be thankful that my mission is limited to the real estate issues in this difficult case because the United States Supreme Court refused to review that ruling on June 11. We are left with the difficult opinion issued in Columbia, and church officials and members from both sides of the dispute are left to sort out their on-going concerns in light of that ruling.

I don’t have to solve the mystery of the rights of gays in churches. I don’t have to ascertain whether the “liberal mainline” members or the “ultra-conservative breakaway” members make up the real Episcopal Church.  I don’t have to delve into the depths of neutral principles of law vs. ecclesiastical law. I don’t have to figure out who will own the name “Episcopal Diocese of South Carolina.”

The real estate issues are sufficiently thorny to occupy our collective real estate lawyer brains, but I am attempting here to boil those issues down to a manageable few words for all of us.

the_episcopal_church_welcomes_you

News articles refer to the properties as being valued at hundreds of millions of dollars. The historic value of the properties, including St. Michael’s and St. Philip’s of Charleston, is also quite significant.  I assume a petition for rehearing will ensue as well as an appeal to the United States Supreme Court. Nothing is settled at this point. Let’s not try to insure these titles anytime soon.

The controversy began more than five years ago when 39 local parishes in eastern South Carolina left the Episcopal Church over, among other issues, the rights of gays in church. Since then, the two sides have been involved in a battle over the church’s name, leadership and real estate.

Interestingly, prior to the ruling by the South Carolina Supreme Court, the national church had offered a settlement to the breakaway parishes that would have allowed them to retain their properties if they gave up the name and leadership issues. That settlement offer was apparently summarily rejected.

South Carolina’s ruling upheld the Episcopal Church’s position that it is a hierarchal church rather than a congregational church in which the vote of church membership can determine the fate of real property. It also orders the breakaway group to return 29 properties to the national church. Seven parishes may maintain their independence.

The position of the properties turns on whether the local parishes agreed to be bound by the “Dennis Canon” which was enacted in 1979 and provided, in effect, that real property of a parish is held in trust for the national church and the local Diocese, subject to the power of the local parish over the property, so long as the parish remains a part of the national church and Diocese. No evidence was found in the records of the seven parishes that those parishes ever agreed to be bound by the Dennis Canon. The other 29 properties were the subject of documentation to the effect that the local churches intended to hold the property in trust for the denomination. The opinion did not uphold the Dennis Canon in and of itself. Explicit recognition of the Canon was required.

That, in short, was the result of the 77-page opinion on real estate lawyers. We will need watch for a potential settlement. In the meantime, we will sit tight and not involve ourselves in sales and mortgages of these properties.

Now that I’ve had a chance to think about it, I am always thankful to be a real estate lawyer!

*The Protestant Episcopal Church in the Diocese of South Carolina v. The Episcopal Church, South Carolina Supreme Court Opinion 27731, August 2, 2017.

New Cybersecurity law in SC affects insurance companies and agents

Standard

The effective date is January 1, 2019

South Carolina’s legislature passed a cybersecurity bill on April 18, and Governor Henry McMaster signed it into law on May 3. The new law, which requires that insurers and producers (agents) must establish “strong and aggressive” programs to protect companies and consumers from data breaches, goes into effect at the beginning of next year. The law is called South Carolina Data Security Act, and it will be found at §38-99-10 et seq. of the South Carolina Code.

Insurers and agents must develop, implement and maintain a comprehensive written information security program based on internal risk assessments which contain administrative, technical and physical safeguards for the protection of nonpublic information.

New rules were created that include overseeing third party providers, investigating data breaches and notifying regulators, including the South Carolina Department of Insurance, of cybersecurity events.

security unlocked data breach

Notification is required to the DOI within 72 hours after determining a cybersecurity event has occurred. Each incident must also be investigated to determine the scope of the breach, the nonpublic information compromised, and the measures to restore the security of the information.

Safe guarding individual insurance policy holders’ personal information is a high priority in the wake of several major insurance companies’ data breaches. Insurers and agents are required to mitigate the potential damage caused by date breaches.

South Carolina was the first state to pass this measure based on the model law developed by the National Association of Insurance Commissioners Cybersecurity Working Group. South Carolina Insurance Director Raymond Farmer chaired the group.

How will this new law be applied to real estate lawyers who are also title insurance agents?  My guess is that the title insurance companies, which probably already have complying programs in place, will provide guidance to their agents between now and the end of the year. Stay tuned!

Phishing scam of the week

Standard

I have subscribed to “CyberheistNews” at knowbe4.com and highly recommend this brief newsletter as an excellent source for current information on the latest scams that may hit your office and personal computers.

The news this morning was striking because it involves current events. Social engineering follows seasonal patterns, as we know. We have noticed in our business, that long weekends lead to attacks because of the extra day that we may not be sitting at our desks to keep computer systems and our wires safe. The newsletter cites holiday-themed phishing attacks between Thanksgiving and New Year’s Day.

email fish hook

The news today involves implementation of the European data privacy regulation going into effect on May 25. It’s called General Data Protection Regulation (GDPR) and the scam email looks as if it is from Apple and claims that if you do not take action, your account will be “restricted”. But in fact, as usual, the scammers will attempt to steal your identity and credit card information.

In addition to looking legitimate, according to CyberheistNews, the bogus website is more sophisticated than most phishing sites because the fraudsters correctly set the web directory permissions and encrypted the spoofed site using Advanced Encryption Standard (AES) in order to successfully bypass some anti-phishing tools used in antivirus solutions.

The victim is asked to “update payment details” in order to see their accounts return to normal. Taking this action sends the victim’s payment information to the scammers.

According to the newsletter, companies worldwide are, in fact, working on becoming GDPR compliant and trying to make sure the people whose data they have collected have consented to give them information. Criminals are aware of this and are using this turn of events to their advantage.

And, then, there is the royal wedding. CyberheistNews’ advice about that is that the wedding is a scammer’s dream, and computer users should be advised to seek news about it only from trusted websites.

Don’t click links in emails or social media links related to the royal wedding or open suspicious attachments that claim any kind of problem with GDPR. Delete these emails or forward them to you IT experts.

And subscribe to this newsletter!

Real estate agent rental scam exposed

Standard

Two agents, one in Texas, and one in NY, allegedly involved

Most successful dirt lawyers have excellent working relationships with the real estate agents who assist their clients in buying, selling and leasing real estate. And most effective real estate agents prove themselves to be trustworthy in their business practices. Recently, two almost identical scams in remote states involved alleged real estate agents, according to a May 4 article in Housing Wire titled, “Two real estate agents caught behaving badly”, by Jacob Gaffney.

house sale fingers crossed

The first story is set in Missouri City, Texas, and was originally reported by the television station, KHOU 11 News. According to this story, police are investigating a woman purporting to be a real estate agent who approached John and Pamela Hall offering to sell their dream home located at the corner of Montego Bay and Palm Harbour. The Halls had already vacated the home, and the alleged real estate agent promised to sell the home quickly. Both homeowners signed the paperwork allowing the culprit to list their home.

Several days later, the Halls were called by someone interesting in renting their attractive waterfront home from a listing they saw on Craigslist. When the Halls investigated the Craigslist entry, they discovered that the alleged real estate agent had actually created fraudulent documents, including a power of attorney and a deed, to take title to their home in the name of an LLC. When the Halls drove by their property, they saw someone moving in! The new “tenant” reported that he had paid $5,000 up front to lease the home.

The television station attempted to find the real estate agent’s name in the records of The Texas Real Estate Commission, but no such agent was found. The culprit used different names in dealing with the Halls and the tenant, and, so far, has been successful in stealing $5,000. The scam has no doubt caused a great deal of inconvenience to the Halls, not to mention the potential expenditure of funds in the form of attorney’s fees necessary to straighten out the public records.

The second story took place in Hampton Bays, New York. Southhampton Town Police said they received two complaints in February involving an alleged real estate agent taking deposits for a rental home. The prospective tenants were told the home was not yet available when the respective move-in dates approached, and the home owners had no relationship with the real estate agent and never received rent. Additional victims came forward, and police arrested Melanie Williams, 54, in April, on three counts of fourth degree grand larceny and three counts of first degree scheme to defraud. Detectives say they believe there may be additional victims in this scheme.

The Russian proverb quoted by President Ronald Reagan seems to be good advice in any situation concerning a real estate agent, or any professional for that matter, who is not known personally. Tell your clients to trust but verify!

Two new fraud scams

Standard

The fraudsters keep updating their repertoires!

Fraudsters are creative! It seems as soon as we learn and educate our staff members about new fraud schemes, the swindlers change their schemes to keep us on our toes. I wanted to pass along two new schemes that recently came to my attention.

The first was reported in our company publication, Fraud Insights, and it involved a residential sale in Las Vegas. An astute title insurance company employee, Larissa Conrad, was able to frustrate the fraudster’s plans. Here’s how the scheme unfolded. On March 7, Larissa sent an estimated closing statement to the listing agent. The closing involved the payoff of a Wells Fargo mortgage. The listing agent purportedly sent back to Larissa, by email, an “updated” payoff statement. Larissa compared the two payoff statements carefully. The wiring instructions were particularly troubling:

Larissa called the payoff lender and confirmed her suspicion that the second payoff was from a fraudster. She then called the listing agent, using a trusted telephone number, and reported that someone was posing as him in the transaction and sending emails from an account that looked like his. She wired the correct payoff amount using the correct wiring instructions, saving $153,300.37.

The second scam, involving texting, was reported by CyberheistNews. The victim receives a text asking whether a password reset for a Gmail account has been requested. If not, the text advises, please reply with the word “STOP”. If the victim replies with “STOP”, the next text urges the victim to send a six-digit numerical code in order to prevent the password from being changed. By sending the code back to the attacker, the victim is enables the bad guy to complete the password change and to have access to the account and all its email.

Remember that Google and other companies will not ask whether you don’t want to do something with your account. A reply to a text like this often notifies the fraudster that a valid telephone number has been reached.

two factor authentication

A two-factor authentication process is highly recommended because it provides an additional layer of security and makes it harder for attackers to gain access. The victim’s password alone is not enough to pass a two-factor authentication process. Typically, the first authentication factor would be based on knowledge (a password) and the second factor would be based on possession (of an ID card, a token or a smartphone, for example). Ask your IT professionals for assistance is keeping your accounts safe by using this process.

And, as always, the best advice may be to keep schooling yourself about the various scams as they are reported. I’ll do my best to help!