BEC

Secret Service Thwarts $21 million scam

Standard
Photo from secretservice.gov

The United States Secret Service announced in a press release dated September 1 that on August 23, it was successful in thwarting a real estate related business email compromise (BEC) scheme that sought to defraud a purchaser of more than $21 million.

The scheme attempted to divert closing funds to a fraudulent bank account. After quick action by the Secret Service and its private sector partners, the funds were returned to the victim.

Please refer to this Underwriting Memorandum issued by Chicago Title’s South Carolina State Office on September 20 warning that fraudulent wiring instruction schemes are on the rise.

These schemes typically employ altered or fictitious payoff statements. The fraudster often impersonates a mortgage broker, lender, borrower, or an agent of the borrower to request a copy of the payoff statement. Alternatively, the fraudster may intercept the payoff statement by a hacking or phishing ploy.

Armed with the payoff statement, the fraudster will create and transmit a bogus “updated” payoff statement with wiring instructions intending to divert the funds to the fraudster. The statement may also alter contact information so that telephone calls to verify payoff information will be answered by the fraudsters.

Chicago Title’s memorandum advises closing attorneys to take the following proactive measures to minimize the risk that payoff funds will be diverted:

  • Obtain payoff statements early so they can be properly reviewed and verified.
  • Verify banking information and payoff amounts directly with the payee using known, trusted numbers rather than information from the payoff statement.
  • Refer to prior payoff statements from the same payee to confirm the banking information matches.
  • Maintain repetitive wire information within systems or databases to use for future wires. Lock this information to restrict alterations.
  • If it is impossible to make a verbal confirmation by a known trusted telephone number, consider sending overnighting a check.

Be careful out there, closing attorneys!

Cyber Incident Preparedness for Closing Attorneys

Standard

And what to do if you suspect a compromise

With the increase in wire fraud that is happening in closing offices around the country, our company recently shared two documents that I thought would be beneficial to pass along to all South Carolina dirt lawyers .

The first document is a Public Service Announcement from the FBI dated August 27, 2015 concerning Business Email Compromise (BEC). BEC is defined as a sophisticated scam targeting businesses working with foreign suppliers and businesses that regularly perform wire transfers. Legitimate e-mail accounts are compromised through social engineering and computer intrusion to conduct unauthorized wire transfers.

We have seen this happen in more than one law firm in South Carolina!

cyber-fraud-theif

This PSA states that the total number of victims from October 2013 through August 2015 was 8,179 and the total exposed dollar loss was $798,897,959!

The second document was prepared by Linda Grahovec, the Director of Education and Marketing for our company. This document provides two cyber incident checklists, one for use in preparing, and the other for use if your office is attacked.

Here are three pieces of advice for all closing attorneys:

  1. Use an e-mail system that requires two-factor authentication;
  2. Never wire funds based on the content of an e-mail. Always assume e-mail has been compromised, and validate the information by phone. A good practice would be to refrain from sending wiring instructions by e-mail.
  3. If you suspect fraud, contact the bank immediately.

Please remain vigilant! Read everything you can on this topic, and continue to update and guard your systems. One incident could easily put a law firm out of business. Title insurance companies are excellent sources of information and training on these topics! Call on them!