Business Email Compromise (BEC) scams have been on the rise for the last few years, and no industry is safe from these scammers.
It has been revealed last week that art galleries and collectors are being actively targeted, and recent reports by The Washington Post and CNBC show that email accounts of home buyers and sellers, lawyers, real estate, title and escrow agents are increasingly being compromised by scammers, and access to them misused to redirect wired money to accounts under the scammers’ control.
Not a new trend
The trend of BEC scammers targeting all participants in real estate transactions has been noted by the FBI earlier this year.
“The IC3 saw a 480% increase in the number of complaints in 2016 filed by title companies that were the primary target of the BEC/EAC scam. The BEC/EAC perpetrators were able to monitor the real estate proceeding and time the fraudulent request for a change in payment type (frequently from check to wire transfer) or a change from one account to a different account under their control,” the agency shared.
According to the latest FBI numbers, in 2017, nearly $1 billion was diverted or attempted to be diverted from real estate purchase transactions to accounts controlled by criminals.
What to do?
All participants in real estate transactions should be aware that, despite many precautions, it’s possible that their email accounts have been compromised.
Before wiring any kind of payment, and especially if the amount is considerable, they should confirm that the provided bank account information is genuine by picking up the phone and calling the email sender directly. The phone number should not be sourced from the email asking for the payment, but obtained from the agency’s website or from a business card received by its representative.
Every email involving last-minute changes to money wiring instructions should be considered suspect.
Those who have fallen for the scam should contact their bank as soon as possible, and attempt to prevent the fraudulent transaction being effected. If the wire transfer has occurred within the last 72 hours and is international, the bank could send a Financial Fraud Kill Chain request to the FBI, and perhaps the withdrawal of cyber crime funds by criminal actors can be prevented.