Wire fraud is a growing concern in the title industry. Hackers are using increasingly sophisticated techniques to trick title companies and their customers into sending wire transfers to fraudulent accounts. To address this issue, ALTA recently hosted a webinar titled “ALTA Insights: The State of Wire Fraud in the Title Industry.”
In this webinar, Tom Cronkright, co-founder of CertifID, and Matt McBride, vice president of risk management and compliance for Shaddock National Holdings, discussed the current state of wire fraud in the title industry and offered tips for preventing wire fraud.
The webinar began with an overview of wire fraud and its impact on the title industry. The experts then discussed some of the common techniques that hackers use to perpetrate wire fraud. These include phishing emails, social engineering and malware attacks. Phishing emails are emails that appear to be from a legitimate source, such as a title company, but are actually sent by a hacker.
Social engineering involves tricking individuals into divulging sensitive information, such as login credentials, through social interactions. Malware attacks involve infecting a computer with a virus or other malicious software that can be used to steal sensitive information.
Cronkright and McBride walked through how some scams are carried out, including seller impersonation used on vacant properties and mortgage payoffs.
Wire fraud cases
To prevent wire fraud, the webinar offered several tips for title companies and their customers. These include:
Verifying wire transfer instructions: Before sending a wire transfer, customers should verify the instructions with the title company using a known phone number or email address. They should not rely solely on the instructions received in an email.
Using multifactor authentication: Title companies should require customers to use multi-factor authentication, such as a password and a security token, to access their accounts.
Educating employees: Title companies should provide training to their employees on how to identify and prevent wire fraud. This can include education on how to recognize phishing emails and how to implement best practices for computer security.
Implementing secure email systems: Title companies should implement secure email systems that use encryption and other security measures to protect against hackers.
The speakers also shared some new techniques used by scammers who have access to more resources than ever to perfect the attacks that lead to wire fraud.
SpoofCard (Call back spoofing): This is when a caller deliberately falsifies the information transmitted to your caller ID display to disguise their identity. Scammers often use neighbor spoofing so it appears that an incoming call is coming from a local number, or spoof a number from a company or a government agency that you may already know and trust. If you answer, they use scam scripts to try to steal your money or valuable personal information, which can be used in fraudulent activity.
Deepfake (AI voice replication): Artificial intelligence voice cloning is a deepfake technique that can analyze and replicate a human’s voice. All it requires is a short voice sample of the human voice you want to replicate, and the AI will learn it instantly.
Influence Bots (open-source intelligence): Social bots are a current phenomenon in social media and are increasingly used to influence users of social platforms.
SIM swap (SS7 Network): This is a type of account takeover fraud that generally targets a weakness in two-factor authentication and two-step verification in which the second factor or step is a text message (SMS) or call placed to a mobile telephone.
AI-generated attack emails: Chat GPT AI text-generating interfaces are being used to create malicious messages designed to spearphish, scam, harass and spread fake news. These AI-based systems can also be used for BEC scams.
By following these tips and implementing best practices for preventing wire fraud, title companies can better protect their customers and themselves from financial losses.
In November, the FBI released a report that summaries its efforts to combat business email compromise (BEC) scams and real estate wire fraud by working with partners to identify perpetrators and dismantle their organizations. The report was also spurred by ALTA’s efforts the past two years to get language included in various House and Senate appropriations reports directing respective agencies to report on efforts to combat and raise awareness of BEC and wire fraud, and collaborate with industry partners to address threats.
Earlier this year, ALTA released a revision to its Best Practices. Included in the update, were changes to the use of wire verification services and use of manual or electronic methods for daily reconciliation, and specific action of identification and investigation of discrepancies, as well as revisions to protecting non-public information.
Video: Protect Your Money from Wire Fraud Schemes
ALTA Outgoing Wire Preparation Checklist
ALTA Rapid Response Plan for Wire Fraud Incidents