Buying your first home should be an exciting process, one where at the end you can put down roots and have a beautiful home to start your new life in.
Over the past couple of weeks I’ve been watching with disgust as a blogging colleague who should have been celebrating buying her first home, has instead had her life savings of $50,000 stolen in what is becoming a far too common scheme.
She has fallen prey to what is commonly referred to by the FBI’s economic crimes squad as a “Business E-Mail Compromise” scam.
Today I thought I’d take a brief look at how these types of scams work, while highlighting her experience to shine a light on this type of scam. Hopefully it can help others to avoid falling prey as well.
Buying A Home – A Flurry Of Activity
When buying a new home there is often a flurry of activity as you get all of your ducks in a row. You set about securing financing, setting up times for inspections, scheduling closings and so on. There is often a frantic pace as you approach the closing on your home, and hackers know you may be more susceptible to falling for their scam at such a time.
They’re banking on the idea that you’re overwhelmed, and that you’ll make a simple mistake. A mistake like assuming that emails you receive from a title company or real estate agent are legitimate, when in fact they’re spoofed, and can contain convincing information they pulled from hacked emails from the person they’re spoofing.
The Hackers Pounce
Shannyn was buying her first home and would be closing on the home within the next day or so. That’s when the hackers pounced. From Shannyn’s Facebook post:
It turns out, the Title company, who got me my closing information with just 6 business hours to get the closing amount together, didn’t return my emails or calls when I had questions about the process- were ripe for the picking when the hackers came in to mimic their systems and sent me a frantic “last minute change”as I headed to the bank.
How did this happen? The hackers will watch an email chain for weeks, and then wait to pounce. The title company says they were hacked, and when that happens, the scammers mimic their email addresses, scrape the information and then swoop in to change details of the closing information at the last minute (via email) to only the buyer.
They watch the emails of the title company (before you, the buyer are even on the email chain) and WAIT for the right moment, maybe a few hours before close, or if you said you were heading to the bank- and then pounce. They have the same letter head, mirrored email addresses and the entire chain of emails (this one dated back 2 weeks).
I knew something was wrong, but when I flagged it to my Realtors before I went to the bank, they didn’t acknowledge it. The kicker? My Realtor apparently has seen this happen before with a different title company. With the clock ticking and nobody addressing my concerns- I felt pressure to close.
The title company hadn’t returned my calls the day before, nor my emails. I literally was heading to the bank that morning and the scammers saw their opportunity to interject themselves and send last minute changes… the last minute changes were with mimicked emails, the same letterhead and details they had gotten by watching my title company’s email for the last few weeks. I smelled something fishy, but nobody came to help when I asked.
I even forwarded the email to my Realtors saying “this doesn’t seem right.” I KID YOU NOT.
Email Accounts Compromised
These wire fraud schemes often start when an email account or personal or business computer is compromised by a hacker. In Shannyn’s case that seems to be exactly what happened. The hackers likely compromised the email accounts at the title company, keeping watch on their email chains, waiting for the right moment to inject themselves. They prepared fake emails that appeared legitimate and when they saw she was going to be heading to the bank to wire closing funds, they sent her alternate wiring instructions.
Even at this point her situation could have been avoided if only the title company agents, her real estate agent or someone who was supposed to be in her corner had gone to bat for her and realized that something was going on, or even if they had just answered the phone and confirmed for her that the wiring instructions were not correct.
They also left themselves open to fraud because their process allowed the sending of secure wire transfer information via unsecured methods – email – when things like that should never be sent via email, attachment or other unsecured methods. Any secure financial data like that should only be passed via a secure portal, in person or over the phone.
Once You Send The Transfer, Your Money Is in Jeopardy
Shannyn felt the pressure to get to the closing that Friday and after not getting any good responses from the closing team she went ahead with the wire transfer at her bank, Chase. She didn’t want to hold up the closing.
At this point she knew something still didn’t feel right. Within 2 hours of the transfer she realized that she had been had, and she contacted her bank.
When it comes to recovering your money, the FBI says that time is of the essence.
The FBI says time is crucial in cases of wire transfer fraud. When alerted within three days, the FBI reports a 70 percent success rate of getting the money. That success drops significantly as the cash moves through a network of bank accounts.
Thankfully in Shannyn’s case they discovered her money had been transferred to Bank of America where the hackers had an account, and the money has been frozen by BoA. The story doesn’t end there, however.
Getting Your Money Back May Not Be As Easy As You Think
Even though Shannyn’s money had been frozen at Bank of America, the process of trying to get her money back hasn’t been an easy one, and thus far she hasn’t gotten it back.
Shannyn has spent over a week on the phone with the FBI, and with tens of different people at both Chase and Bank of America. She’s had to start a Twitter campaign to even get someone to call her back from Chase. Even after being escalated to the executive offices at Chase after getting some help from a local Chase bank manager, she’s still getting the run around. People who promise to call her back about her case aren’t calling her back.
At this point Bank of America have stated that they have her money, and will release it to her bank if Chase will provide them with a “holds harmless letter”, releasing them of liability, but Chase won’t do that.
BoA says now that they have the funds. They requested Chase releases them of (or takes) liability for the issue for whatever reason with a “holds harmless” letter. Obviously, Chase doesn’t want to do that.
I have a contact at BoA and at Chase that are watching my case. Just reached out to them again via social. My executive caseworker at Chase hasn’t returned my calls on Friday or today, after I’ve given her 2.5 full business days to at least update.
At this point the Chase team is once again not staying in contact, and Shannyn still doesn’t have her funds. It’s a standoff.
BoA has the money, but won’t release it without a release of liability. Chase won’t give them that and so Shannyn gets the shaft, and her money remains in limbo.
I wish I had a better ending to the story than that, but at this point it seems like the banks are more worried about covering their own rear ends than they are about actually helping out a customer to retrieve her life savings. I’ll update this post once Shannyn finds some sort of resolution, but at this point it sounds like it may involve hiring an attorney in order to get her money back through the court system.
UPDATE: Shannyn has announced that she has gotten all of her money back from Bank of America (minus about $400 or so that was missing probably due to an existing overdraft on that account). No lawyers had to be involved thankfully. Apparently the FBI team on her case was able to apply some pressure from their end and give the bank some extra reason (and liability cover) to release her funds. I’m glad Shannyn was able to get this resolved better than many others who ended up losing their money.
In the end she also was able to purchase the same home as the seller was pretty understanding and allowed them to push back the closing. Congrats on your new home Shannyn!
Wire Fraud Schemes On The Rise
Wire fraud schemes are becoming more and more common, according to the FBI.
The “Business Email Compromise/Email Account Compromise“scam continues to grow, evolve, and target small, medium, and large businesses. Between January 2015 and December 2016, there was a 2,370% increase in identified exposed losses. The scam has been reported in all 50 states and in 131 countries.
There was a 2,370% increase in identified exposed losses in the past year alone!
Between October 2013 and December 2016 the FBI says there have been $5.3 billion in domestic and international exposed dollar loss. In the U.S. alone there has been almost $1.6 billion in losses.
You can see why hackers are engaging in this type of crime, it’s extremely lucrative.
Title Companies Especially Targeted
According to the FBI, all participants in real estate transactions, and in particular title companies, are being targeted by thieves.
The BEC/EAC scam targets all participants in real estate transactions, including buyers, sellers, agents, and lawyers. The IC3 saw a 480% increase in the number of complaints in 2016 filed by title companies that were the primary target of the BEC/EAC scam. The BEC/EAC perpetrators were able to monitor the real estate proceeding and time the fraudulent request for a change in payment type (frequently from check to wire transfer) or a change from one account to a different account under their control.
For most people buying a home is one of the biggest transactions they’ll ever engage in, and you stand to lose a lot of money if you aren’t careful.
Take the extra time to do your research, and if something doesn’t feel right, trust your gut.
Things You Can Do To Protect Yourself Against Wire Fraud Schemes
There are things you can do to protect yourself from becoming a victim to a wire fraud scam.
- Don’t use a wire transfer to pay for your down payment. Use a cashier’s check instead.
- Don’t automatically trust the information you get in emails – even if they look legitimate. They can be getting legitimate information from hacked email accounts, making you feel like their emails are real.
- Verify the instructions you get independently by phone or in person.
- If you use the phone to verify the information, look up the number yourself. Don’t use the number listed on the email because that could be fake, too. Scammers can sometimes have a nearly identical phone number to your title company due to easy, free services like Google Voice that allow them to get similar numbers in the same area code for free. If you end up calling to verify to the wrong number, they will pose as your title company and buy themselves more time to take your money.
- Don’t just hit “reply” to answer an email dealing with your finances. Scammers can make an email address look real, but direct replies to themselves. So, take time to type in the proper email address yourself.
- Never send out wire instructions through regular email. Don’t send it in the body of an email, and not in an attachment. Instead get it in person, use a secure company portal or a site like DocuSign or SignNow.
- Use an established and legitimate title company and real estate company that take cyber security seriously. That includes using secure portals for any documents, being responsive to phone queries and other requests, and keeping you abreast of any scams/etc to be aware of.
- Again… don’t use a wire transfer.
What To Do If You’re A Victim Of Wire Fraud
If you’ve already become a victim of wire fraud like Shannyn, time is of the essence, you need to act quickly. The FBI says you need to:
- Contact your financial institution immediately upon discovering the fraudulent transfer
- Request that your financial institution contact the corresponding financial institution where the fraudulent transfer was sent
- Contact your local Federal Bureau of Investigation (FBI) office if the wire is recent. The FBI, working with the United States Department of Treasury Financial Crimes Enforcement Network, might be able to help return or freeze the funds
- File a complaint, regardless of dollar loss, at www.IC3.gov
In Shannyn’s case she was able to contact the banks within a couple of hours of the fraudulent transfer taking place. That was likely key in helping to freeze the funds at the destination bank and will probably be the reason she recovers her funds.
For others who may not have been lucky, the fact that they didn’t receive enough warning from their title company or their real estate agents, as well as not enough help from their banks is frustrating.
There really does need to be some fundamental changes made in order to make scams like this less likely to succeed. Disclosures about these scams should be made up front during the home buying process.
Wire transfers should be done away with in favor of cashier’s checks or other more secure methods.
Closing companies and real estate estate companies need to put in place secure processes that preclude things like this from happening.
Until those things happen, however, I’m sure we’ll continue to see more of these unfortunate stories popping up in the news.
Shannyn’s advice?
Really, at the end of the day, I would say no to wire transfers. Wires simply aren’t safe. Title companies may pressure you to do one, but I wouldn’t. The scammers are evolving too fast, and they’re hacking institutions. The buyer has no way of knowing if their title company has a secure message system, and no way to know if the title company has been hacked. If you ask, they’ll say “yes of course we’re secure”. Or they may not even know. So just avoid wire transfers.
Probably good advice. Just say no to wire transfers kids.
More Reading On The Mortgage Closing Costs Scam
- 4 Types of All-Too-Common Real Estate Scams Making Headlines
- 142k Down Payment Stolen In Email Scheme
- Email Scam Targets Homebuyers
- Business Email Compromise – The 5 Billion Dollar Scam
- Scammers Phish For Closing Costs
- Protect Against Wire Fraud
Share Your Thoughts: