Fighting Back Against “Social Engineering” Cyberattacks
Any time large amounts of money change hands — as they do in most real estate transactions — nefarious hackers are nosing around, searching for a way in. That’s why Safe Harbor Title Company guards vigilantly against cyberattacks. We use encrypted email to communicate with lenders, so our clients’ personal data is safe. Safe Harbor Title also carries a cyber-liability insurance policy to cover losses from hacking (in addition to a surety bond and fidelity bond to protect losses from internal theft).
But online fraud doesn’t have to be high-tech to succeed. Sometimes, fraudsters try social engineering attacks, which means they achieve their ends by manipulating people, not machines. Here’s an example of how it works in the real estate business:
Let’s say a title company is working on a closing on behalf of a purchaser. Emails are flying back and forth between the purchaser, the seller, the lender, the Realtor, and the title companies. The transaction is nearing completion when the title closer receives an email from the Realtor that says, “Attention: The seller’s wire instructions have changed. Attached please find amended instructions.” To confirm the change, the closer calls the seller and the Realtor, but only gets their voicemails. So she wires $100,000 to the new account — which turns out to be fraudulent.
To execute this crime, the fraudster only has to hack into the Realtor’s email account — not too difficult, especially if the agent is using his personal email to conduct business. Then he can create a similar-looking email and insert his message into the ongoing conversation. Once the money’s gone, it’s gone, unless the bank’s fraud investigators manage to stop it. This is why Safe Harbor Title Company requires verbal confirmation from the seller any time wire instructions are altered. No exceptions. Want to know more about how we protect our clients’ money from bad guys? Ask us!