Posts Tagged ‘crime’

virtual digits abstract illustration, shadow figures with magnifying glass oversight

Breach Detection: Top Signs Your Business Has Been Hacked

Breach Detection: Top Signs Your Business Has Been Hacked

In 2024, cybersecurity has firmly entrenched itself in the public imagination. It seems like barely a week goes by, for example, without a high-profile data breach. Terms like “hacking,” “malware” and even “multi-factor authentication” have become part of our everyday vernacular. Even extensive security training is now routine at many workplaces.

Yet despite this welcome increase in awareness and understanding, it can still be difficult to know exactly when your network has suffered a breach – which can have serious consequences for your business. That’s because the faster you can detect a malicious incident, the faster you can begin remediation, prevent financial or reputational fallout, and get your agency back on track. Let’s explore what potential breaches can look, feel and sound like. We will also examine steps you can take to respond in the unfortunate event of an incident.

What does a breach look like?

One of the biggest warning signs that something is amiss with your business network is simply unusual activity that you can typically see within your technology or security software. While this can sound like vague advice, it really isn’t when you know what to look for, including:

  • Strange or unrecognized logins.
  • Odd purchases made through business accounts.
  • Unauthorized changes to your account settings.
  • Unfamiliar devices connecting to your systems or network.
  • Abnormal spikes in data use or activity.

What does a breach feel like?

The warning signs of a breach are not solely visual. You can also be tipped off by how your network feels and the way your software performs. A cyberattack may result in a dramatic slowdown in performance. There is no universal experience, of course, but some of the common performance problems include:

  • Slow network speeds or crashing applications.
  • General connectivity problems.
  • Inefficient CPU or system memory usage.
  • Poor customer experience.

What does a breach sound like?

When it comes to network breaches, it may feel a bit odd to talk about warning signs that you can hear. While your technology systems aren’t typically going to tip you off this way, your agency’s human stakeholders might. Keep your ears open for feedback from those who interact with your digital assets and infrastructure. Their thoughts, feelings and experiences may prove crucial to discovering a breach and taking corrective action. Some comments that you need to take very seriously are:

  • Reports of increased phishing attempts or other suspicious emails.
  • Complaints from customers about using your digital assets.
  • Increased IT support desk tickets, depending on if you have managed security in place.
  • Occasionally, albeit rarely, compromised devices can also emit auditory signals that suggest something has gone wrong.

A four-point plan to respond to breaches

If you notice these abnormal activities, don’t brush them off! Instead, take the following four actions to contain the potential damage and reestablish your security perimeter.

  • First: Secure your compromised accounts, which can involve switching passwords and establishing multi-factor authentication if you don’t have it in place already. You should also disable affected accounts, notify all affected stakeholders, and begin preserving evidence of what has occurred.

  • Second: Focus next on investigating the malicious activity. Develop an overview of the incident by assessing the “who,” “what,” “when,” and “where” of the network breach. The purpose of this exercise is two-fold: You want to determine the scope of the problem while also determining the root causes so you can ensure it doesn’t happen again.

  • Third: Build a plan to improve the long-term security of your IT systems and to prevent similar breaches. Conduct a comprehensive review of your vulnerabilities. Implement stronger access controls, encryption protocols and cybersecurity approaches. Finally, update training programs to keep employees apprised of security changes and reinforce security standards across your organization.

  • Fourth: Don’t forget to adhere to all relevant standards and requirements regarding data breach notification. Then, conduct a review of your compliance obligations to ensure you are taking appropriate due diligence and properly protecting sensitive personal information.

A thrilling yet threatening business era

Seven decades into the information age, more people than ever are aware of both the promise and the perils of using digital systems in both life and work. Yet while cybersecurity awareness has never been more widespread than it is today, some of the common signs and symptoms of a data breach are not that widely known. Learning more about them and keeping your co-workers and team apprised is a great way to sharpen your defenses and respond decisively should the need arise.

dark photo of a disheveled man in a business suit standing next to washing machines that are laundering money

Beyond GTOs: FinCEN Proposes Expansion Of Industry Reporting Requirements

The U.S. Department of the Treasury’s Financial Crimes Enforcement Network (FinCEN) issued a Notice of Proposed Rulemaking (NPRM) on Feb. 7 to expand its efforts on a permanent basis to combat and deter money laundering through the residential real estate sector.

According to the FinCEN announcement, the proposed rule would require professionals involved in real estate closings and settlements to report information to FinCEN about non-financed transfers of residential real estate to legal entities and trusts.

“Illicit actors are exploiting the U.S. residential real estate market to launder and hide the proceeds of serious crimes with anonymity, while law-abiding Americans bear the cost of inflated housing prices,” said FinCEN Director Andrea Gacki. “Today marks an important step toward not only curbing abuse of the U.S. residential real estate sector but safeguarding our economic and national security.”

Expansion of GTO efforts

Since 2016, FinCEN has issued multiple Geographic Targeting Orders (GTOs) requiring title insurance companies to file reports on all-cash purchases having specific dollar thresholds in designated geographic areas. These GTOs last for six months at a time. The most recent GTO was issued in October 2023 and expanded the list of affected venues.

According to FinCEN’s proposed rule, expanded reporting requirements would apply on a permanent basis across the entire country, without limit to specific geographic locations or a dollar threshold. The agency will accept comments on the new proposed rule for a 60-day period following its publication in the Federal Register, scheduled for Feb. 16. According to the American Land Title Association’s (ALTA) blog of Feb. 8, FinCEN has proposed that the final rule become effective one year after it is issued.

“We are still reviewing the proposed rule and will work to ensure that FinCEN considers the information they are collecting under the new Beneficial Ownership rule, among other things, so as not to be unnecessarily duplicative and also provide clarity regarding the obligations of all real estate parties under the rule,” said Diane Tomb, ALTA’s chief executive officer. “We also appreciate, and intend to continue, the ongoing dialogue with FinCEN to craft a tailored approach limiting the transactions that must be reported to those of the greatest concern and providing avenues to help reduce the compliance burden on title and settlement companies.”

Proposed reporting structure

The proposed rule would require reporting on transfers of single-family houses, townhouses, condominiums, and cooperatives, as well as buildings designed for occupancy by one to four families. Going a step beyond the GTOs, it would also require reporting on transfers of vacant or unimproved land that is zoned, or for which a permit has been issued, for occupancy by one to four families.  Furthermore, both purchasing entities and transferee trusts are reportable unless a specific exception is applicable.

ALTA’s Feb. 8 blog summarizes reportable information under the proposed rule to include (but is not limited to) the following:

  • Name, address and taxpayer identification number (TIN) for the transferee and transferor.
  • Beneficial owner information for the transferee and anyone signing the transfer documents. (names, date of birth, addresses and TINs for those individuals).
  • Name, DOB, address and TIN for all transferors on title or the beneficial owners if the seller is an entity.
  • Address and legal description of the property.
  • information about the payments made by or on behalf of the transferee.
  • Information about any hard money or other lender not subject to anti-money laundering rules. That participated in the deal.
  • Individuals representing the transferee entity or transferee trust.
  • The business filing the report.

For a more detailed summary of requirements and exceptions under the proposed rule, please see the  Fact Sheet published by FinCEN. At Alliant National, we are committed to keeping you updated on legislation and regulations that affect your business. Stay tuned for more, as the comment period progresses.

Crime Watch Banner with computer hacker in the background and people celebrating in the foreground

Alliant National’s Crime Watch Program Caps Off Another Successful Year

Alliant National’s Crime Watch Program is a great example of the old saying that the best defense is a good offense. Designed to incentivize Alliant National’s policy-issuing agents to detect and prevent fraud, the program had a banner year during 2023. Working together, Alliant National’s network of agents prevented scores of fraudulent transactions from going forward over the past 12 months. These efforts not only protected against sizable losses but helped promote a safer and more secure industry. Now that the year has wrapped up, let’s dig into the numbers.

A problem of incredible scope

With property information readily available with a click of the mouse, it is easier than ever for bad actors to research and identify potential targets. The result has naturally been a huge uptick in criminal activity over the last few years. In fact, FBI data indicates that “more than 13,000 people were victims of wire fraud in the real estate and rental sector in 2020, with losses of more than $213 million — an increase of 380% since 2017.”[i]

Fighting fraud requires all hands on deck

To help empower independent agents and assist the title industry in combating fraud, Alliant National initiated its Crime Watch Program several years ago. The initiative rewards agents $1,000 each time they prevent a fraudulent transaction – and the results have been impressive. Year after year, Alliant National’s agents have helped stem the tide of criminals targeting the industry, identifying fraudulent behavior and saving consumers from financial loss and unnecessary stress.

During the program’s lifespan, we’ve seen a number of best practices to help prevent fraud:

  • Never accept wire instructions over email.
  • Double-check all contact information. Then, check it again.
  • Always send wire instructions through a secure, encrypted communication channel.
  • Pay particular attention to any last-minute changes with a transaction, especially with wire transfer information.
  • Speak directly to clients to make sure they are who they say they are.
  • Become as familiar as you can with the history of the property you’re working with and watch for any irregularities.
  • Stay current with all continuing education classes to remain apprised of the latest developments in title fraud and cybercrime.
  • Trust your gut when something feels off and work closely with colleagues to have a unified front against fraudsters.
  • Use real world examples of fraudulent activity to educate colleagues or employees on how to spot fraud.
  • Have a response plan in place if a fraudster is able to get around your agency’s defenses.

2023 was a successful year of fraud busting

For Alliant National’s Crime Watch Program in 2023, past successes were prelude to a tremendous year of fraud busting. Collectively, agents identified and prevented over 25 instances of fraud, totaling more than $280 million in proposed liability. The agents involved in stopping these fraudsters came from a variety of states – including Florida, Missouri and Texas – and the specifics of each fraudulent transaction also ran the gamut. Some of the top schemes encountered by agents included:  

  • Business email compromise
  • Seller impersonation
  • Fraudulent contracts
  • Fraudulent documents like passports
  • Fraudulent cashiers’ checks

Let’s stop fraudsters in 2024

Everyone has their own New Years’ resolutions, but for the title insurance industry, one of the most important should be taking all available actions to detect and ultimately prevent fraud. Since the inception of Alliant National’s crime watch program, we have seen how powerful it is when agents proactively address suspicious transactions. While not all fraud can be prevented, the program is a testament to what the industry can do when it unites against criminals.

Want to learn more about Alliant National’s crime watch program and how your agency can get rewarded for stopping fraudsters? Start here.


[i] Wire Fraud (nar.realtor)

Crime watch banner above a picture of Florida's Cherie Breitenbecker and Gina Preston Brick City and Alliant National's Chris Yates.

Fraud Busting with Brick City Title

Brick City Title, a full-service title insurance agency, is a loyal member of the Ocala, Florida, business community and dedicated to protecting the integrity of its customers’ transactions. This commitment served them well recently when a fraudulent transaction came across the desks of two of the agency’s title professionals. By working together and proactively communicating with other transaction stakeholders, the agency foiled the fraudster and received recognition through Alliant National’s crime watch program, which offers a $1,000 reward to agents who help prevent a fraudulent transaction from closing.

A suspicious package

When the package first arrived from the buyer, Brick City Title’s Gina Preston and Cherie Breitenbecker felt like it was a step in the right direction. For some time, their agency had been attempting to collect a deposit from a cash buyer of a residential property who claimed to be conducting the deal through a trust.

Any positive feelings quickly dissipated, however, once they opened the parcel. While the sales contract for the transaction was included, there was no form of currency. Instead, the buyer had tucked several postal stamps inside the package.

Alarm bells

Naturally, receiving such a bizarre item immediately set off alarm bells for Preston and Breitenbecker, especially since Brick City Title had repeatedly clarified to the buyer about which forms of payment the agency could accept. “If we feel or suspect anything unusual, we dig into available resources to resolve any possible fraudulent dealings,” said Preston, reflecting upon the incident. The next step for both professionals was to get on the horn to the buyer’s agent and reiterate which forms of payment were permissible – including a bank wire or a cashier’s check. A three-way call between the agent, Brick City Title and the buyer followed shortly after.

Any title agent who has been in Preston’s and Breitenbecker’s shoes will likely be able to predict what happened next. The buyer was incensed about being called out for the package and that Brick City Title was asking for more information about the trust involved in executing the transaction. After some back and forth, the buyer clammed up and ended the call. Preston, Breitenbecker and Brick City Title then took stock of what happened. A consensus quickly emerged that the whole transaction was highly suspect. The experience of other parties in the transaction further supported this view, with both the agent and seller having their own misgivings about the buyer’s behavior and demeanor.

The final step taken was to send the transaction materials to Alliant National and to subsequently cancel the transaction – much to the relief of all involved. “The seller wasn’t surprised this buyer was fraudulent,” said Preston when discussing the aftermath, “and was glad that we uncovered what we found and cancelled the transaction so that [they] could move on.”

Lessons learned

As with any fraudulent transaction, the experience of Brick City Title provides important takeaways. It showcases how agents must not only adhere to their companies’ policies and procedures but also follow their gut instincts. In this case, the buyer’s behavior alone was a clear red flag. “I had a couple of conversations with the buyer and the conversations were not pleasant,” Preston explained. “This person had a very demanding and insulting demeanor which put me on guard.” Brick City Title’s experience also highlights how successful anti-fraud efforts are bigger than the actions of a single party. Instead, having a strong working relationship with every transaction stakeholder is the key to safe and secure transactions.

Through interfacing with its partners in the transaction, Brick City Title gained additional information that backed up their original assessment. The transaction was indeed fraudulent, and the way it was prevented is an essential reminder of how stopping fraud requires all hands on-deck.

Learn more about Alliant National’s crime watch program.

Man in the darkness, Glitch effect added

Dark Web 101

You’ve heard the rumors. Let’s dig into the facts businesses need to know.

You may have heard about the dark web before. Accessible exclusively through third-party tools, the dark web is mostly known for its association with unsavory activity. One study, for example, pegged almost 57% of all dark web content as being illegal. It is also estimated that over half of the 2.5 million daily dark web visitors have engaged in criminal behavior.[i]

Businesses can’t afford to ignore the risk represented by this hidden swatch of the internet. Let’s explore what you need to know about the dark web and steps you can take to prevent it from being weaponized against your agency.

The internet iceberg

But first, let’s flesh out the structure of the internet so we can better orient ourselves to what we’re talking about when we discuss the dark web.

Just for a moment, imagine the internet as an iceberg. Many people know that the visible portion of an iceberg represents only a tiny fraction of its full size. The same is true for the internet. That visible portion includes the sites indexed by search engines – that is, any site you can visit by typing its name into a website like Google. Below this level is what is known as the “deep web,” which should not be confused with the dark web.

While both internet levels are inaccessible through search engines, the deep web includes many sites that you and I use every day. Your email inbox, for example, is part of the deep web, as are pages detailing sensitive information like bank accounts and medical records. While the numbers vary, it is estimated that the deep web encompasses a stunning 90-95% of the internet and is 400 to 500 times larger than the surface-level internet.[ii]

Underneath all this hidden yet perfectly legitimate content is the dark web. Not only is the content not crawled by search engines like Bing, Google or Chrome, but to access it, you need to employ a specialized internet browser called “Tor.” Designed for total anonymity, Tor lets users access the internet’s most hidden and illicit content while shielding their identities and locations.

A hive of scum and villainy

In the classic 1977 space epic Star Wars, Obi Wan Kenobi’s and Luke Skywalker’s mission to defeat the Empire begins by going to the Mos Eisley spaceport to recruit the roguish smuggler Han Solo. Prior to entering the town, Kenobi cautions the young farm boy about the potential dangers they will face, referring to the location as a “wretched hive of scum and villainy.”

In many ways, the wise jedi’s words are an apt description of the dark web. While the computer network can have legitimate applications, it is teeming with illicit activity. Bad actors frequently use the communication network for all sorts of crimes, including:

  • Fake IDs
  • Credit card fraud
  • Selling business EIN numbers
  • Offering trade secrets to the highest bidder
  • Publishing hacker tools
  • Buying and selling prohibited items like drugs or weapons
  • Engaging in human trafficking  

If that wasn’t enough, the dark web can be a minefield of cybersecurity risks including malware and other viruses.

Keep your business clear of the dark web

As with most cybersecurity threats, when it comes to the dark web, prevention is the best medicine. You can do a lot to keep your agency safe by deploying strong cybersecurity protocols and safeguards. Here are a few examples:

  • Enact multi-factor authentication.
  • Require your staff to adhere to best practices for creating and maintaining strong passwords.
  • Consider using a dark web monitoring service.
  • Update your programs and ensure you have strong anti-virus software in place.
  • Instruct your staff to use a virtual network server or VPN whenever they are working remotely, which will prevent data interception by cybercriminals.

Final words Although most people will go their entire lives without having to worry about the dark web, it remains a significant threat to businesses, particularly in industries like ours that handle large amounts of personal data. Taking preventative measures now can decrease your risk profile and keep your firm’s sensitive information out of th


[i] 5 Dark Web Trends in 2023 | LMG Security

[ii] Difference Between Dark Web vs. Deep Web | ExpressVPN Blog

Let's Connect

Discover more stories and conversations on our social media networks,
or drop us a line on our contact page.


The Independent Underwriter for
the Independent AgentSM