Brick City Title, a full-service title insurance agency, is a loyal member of the Ocala, Florida, business community and dedicated to protecting the integrity of its customers’ transactions. This commitment served them well recently when a fraudulent transaction came across the desks of two of the agency’s title professionals. By working together and proactively communicating with other transaction stakeholders, the agency foiled the fraudster and received recognition through Alliant National’s crime watch program, which offers a $1,000 reward to agents who help prevent a fraudulent transaction from closing.
A suspicious package
When the package first arrived from the buyer, Brick City Title’s Gina Preston and Cherie Breitenbecker felt like it was a step in the right direction. For some time, their agency had been attempting to collect a deposit from a cash buyer of a residential property who claimed to be conducting the deal through a trust.
Any positive feelings quickly dissipated, however, once they opened the parcel. While the sales contract for the transaction was included, there was no form of currency. Instead, the buyer had tucked several postal stamps inside the package.
Naturally, receiving such a bizarre item immediately set off alarm bells for Preston and Breitenbecker, especially since Brick City Title had repeatedly clarified to the buyer about which forms of payment the agency could accept. “If we feel or suspect anything unusual, we dig into available resources to resolve any possible fraudulent dealings,” said Preston, reflecting upon the incident. The next step for both professionals was to get on the horn to the buyer’s agent and reiterate which forms of payment were permissible – including a bank wire or a cashier’s check. A three-way call between the agent, Brick City Title and the buyer followed shortly after.
Any title agent who has been in Preston’s and Breitenbecker’s shoes will likely be able to predict what happened next. The buyer was incensed about being called out for the package and that Brick City Title was asking for more information about the trust involved in executing the transaction. After some back and forth, the buyer clammed up and ended the call. Preston, Breitenbecker and Brick City Title then took stock of what happened. A consensus quickly emerged that the whole transaction was highly suspect. The experience of other parties in the transaction further supported this view, with both the agent and seller having their own misgivings about the buyer’s behavior and demeanor.
The final step taken was to send the transaction materials to Alliant National and to subsequently cancel the transaction – much to the relief of all involved. “The seller wasn’t surprised this buyer was fraudulent,” said Preston when discussing the aftermath, “and was glad that we uncovered what we found and cancelled the transaction so that [they] could move on.”
As with any fraudulent transaction, the experience of Brick City Title provides important takeaways. It showcases how agents must not only adhere to their companies’ policies and procedures but also follow their gut instincts. In this case, the buyer’s behavior alone was a clear red flag. “I had a couple of conversations with the buyer and the conversations were not pleasant,” Preston explained. “This person had a very demanding and insulting demeanor which put me on guard.” Brick City Title’s experience also highlights how successful anti-fraud efforts are bigger than the actions of a single party. Instead, having a strong working relationship with every transaction stakeholder is the key to safe and secure transactions.
Through interfacing with its partners in the transaction, Brick City Title gained additional information that backed up their original assessment. The transaction was indeed fraudulent, and the way it was prevented is an essential reminder of how stopping fraud requires all hands on-deck.
Learn more about Alliant National’s crime watch program.
You’ve heard the rumors. Let’s dig into the facts businesses need to know.
You may have heard about the dark web before. Accessible exclusively through third-party tools, the dark web is mostly known for its association with unsavory activity. One study, for example, pegged almost 57% of all dark web content as being illegal. It is also estimated that over half of the 2.5 million daily dark web visitors have engaged in criminal behavior.[i]
Businesses can’t afford to ignore the risk represented by this hidden swatch of the internet. Let’s explore what you need to know about the dark web and steps you can take to prevent it from being weaponized against your agency.
The internet iceberg
But first, let’s flesh out the structure of the internet so we can better orient ourselves to what we’re talking about when we discuss the dark web.
Just for a moment, imagine the internet as an iceberg. Many people know that the visible portion of an iceberg represents only a tiny fraction of its full size. The same is true for the internet. That visible portion includes the sites indexed by search engines – that is, any site you can visit by typing its name into a website like Google. Below this level is what is known as the “deep web,” which should not be confused with the dark web.
While both internet levels are inaccessible through search engines, the deep web includes many sites that you and I use every day. Your email inbox, for example, is part of the deep web, as are pages detailing sensitive information like bank accounts and medical records. While the numbers vary, it is estimated that the deep web encompasses a stunning 90-95% of the internet and is 400 to 500 times larger than the surface-level internet.[ii]
Underneath all this hidden yet perfectly legitimate content is the dark web. Not only is the content not crawled by search engines like Bing, Google or Chrome, but to access it, you need to employ a specialized internet browser called “Tor.” Designed for total anonymity, Tor lets users access the internet’s most hidden and illicit content while shielding their identities and locations.
A hive of scum and villainy
In the classic 1977 space epic Star Wars, Obi Wan Kenobi’s and Luke Skywalker’s mission to defeat the Empire begins by going to the Mos Eisley spaceport to recruit the roguish smuggler Han Solo. Prior to entering the town, Kenobi cautions the young farm boy about the potential dangers they will face, referring to the location as a “wretched hive of scum and villainy.”
In many ways, the wise jedi’s words are an apt description of the dark web. While the computer network can have legitimate applications, it is teeming with illicit activity. Bad actors frequently use the communication network for all sorts of crimes, including:
- Fake IDs
- Credit card fraud
- Selling business EIN numbers
- Offering trade secrets to the highest bidder
- Publishing hacker tools
- Buying and selling prohibited items like drugs or weapons
- Engaging in human trafficking
If that wasn’t enough, the dark web can be a minefield of cybersecurity risks including malware and other viruses.
Keep your business clear of the dark web
As with most cybersecurity threats, when it comes to the dark web, prevention is the best medicine. You can do a lot to keep your agency safe by deploying strong cybersecurity protocols and safeguards. Here are a few examples:
- Enact multi-factor authentication.
- Require your staff to adhere to best practices for creating and maintaining strong passwords.
- Consider using a dark web monitoring service.
- Update your programs and ensure you have strong anti-virus software in place.
- Instruct your staff to use a virtual network server or VPN whenever they are working remotely, which will prevent data interception by cybercriminals.
Final words Although most people will go their entire lives without having to worry about the dark web, it remains a significant threat to businesses, particularly in industries like ours that handle large amounts of personal data. Taking preventative measures now can decrease your risk profile and keep your firm’s sensitive information out of th
[i] 5 Dark Web Trends in 2023 | LMG Security
[ii] Difference Between Dark Web vs. Deep Web | ExpressVPN Blog
Today’s title professionals face ever-increasing cybersecurity threats, all of which can cause major disruption and economic loss. With October being Cybersecurity Awareness Month, now is the perfect time to review the latest trends affecting our industry and understand how to mitigate some of the top challenges.
I. Wire fraud remains number one
Wire fraud continues to be the number one threat to title agents, their customers and the vitality of their business. According to the latest FBI reports, the average cost per wire fraud incident is nearly $200K, and the total number of incidents recorded this year will likely break records.
Take the following actions to derail some of the most common schemes, including phishing, business email compromise and social engineering:
- Use multi-factor authentication (MFA) for system access.
- Ensure the latest security patches are promptly installed. Read our tips on keeping programs updated consistently.
- Consider upgrading your antivirus protection with endpoint detection and response (EDR), a dynamic tool that leverages AI technology to reinforce your security.
II. Watch out for fraudulent sellers
Seller theft, one of the most significant emerging threats, involves a scheme where the seller’s identity is falsified, leading to a bogus and fraudulent sale. There is no shortage of information online regarding real estate transactions, making it easy for thieves to obtain these details. Here are some of the best strategies for combating these fraudsters:
- Use encryption to protect communications and all identifying information, including emails and data that is “at rest,” that is, data housed physically on a given computer storage device.
- Verify and validate identification through available electronic tools.
- Confirm and reconfirm throughout every step of the transaction. Slow down. Take time to verify.
To reduce fraudulent transactions and lower premiums, Alliant National has initiated a crime watch program, which incentivizes policy-issuing agents to detect and prevent illicit activity. Learn more about the program and get involved.
III. Privacy remains the focus
Ten states have now enacted comprehensive privacy laws. Six have passed laws this year alone, with Texas being just the latest to do so. All 50 states now have data breach reporting laws. Many statutes impose a significant daily fine for late notice or a private right of action for failure to comply and negligence.
What all these legislative moves imply is that privacy and sensitive data protection remains at the forefront of our industry. Title leaders must ask themselves if they are staying current on the latest technologies and techniques to guarantee end-to-end data protection, including:
- Developing a written security plan and devoting the necessary time and resources to ensure employees are trained sufficiently. maintaining complete records is important as well.
- Encrypting sensitive and non-public information, which is essential to protect against unauthorized access and breaches.
- Knowing and abiding by your state-specific breach reporting requirements.
IV. Practice secured electronic document storage
Title agencies routinely deal with electronic documents that contain large quantities of sensitive information and which represent a highly attractive target for today’s criminals. In fact, according to recent research, “88% of organizations worldwide were experiencing spear-phishing attempts in 2019. And 68% of business leaders felt their cybersecurity risks were drastically increasing.”[i]
Here are some principles to help keep these bad actors at bay:
- Ensure you are applying encryption to protect digitally stored documents.
- Perform periodic backup and recovery tests to ensure the availability and integrity of stored records.
- Maintain and test disaster recovery and business continuity plans.
V. Adhere to all regulations
Regulatory compliance requirements have increased and will continue to evolve to address shifting cybersecurity and consumer privacy issues. Stay abreast of some of the most pressing changes to the landscape:
- The current patchwork of complex state privacy and data breach laws is expected to continue growing without any expected federal legislation.
- The Gramm-Leach-Bliley Act (GLBA) has been updated for the first time since the early-aughts to address data security and privacy. Modifications to the law’s security safeguard rules are going into effect in June 2023 and will be enforced by the Federal Trade Commission.
- The National Association of Insurance Commissioners (NAIC) has released a draft of proposed 2023 privacy protection requirements modeled after the California Consumer Privacy Act (CCPA) and the New York State Department of Financial Services (NYDFS).
Taking action can keep you safe
Wire fraud. Seller falsification. Regulatory compliance. It seems like every day there is a new thing for the busy title agent to worry about. Staying apprised of the latest news and best practices, however, can help, as can seeking out the expertise of an experienced technology provider. Taking these steps, along with carrying comprehensive insurance for cybercrime and liability, can reinforce your security posture for maximum protection.
For more tips on building a safe and secure title operation, check out our other blogs focusing on IT.
[i] 2020 State of the Phish: An in-depth look at user awareness, vulnerability and resilience (proofpoint.com)
Brianna Steel is a seasoned escrow officer, having worked for a variety of title companies throughout Florida. Her years of experience served her well recently when a suspicious transaction came across her desk at Coastal Title Insurance. By trusting her instincts, collaborating with her team, and following best practices, she was able to stop a fraudulent deal from going forward. She was recognized by Alliant National through its crime watch program, which incentivizes anti-fraud efforts by offering agents a $1,000 reward.
Numerous red flags
At first, the transaction in question appeared to be a normal purchase order. Initiated by someone claiming to be “a representative” of the property owner, Steel and the rest of the Coastal Title team got started on the file as soon as they received a request from the lender.
Yet according to Steel, it didn’t take long for red flags to emerge:
- Red flag 1: The contract was missing a signature. The representative promised both Steel and Coastal Title that it was coming, but excuses kept piling up, such as the seller being unavailable. While this was suspicious, Coastal Title continued working on the file to ensure that there were no delays, while repeatedly asking the representative to complete the paperwork.
- Red flag 2: Steel and Coastal Title were asked to “split” the proceeds with non-owners/non-lien holders.
- Red flag 3: Document signatures did not match other signatures available in the public records – a huge warning sign.
- Red flag 4: All communication was conducted through one person claiming to be “assisting” the parties involved in the order.
Further complicating matters was questionable behavior on the part of the transaction’s so-called “representative.” For one thing, the representative instructed Coastal Title to wire the transaction payment to several different accounts – including one belonging to the representative – which Steel responded that they couldn’t do.
All these suspicions were eventually confirmed when Steel made a call to the supposed seller. The property’s owner informed Coastal Title that the person who had been claiming to be her representative had been terminated and had no authority to speak for her on anything.
A strong team and the right policies
In reflecting on this experience, Steel had several insights. She noted that fraud can only be prevented through productive collaboration.
“At the end of the day, it comes down to talking with everyone in your office and sharing any concerns or even weird feelings about a file,” Steel said. “We are also very strict on following the rules and guidelines for preventing fraud.”
Steel listed some of Coastal Title’s fraud prevention policies:
- Never accept wire instructions via email.
- Never send unsecured wire instructions. No exceptions. If a client gets upset, explain that the policy exists for their protection.
- Call all clients and speak with them directly for introductions. This helps ensure communication with the correct person. Steel noted that a lot of fraud takes place via email and fraudsters try to not answer the phone.
- All employees must complete annual Continuing Education classes on fraud, even if they are not licensed.
- Inform colleagues when a phishing email is received. This helps all staff members avoid accidentally opening a malicious email.
- Show bogus emails to other employees so they can see things in real time. This has advantages over simply looking at fake emails in lender portals.
Another integral part of this collaboration involves Alliant National.
“Sometimes we are on autopilot and overlook the small red flags and warnings,” Steel noted, adding that Alliant National’s Crime Watch program “incentivizes people to take a closer look at their day-to-day tasks.”
Fighting Fraud: Challenging and Rewarding
As we’ve seen, beating fraudsters at their game is not easy, and it is often only possible through strong collaboration. Yet the time, effort and energy are worth it in the end. Thinking back on her experience, Steel noted that fraud isn’t always obvious.
“It’s surreal and infuriating […] but it’s also not as black and white as we would like to think.” Steel said. “Florida has an aging population and a lot of vacation homes. It is not uncommon for someone to be ‘helping’ a seller through the process. But it is also extremely rewarding to stop these transactions and to protect the real seller and future buyers.”
That’s one reason why Steel was eager to participate in this blog. By sharing information on best practices for protecting transactions, she can continue the collaboration far beyond the walls of Coastal Title. When asked if she had any final advice for title professionals involved in anti-fraud efforts, she shared:
- Trust your gut and talk with your team.
- If you have an intake person or processor complaining they can’t get a seller on the phone, listen to them.
- Look at the signatures on the contract and the last recorded document. If it was e-signed, make sure the email address on the verification is the same you are using.
- If you have a suspicious file, ask for someone else in your office to look at it and see if they notice the same inconsistencies.
- Don’t “call out” the person that you’re concerned about; instead, ask questions and play dumb. See if you can trip them up. If fraud is confirmed, share the information with your whole office and all your underwriters.
- At the end of the day, knowledge and awareness are key and will make all the difference.
If you want more information on how Alliant National incentivizes agents to detect and prevent fraud, check out our crime watch program.
At a time when our industry is under threat from ID fraud, First International Title’s swift and decisive action in uncovering and halting two vacant property scams is an important example of care and diligence.
Sharon Garrison and Jenny Rodgers, both of whom work in the Florida-based company’s Port St. Lucie office, were recently recognized and rewarded through Alliant National’s “crime watch” program. The program offers $1,000 to an agency employee who prevents a fraudulent transaction that would have been written on Alliant National.
Clear warning signs
Like many transactions involving ID fraud, the malicious activities encountered and thwarted by Garrison and Rodgers had clear warning signs.
The properties in question were two vacant lots located in Port St. Lucie, Florida. The first was originally set to close back in March of 2023, but according to Garrison, the title processor at First International in charge of this transaction, red flags quickly emerged when she compared the name on the property deed with that on the seller’s driver’s license and found that the first name was misspelled.
There were similar warning signs with the second property, which was being processed by Rodgers. She was immediately on her guard when her property’s listing agent informed her that the seller needed to close ASAP due to her son needing surgery. It was also highly suspect that the seller’s passport and driver’s license had the same photo.
Due diligence in action
After noticing these discrepancies, both processors began delving deeper into their respective transactions. Garrison attempted to call the seller and listing agent, but she received no answer even after leaving multiple voicemails.
Rodgers also conducted her due diligence. She first reached out to the title company who worked on the property previously, only to be informed they couldn’t close the file because they had suspected fraud.
Having taken these steps, each processor then sent out Property Owner Notification letters, which are intended to trigger a response from owners. Phone number and IP verifications were also performed, which cast further suspicion. Garrison’s seller, for example, showed an IP address located in Miami, despite having claimed to live in New Milford, New Jersey. Rodgers’ IP verification revealed a similar discrepancy, with an IP address for Miami turning up when the seller claimed to be in New York.
Other actions included a rigorous comparison of handwriting via mortgage signatures and other forms of identification, assessing passport photos and conducting passport number searches. Rodgers also called the fraudster directly. She asked them to provide their date of birth so she could compare it to her records. Unsurprisingly, the fraudster provided incorrect data, and when Rodgers asked them to repeat it, they hung up.
A responsibility not taken lightly
The experiences of Garrison and Rodgers illustrate several things about the title insurance and real estates fields, specifically the importance of fraud prevention efforts.
Stopping fraud, according to Rodgers, is key to obtaining “cost savings for all parties.” But like any worthwhile goal, their respective odysseys show that beating back fraudsters requires a great deal of time and effort, not to mention passion and acute attention to detail. What’s more, it necessitates title offices having strong anti-fraud processes in place, which allows agents to objectively verify important information and stop scam transactions from going forward.
“First International Title,” said Rodgers, “has implemented Property Owners Notification letters, which we mail or FedEx to the owner based on the address on the property tax bill. This letter is a fraud prevention tool. It indicates that we have received a real estate transaction request on the property and asks the owner to call us immediately to verify this transaction is correct and if we should proceed with the sale.”
Of course, availing yourself of these resources and putting in the necessary effort becomes much easier when there is an emotional payoff at the end of the journey. As Garrison explained, while she “felt bad for the other party that was really excited about the purchase,” it was gratifying to help them not “lose the property and money.” Rodgers echoed these sentiments: “I felt a great sense of satisfaction knowing that I was able to help the person going through this awful event. She was very grateful we were able to stop these crooks.”
Alliant National’s essential role
As a title underwriter, Alliant National seeks opportunities to support and incentivize its agents’ anti-fraud efforts. Garrison said working with Alliant National teaches those in the industry “what to look for and saves all involved from experiencing loss in terms of money and property.”
By forging strong partnerships, Alliant National and its agents can push back on real estate fraud. And when that happens, everyone wins. Learn more about Alliant National’s crime watch program