Every wire fraud defense expert says the number one factor in recovering diverted funds is time. Every minute counts when fraud has been detected, and hesitations or delays can impede efforts to track down and restore lost funds.
That’s why a Wire Fraud Response Plan is imperative for every title agent.
Before you create your plan, or if you are undergoing a review of your current plan, we encourage you to download Alliant National’s recently updated Escrow Fraud/Social Engineering: Recent Schemes and Prevention Tipswhite paper. This 23-page guide provides an in-depth review of the current schemes and offers a wealth of tools and resources for building a strong defense against fraudsters.
Here are some things to consider when creating your response plan.
Elements of a Wire Fraud Response Plan
The first step in preventing wire fraud is to maintain policies and procedures for verification of wire instructions for the protection of everyone involved in the real estate transaction.
But should the unthinkable happen, remember that the most successful response strategies are those established well in advance and communicated to staff members and your bank.
Like a well-trained sports team, every member of your team must know their role and be prepared to leap into action.
General protocols
Establish a close relationship with your bank representatives and continually dialogue regarding updated fraud threats.
Discuss wire retrieval scenarios and establish emergency contacts in the bank’s fraud department, whom you can call at a moment’s notice day or night.
Download and fill in the Wire Fraud Contacts form in our Escrow Fraud/Social Engineeringwhite paper and provide it to staff members charged with addressing suspected fraud.
Action steps
Notify management the moment suspicion arises that a wire may have been misdirected.
If funds have been transferred to the receiving bank and cannot be recalled, ask your bank (the sending bank) to formally request that the receiving bank freeze the funds.
Agents may also attempt to directly contact the receiving bank to ask that the funds be frozen.
Contact local police in your jurisdiction and the jurisdiction of the receiving bank.
Report the fraud immediately to your local FBI office.
File a complaint with the FBI’s Internet Crime Complaint Center (IC3).
Contact the underwriter involved in the transaction. Alliant National is available to help you evaluate the situation.
Contact your corporate attorney to let him or her know about the events taking place.
Depending on the nature of the fraud, contact the appropriate insurance provider (Cyber-Liability, Escrow Security Bond or Errors & Omissions).
Putting all of these resources in motion immediately can be extremely useful, as anyone of these professionals or organizations may have information that could assist you in recovering your funds.
IC3 may be one of your most important contacts. In 2018, IC3 established its Recovery Asset Team (RAT) to streamline communications with financial institutions and FBI field offices to assist freezing of funds for victims.
In 2021, RAT initiated the Financial Fraud Kill Chain (FFKC) on 1,726 Business Email Compromise (BEC) complaints involving domestic to domestic transactions with potential losses of $443,448,237. A monetary hold was placed on approximately $329 million, which represents a 74% success rate.
The efficiency of this organization’s work is largely dependent on the speed with which they are advised, so it’s critical that they be an important part of your Wire Fraud Response Plan.
Even the most vigilant companies may fall prey to fraud, but putting protocols in place can greatly reduce your exposure and give you a pathway to recovering lost funds.
As always, call your Alliant National underwriting team if you have any questions or concerns. We are here to help!
Alliant National’s Crime Watch Program creates a formidable partnership to fight fraud.
There is no other way to say it: Real estate fraud is a major problem in the United States. According to the National Association of Realtors, nearly 14,000 people were victimized by real estate fraud in 2020 alone.[i] Combatting this growing threat requires strong partnerships, and Alliant National’s Crime Watch Program seeks to foster such partnerships by rewarding Alliant National agents who prevent fraudulent closings.
The program has produced real results over the years. In this blog, we will look at a recent detection and prevention of a fraudulent transaction by Siesta Title and Escrow Services LLC.
Alliant National Agents on Crime Watch
Alliant National offers a $1,000 reward to Alliant National agents who help prevent a fraudulent transaction from closing. The company created the program to help raise agents’ awareness of potential fraudulent transactions and to reduce the overall cost of claims.
To qualify for consideration to receive a reward under the Crime Watch Program, an agent must satisfy a few requirements:
The reporting agent must be an active Alliant National agent in good standing.
The agents must prevent a fraudulent transaction or forgery involving a real estate transaction that was intended to be insured by Alliant National.
In the case of forgery, the intended forgery must include the falsification of a signature with an intent to defraud.
The Crime Watch Nomination form must be executed by an owner/manager.
All available and relevant documentation – including evidence showing that the transaction was to have been insured by Alliant National – must be submitted to the appropriate Alliant National State or Regional Agency Manager along with the Award Nomination form.
The submission form and all relevant documentation will be reviewed by the company and a final determination will be made.
Siesta Title Spots Suspicious Activity
Siesta Title and Escrow Services LLC, a title agency headquartered in Port Charlotte, Fla., recently submitted a suspected fraud to Alliant National. Their story underscores the importance of Alliant National’s Crime Watch Program and how collaboration between agents and underwriters can help stop fraud.
The property in question was a vacant lot in Port Charlotte that had been owned by a Canadian man for 30 years. Quite quickly there were communication problems and other warning signs that something about the transaction was amiss.
“The seller was hard to reach from the beginning, did not respond to emails and only called once, but it was a horrible connection,” said Amanda Pertuch, the submitting agent.
Some of the other indicators that tipped Amanda off to the questionable nature of the transaction included:
The purported seller having suspicious-looking ID
The purported seller’s wiring instructions going to a foreign bank
The purported seller’s letterhead having an address associated with a vacant lot
The purported seller not having a bank account in the same country where he holds citizenship
The notary on the closing documents was already on Siesta’s fraud alert list
The purported seller not showing up in any Google searches
Following verification by Amanda’s manager and Alliant National, the suspected fraud was confirmed, and the transaction was cancelled. The proposed liability amount for the transaction was $160,000.
“I’m glad and relieved that we were able to catch this fraud attempt,” said Pertuch. “Anti-fraud programs are important for our industry to keep claim costs under control. I’m happy Alliant National and Siesta Title were able to take care of this quickly and efficiently.”
If you suspect fraud, notify your manager immediately. Your manager may investigate further and will determine next steps. Under no circumstance should suspicions be communicated to outside parties without prior approval from your manager.
Fraudsters will often attempt to speed the transaction along; do not let them succeed. If you suspect fraud or forgery, conduct a full investigation before proceeding to close the transaction and issuing the policy.
Managers should contact Alliant National underwriting or claims for further assistance.
Working Together, We Can Limit Fraud
Alliant National is committed to limiting fraud and lowering claim costs. However, we can’t do it alone. Just as our ability to deliver high-quality title insurance hinges on our partnerships with agents, so too does our capability to detect and thwart fraud. And as Siesta Title and Escrow Services’ work shows, when those partnerships work, real results that reward agents and protect transactions are indeed possible.
The FBI’s Internet Crime Complaint Center (IC3) 2021 report released in March highlighted an “unprecedented increase in cyberattacks and malicious cyber activity” resulting in a dramatic escalation in financial losses.
In 2021, IC3 received 847,376 complaints from consumers and businesses – a 7% increase from 2020 – with potential losses exceeding $6.9 billion. Most significantly for the title insurance industry, business email compromise (BEC) schemes resulted in losses of nearly $2.4 billion, up 33% from 2020.
In its report, the IC3 identified Russia as a hot spot for cyberattack actors in 2021. In recent weeks, the risk of those cyberattacks has grown exponentially in retaliation for the many sanctions imposed on Russia following its invasion of Ukraine on Feb. 24.
On March 21, President Biden released a statement highlighting the imminent threat to our nation’s cybersecurity. That same day, Deputy National Security Advisor Anne Neuberger said in a press briefing, “We’ve previously warned about the potential for Russia to conduct cyberattacks against the United States, including as a response to the unprecedented economic costs that the U.S. and allies and partners imposed in response to Russia’s further invasion of Ukraine. Today, we are reiterating those warnings, and we’re doing so based on evolving threat intelligence that the Russian government is exploring options for potential cyberattacks on critical infrastructure in the United States.”
These imminent threats are a reminder of how important it is to take the necessary steps to protect your agency and your customers.
Alliant National has just released a white paper titled Escrow Fraud/Social Engineering: Recent Schemes and Prevention Tipsto provide our agents with information, risk factors and protocols that will help you partner with consumers, real estate agents and lenders to defend against the fraudsters.
In addition, the Biden Administration released a Fact Sheet, urging companies to take immediate steps to protect their systems, including:
Mandate the use of multi-factor authentication on your systems to make it harder for attackers to get onto your system
Deploy modern security tools on your computers and devices to continuously look for and mitigate threats
Check with your cybersecurity professionals to make sure that your systems are patched and protected against all known vulnerabilities
Change passwords across your networks so that previously stolen credentials are useless to malicious actors
Back up your data and ensure you have offline backups beyond the reach of malicious actors
Run exercises and drill your emergency plans so that you are prepared to respond quickly to minimize the impact of any attack
Encrypt your data so it cannot be used if it is stolen
Educate your employees on common tactics that attackers will use over email or through websites
Encourage employees to report if their computers or phones have shown unusual behavior, such as unusual crashes or operating very slowly
Engage proactively with your local FBI field office or CISA Regional Office to establish relationships in advance of any cyber incidents
The Biden Administration also encourages IT and security leaders at all companies to visit the websites of CISA and the FBI to access technical information and other useful resources. These heightened threats represent a clear and present danger for all of us. We encourage all of our agents to download the Alliant National Escrow Fraud/Social Engineeringtoday and share this information with your staff and customers.
First published in 2017 and fully updated by Alliant National’s Compliance, Risk and Education teams, the paper provides information, tips and suggestions to help you better understand the current threat environment and create a comprehensive plan that addresses the realities we face in our industry.
Time to assess cyberattack risk in light of Ukraine invasion
The paper’s release comes at a critical time as U.S. businesses brace for potential cyber warfare corresponding with recent violence in Europe. The Department of Homeland Security (DHS) issued a bulletin in January warning of the increased risk of cyberattacks in the U.S. as Russia was poised to invade Ukraine.
“We assess that Russia would consider initiating a cyberattack against the Homeland if it perceived a U.S. or NATO response to a possible Russian invasion of Ukraine threatened its long-term national security,” the agency said in the bulletin released to law enforcement partners and obtained by The Hill.
In response, the American Land Title Association warned in a recent blog that the risk of spillover cyberattacks against non-primary targets could become much more widespread.
2022: Growth of BEC/EAC
Against this backdrop of international tension, Alliant National agents continue to report an increase in attempted wire fraud schemes. These attacks are part of a growing fraud threat targeting businesses of all sizes and the general public.
The FBI refers to this threat as Business Email Compromise/Email Account Compromise (BEC/EAC). BEC/EAC fraudsters focus on organizations that perform wire transfers, making real estate especially vulnerable.
According to the FBI Internet Crime Complaint Center’s (IC3) most recent report, the center received a record number of complaints from the American public in 2020: 791,790, with reported losses exceeding $4.1 billion. This represents a 69% increase in total complaints from 2019. Business Email Compromise (BEC) schemes continued to be the costliest: 19,369 complaints with an adjusted loss of approximately $1.8 billion. Phishing scams were also prominent: 241,342 complaints, with adjusted losses of over $54 million.
Protect Your Agency
Given the increased incidence of BEC/EAC scams and ransomware attacks over the past several years, it is imperative that prevention be addressed at every level. State and federal entities, as well as most of the top tech companies are creating alliances and workgroups to stem the tide.
Title insurance companies and agents also have a role to play. Given the current nationwide threat, we encourage all agents and their staff to remain on high alert for attempted fraud, particularly when it comes to seller proceeds. We also urge agencies to remain vigilant regarding possible attempts to obtain consumer or employee PII.
Here are some immediate steps to consider:
Identify the risks your agency faces and make sure your systems are protected
Maintain strict policies and procedures for verification of wire instructions
Educate your staff and consumers about what to do when they suspect fraud
Establish protocols to quickly detect fraud and recover diverted funds
Obtain appropriate insurance, including Cyber Liability coverage
Cyber Security is Mission Critical
There is nothing more important than protecting our clients’ funds and personal information. It is mission critical for a title company to make security its highest priority in 2022. You can begin today to assess your systems and educate your staff to make sure every possible precaution has been put into place. We hope our Escrow Fraud/Social Engineering White Paper will be helpful in this work.
In addition to the release of the White Paper, Alliant National will provide updated materials throughout the year to help agents understand and respond to the threat environment we face. Of course, we’re always ready to discuss the threats we are seeing, and steps you might consider for your business. Feel free to reach out to your agency representative, or any member of the Alliant National team.
Cybersecurity was a major topic during the past 12 months. Here are a few of the top trends.
2021 was another whirlwind year – full of both difficult challenges and encouraging developments. Naturally, this extends to the cybersecurity field as well. Let’s look forward to some of the biggest cybersecurity developments and what they mean for the workplace.
Malware in the News
Most people these days have a basic understanding of malware. At the very least, they’ve heard the term before, as well as its many variations like computer viruses, worms, Trojan horses, ransomware, spyware or adware. However, 2021 was definitely the moment where cybersecurity awareness went fully mainstream. Whether it be the Colonial Pipeline and SolarWinds attacks to the explosion in phishing related to COVID-19, cybersecurity issues dominated the headlines this year like never before.
Business Responses
Unsurprisingly, this explosion in malware activity has brought a wide range of responses – many of which are quite good and include elements I’ve previously advocated for on this blog. For example, during 2021 it became abundantly clear that cybersecurity should not solely fall under the purview of IT. A secure organization requires everyone to practice safe online behavior, but to do that, employees need guidance on identifying potential threats and acting accordingly when they encounter one. Additionally, end-users often require instruction and training on proper password management.
Remote Work Security
Of course, this is only one piece of the puzzle, particularly as remote work has skyrocketed over the past year. IT professionals have had to push themselves to their limits to support their organizations through such a profound paradigm shift. They have had to contend with employees potentially using unsecured personal devices and networks; the prospect of corporate devices being stolen, lost or misused; and cybersecurity knowledge gaps amongst dispersed workforces. To compensate, businesses have adopted a wide range of approaches, including advocating for multi-factor authentication, conducting extensive WFH (work from home) security training or deploying new solutions such as virtual desktops or DaaS.
Here’s to a Successful 2022
As one year ends and another begins, it’s important to look back in addition to looking ahead. 2021 has been a difficult period for cybersecurity, affecting both IT professionals and end-users. However, by practicing due diligence, ensuring that staff is trained on best practices and making investments where necessary, firms can face the new year with a sense of optimism, knowing that they’re well-positioned to operate safely and effectively in our digital-first economy.
