Posts Tagged ‘email fraud’

Business Email Compromise/Email Account Compromise

Business Email Compromise/Email Account Compromise (BEC/EAC). (part2)

(It’s a lot to say – SupercaliFRAUDulisticexpialidocious)

Email can be sinister. It can encourage changes (not authorized, not legitimate), it can “warn” recipients of dire circumstances if instructions are not followed, it can be shaped and branded to look like an institution all parties are familiar with, and it can assist in fraud that involves any number of untoward outcomes – like clients’ and institutions’ funds being pilfered.

The U.S. Government has a phrase for such criminal action: Business Email Compromise/Email Account Compromise (BEC/EAC). That wordy title speaks to two crimes.

Download Our Fraud Detection Guide for Agents

BEC scams are carried out by compromising legitimate business email accounts. The EAC component of the scam refers to the targeting of consumers and the lenders, real estate professionals, attorneys and others who serve them.

More information on BEC/EAC fraud prevention and recovery can be found on our Education page.

It can be daunting to try to wrap one’s brain around every single possibility and scenario that could trip someone up – and trick someone into giving away information that affords a thief the opportunity to steal funds.

Below is a list that, while not necessarily “completely memorizable” – even if studied, can serve as a red flag for knowing when something is awry.

It can serve as warning to be wary of the many and various paths that crooks can take to defraud legitimate people conducting real estate transactions.

  • Exercise extreme caution when weighing any request to change wire instructions. Encourage all parties to do the same.
  • Be wary of any email, phone call or other communication that involves threats, high pressure language (e.g. markings, assertions, or language designating the transaction request as “Urgent,” “Secret,” or “Confidential,”) or warns of “dire consequences” if immediate action isn’t taken.
  • Be wary of emails with missing or unusual subject lines.
  • Be wary of any request to change wiring instructions, especially any last-minute requests.
  • Be wary of emails that include poor spelling or grammar, are overly formal or that are written in a style uncharacteristic of the purported sender. Also, beware of emails that misuse industry terminology, for instance, references to the “HUD” instead of the “Closing Disclosure”.
  • Be wary of any unexpected emails or requests, including internal requests purportedly from executives or others.
  • Be wary of emails sent at odd hours.
  • Be wary of any communication seeking to confirm information the purported sender should already have.
  • Beware of sudden changes in business practices. For example, if a current business contact suddenly asks to be contacted via a personal email address, it’s best to verify the legitimacy of the request via other channels.
  • Review monthly escrow statements from the Receiving Bank (the one holding the agent’s escrow account) as soon as available to verify that all expected funds have actually been received.
  • Have a written agreement in place with the Receiving Bank (the agent’s bank which holds the escrow account and receives the agent’s payment order) that the Receiving Bank will match all names, addresses, account numbers, routing number and beneficiary bank name on the payment order with where and to whom the funds are actually sent. Or put instructions on the payment order for the Receiving Bank to verify authorization by matching all of this information.
  • Emailed transaction instructions directing wire transfers to a foreign bank account that has been documented in customer complaints as the destination of fraudulent transactions.
  • Emailed transaction instructions directing payment to a beneficiary with which the customer has no payment history or documented business relationship, and the payment is in an amount similar to or in excess of payments sent to beneficiaries whom the customer has historically paid.
  • Emailed transaction instructions delivered in a way that would give the financial institution limited time or opportunity to confirm the authenticity of the requested transaction.
  • Emailed transaction instructions originating from a customer’s employee who is a newly authorized person on the account or is an authorized person who has not previously sent wire transfer instructions.
  • A customer’s employee or representative emailing financial institution transaction instructions on behalf of the customer that are based exclusively on email communications originating from executives, attorneys, or their designees when the customer’s employee or representative indicates he/she has been unable to verify the transactions with such executives, attorneys, or designees.
  • A customer emailing transaction requests for additional payments immediately following a successful payment to an account not previously used by the customer to pay its suppliers/vendors. Such behavior may be consistent with a criminal attempting to issue additional unauthorized payments upon learning that a fraudulent payment was successful.

Review and revisit this list of tips when handling suspicious wire requests, before the exchange of funds takes place.

  • Verify all wire instructions with an alternate method of communication.
  • Check emails to ensure the sender’s address has not been altered. Fraudsters typically use email addresses that closely resemble a seller’s (or any party’s) actual email address.
  • Do not open unknown or unverified hyperlinks or downloads. Tip: Hovering your mouse over the sender’s email address may reveal a different email address. Caution: Do not hover over unknown links within the body of a suspect email. Security experts formerly recommended hovering as a way to determine the validity of such links. However, newer strains of malware may infect a computer when the user merely hovers over the link.
  • Delete unsolicited emails from unknown sources.
  • In the case of an invoice, verify any changes in vendor payment location and confirm requests for transfer of funds.

Download Our Fraud Detection Guide for Agents

human-hand-unlocking-a-queue-barrier-on-white-picture

Don’t Get Shut Down Due to “Spam”

Don’t think you can download or even ask for someone else’s email address list unless you know for certain those recipients – each and every one of them – has opted into receive your content.

We’ve previously offered our thoughts on the importance of a well-built email list of customers.

While some consider email “old-school” in the face of loads of social media platforms and texting, beautifully built content contained on your website, email still connects you to your audience in ways social media platforms might not.

You need email addresses. You need new email addresses. You need an email distribution list that is constantly growing and evolving.

Why?

Because engaging your clients and colleagues in a narrative about your business, while also providing useful information, is powerful in establishing you as an industry leader and establishing your brand.

But don’t think you can download or even ask for someone else’s email address list unless you know for certain those recipients – each and every one of them – has opted into receive your content.

To do otherwise, to poach or duplicate or take anyone else’s email address list without first getting a recipient’s okay to receive – or better, without getting the recipient’s email address directly from them – is “spamming,” and the implications are not pretty.

Spamming your audience could result in getting permanently banned from your recipient’s inbox such as if she hits the “do not contact” button or flags you as spam on her email client. Spamming your audience can even result in getting yourself permanently banned from your email management service.

When you think about it, sending unsolicited emails is not even helpful toward getting your message to the masses because these recipients have expressed zero interest in your offer – they may not even know who you are.

You’re better off taking the slow and steady approach to building your email database. Here are just a few ideas for building your email database:

  1. Create an email subscription form for your blog
  2. Promote contests that require an email address for entry
  3. Offer downloads that are accessible only by volunteering an email address
  4. Share a subscribe link to your social media pages

Always tell your would-be subscribers what they should expect. Do you email once per month or once a week? What type of information is included in your distributions?

By building your email list the right way, you’ll ensure you have quality contacts who are more likely to engage with your message.

data security

Don’t even hover your cursor over unknown or unverified links to stay safe from wire fraud

The title and settlement industry is blessed with great people, and that makes sense because our industry is built on being helpful.

We all want a smooth, efficient transaction for everyone involved. Unfortunately, our desire to be helpful and to keep things moving makes us a prime target for wire fraud.

So, how careful do we need to be when verifying the legitimacy of an email or even an incoming phone call?

Very careful.

Fraudsters know about us. They know how busy we can be, and they know how to prey on our traits to overcome our data and escrow security training.

They aren’t just looking to trick us. They aren’t practical jokers. They are truly insidious “social engineers.”

FRAUD WATCH: What is the business email compromise?

Wire fraud attempts are very common in the title industry. A typical wire fraud scheme, encountered by some of our agents, is known as a business email compromise (“BEC”). In this scheme, the fraudster has hacked into a party’s email account. The fraudster then lies in wait, they read the outgoing and incoming emails waiting for a sales transaction to occur.

Let’s Connect

Discover more stories and conversations on our social media networks,
or drop us a line on our contact page.


The Independent Underwriter for the Independent Agent®