As technology advances, so does the deception
The pandemic has amplified the number of scams and email attacks on individuals, companies and organizations. People are already in vulnerable places emotionally, socially, physically and mentally; Covid has only intensified fright and flight instincts. We are constantly interrupted by additional stressors.
What might have easily caught your attention on an invoice, bill or receipt, can now slip by when the mind is overwhelmed with the stress of daily life. The way people receive goods, bills, invoices and confirmations has changed during the pandemic.
Be proactive and take one worry off the list by preparing yourself and educating your clients, friends and family about current email scams. Here are four ways to identify obvious scams when shopping for company or personal resources.
When opening an email, especially one that is unexpected make sure to check the sender address. This can be the first and last stop when identifying a scam. Do you order from Amazon or Office Depot often for your business? Typically, large companies have a very streamlined and identifiable confirmation process. It might have a logo, a reprint of your order, package tracking information, etc.
Most companies have emails such as a “confirmation@” or “receipt@”, and then the company. If your typical confirmation is now coming from a different sender or source, this is a red flag. Most purchases are automated; therefore, an email about a package and confirmation that is not expected or sent at strange times is also a red flag.
The schoolteachers’ philosophy holds true: If it isn’t written correctly, it’s not correct. Many scams originate from outside of the United States and come from people who have never spoken English, or who might have only slight knowledge of English grammar and mechanics. This lack of familiarity with the language or even cultural communication can be extremely evident from the outset of the email. Unusual forms of personal address or improper labels are a signal of deceit.
Legitimate order confirmation emails should be free of spelling and punctuation errors, or words swapped for one another such as “their” and “there.” If you find such an error, take it as a signal that this email is likely a scam.
Many people are already well versed on email scams that direct you to a link. Most know not to click the link. Use this same strategy when reviewing your confirmation and order. You are usually able to scan over the item or photo and it should direct you back to the home site, whether you were shopping on Home Depot, Office Depot or Amazon. If it directs you to another site, and you can confirm this by hovering your mouse over the link, then it’s a scam. Contact your original purchaser immediately.
Most online retailers have the shopping, shipping and receipt process dialed in. Communications are auto-formatted and the email confirmation arrives in a clear, itemized order. Often items – the exact photo of the item and its link – can be found on an email confirmation.
Order receipts or requests for further action that are formatted in a strange manner should raise your suspicion. Are they asking you for additional shipping payments? Did they add your taxes incorrectly and are trying to collect? Do not fall victim to these scams. Your receipt of purchase should be clean, neat and easy to read and reference. If something is strange, then this is an identifier of a scam. In the end, trust your instincts. If something looks off, it likely is. Don’t be afraid to back out of an email or a link that feels like it might be fake. You know when something looks and behaves unlike the norm. Trust that and help yourself and your business stay safe.
Now is the time to educate yourself.
In the chaotic economic and physical landscape of 2020, the last thing any individual should have to contend with is being taken advantage of when vulnerable. Nonetheless, scammers are still looking for loopholes to victimize the innocent. Their newest tactic is a scam call “smishing.”
What is smishing? How does one become educated and protected, and how can you be proactive for the next scam?
Smishing is the practice of sending fraudulent text messages purporting to be from reputable companies to induce individuals to reveal personal information, such as passwords or credit card numbers. Smishing is basically a “phishing” scam involving the exchange of text messages or SMS messages.
Common platforms and applications that the hacker might use include a built-in smartphone messenger, iMessage, Facetime, Facebook messenger, WhatsApp, Slack, Skype and other face-to-face mobile vehicles.
Sadly, this is quickly becoming an increasingly popular and successful means of deception. Smishing is especially confusing as people often believe their cell phones are safe from hackers and scammers. Junk text messages were a rarity in years past. Nowadays such texts are common, and many businesses, including doctors, routinely text individuals to confirm appointments or prescription refills.
Due to the newer nature of this scam, and lack of education about its pathway from spam to private information, many consumers, especially those more at risk, such as the elderly, or those without internet access, are prime targets.
In prior years, there was a massive effort to educate the public about not clicking on random links in their email, and that became extremely successful. Nonetheless, criminals are finding a new path, and that is through the technology that is closest to them — cell phones.
Now is the time to educate yourself on how to differentiate spam and phishing text messages from important communication. When receiving a text message from an unknown source, here are four things to think about before responding:
- If it seems too good to be true, then it is! If you receive a generous coupon code from a place you have never heard of or an amazing incentive from a popular brand like Target, McDonald’s, Nike or others, don’t respond. Instead, check a website from the company or call the main phone number to see if the offer is legit. Don’t call a number on the text message, and never respond to an offer by texting personal information.
- Time sensitivity. If you receive a text asking for personal information to fulfill a medical or business request, and they need it ASAP, it’s a scam. A reputable company, medical office or organization is going to pick up the phone and call an individual, not text.
- Long text messages from unknown sources, including a link, are also a good indication of smishing, or phone phishing schemes. Never, click on a link from an unknown source. The link can immediately allow phishers access to confidential and valuable information from your phone. Be vigilant for text messages asking for personal information, passwords or other sensitive information.
- Does the text message have grammatical errors or strange sentence structure? While many people use talk-to-text, it would never be a means of communication for a business to connect with a customer. Another red flag is when the pronoun to your name such as Ms., Mrs., Mr., Dr., etc., is incorrect or even used at all from a stranger. Don’t respond to these messages.
What to do once smished? Delete! And if necessary, block the sender. If you are truly questioning whether a text is legit, try logging onto the internet from a different device to do some investigative work. Bottom line: You do not want to compromise the security of your personal information to anyone via text.
Be mindful of the potential hazards with an increasingly online-only landscape
As news continues to break, it becomes more and more apparent that the COVID-19 pandemic will have a lasting effect on our industry. While it’s critical that we learn to adapt amidst the crisis, it’s also imperative that we be mindful of the potential hazards that can come with shifting into an increasingly online-only landscape. Here are some of the things to watch out for as we navigate through this difficult time.
Increase in Wire Fraud and Phishing
There is no way to avoid electronic communications throughout this pandemic. Be vigilant against phishing emails, incorrect email addresses, slightly off signature blocks and dated lingo, and emails coming in at odd hours (implying the fraudster may be abroad). Always call a verified telephone number to confirm changes to wire instructions. Click on this link for more information on what to watch out for.
TIP: Have a plan in place – meet with your IT department, and talk to your insurance agent to see how you can protect yourself against these scams.
Fraud & Forgery
Unfortunately, tumultuous times often only embolden fraudsters further. That’s why it’s important now, more than ever, to treat remote closings with the same care and caution as mail-away closings. Here are some red flags common to fraud and forgery claims: (1) the property is a part of a “flip” transaction; (2) the property is vacant land; (3) the deed to the seller is a recently recorded quit claim deed. Click on this link for more red flags.
Powers of Attorney
Powers of Attorney (POA) are ripe for fraud. Carefully examine the powers that are granted in any POA, and confirm that the POA was given freely and purposefully for the intent for which it will be used. Require a fresh POA if the POA presented is more than six months old. If you have reason to question the capacity of the principal, or have questions about the validity of the POA, contact your local Alliant National underwriter for approval before proceeding.
TIP: If your state allows the use of remote online notarization (RON) technology and the county recorder will accept electronically signed instruments for recording, recommend using RON so the principal can sign the required documents instead of appointing an attorney-in-fact.
Undue Influence and Duress on the Elderly
With COVID-19 threatening the elderly more than any other demographic, we have a responsibility to ensure we’re mindful of any potential undue influence or duress from unscrupulous heirs or caregivers. If the person holding title is elderly or is sick, be sure to dig in further before agreeing to conduct the closing.
Hard Money Lenders
Hard money lenders aren’t regulated by state or federal law. Generally, hard money lenders do not collect loan applications or otherwise vet their borrowers. This practice creates a higher potential for fraud by third parties posing as legitimate borrowers. If something feels off, it probably is. For more information on what to look for with these transactions, click on this link.
Note: Seller-financed purchased money loans are not considered hard money lenders.
Crime Watch Program We take the safety of our clientele very seriously. Because of that, Alliant National offers a $1000 reward to any agent who helps identify and prevent a forgery or scam. Be sure to contact the hotline to report anything that may feel like fraudulent activity. To submit a claim for a reward, click here: https://alliantnational.com/title-claims/crime-watch-program/.
Being mindful, being aware and noting odd happenings in our digital lives can help stop these fraudulent maneuvers.
Every day, as consumers and as business people, we are confronted with obvious and often not-so-obvious attempts to steal our information, our identity and our money. Scammers have been particularly busy in recent weeks as businesses and individuals shift their activities online in response to the COVID-19 outbreak.
We are not powerless against these criminals. Being mindful, being aware and noting odd happenings in our digital lives can help stop these fraudulent maneuvers.
Here are six tips for staying safe.
1) Online purchases should be made with PayPal or with a credit card. The reason is that debit cards take the money immediately. If fraud is in progress, the delay of a credit card transaction affords the card holder a better opportunity to catch the fraud and get it corrected.
2) If it looks odd, it likely is. Sometimes, something doesn’t look or feel right. While many shoppers stick to large, legitimate shopping sites like Amazon or Barnes & Noble, shoppers also seek deals. Unfamiliar web sites or mom-and-pop sites have become adept at mimicking their supersized competitors.
See an odd “o” in Amazon that looks like a zero? Don’t buy from it. Does the eBay purchase you’re about to make have a legitimate looking url? Double check it. Make sure it’s not a fake or altered web site; pop around online and be sure the purchase comes from the authentic retailer.
3) Go slowly when responding to or clicking through eNewsletters. A sophisticated and effective way scammers can get buyers’ money is by building authentic looking eNewsletters that provide click-thrus for purchasing or for personal information confirmation. One real-life scenario involved a well-known university credit union that sends out eNewsletters regularly.
One day, the eNewsletter showed up in members’ inboxes. The eNewsletter asked the recipient to confirm their name, social security number, address and phone. When the recipient complied and clicked, “done,” all that information went to a database controlled by scammers. The bogus eNews was so well designed, it was virtually impossible to know it was fake.
4) Create new passwords and do it often. Create different passwords for different web sites and make a habit of changing them regularly. Make the passwords sophisticated. If eight or more characters are required for the password, you might consider taking the extra time to make a 16-character password that makes use of supported combinations and special characters (i.e, #,S,<, numbers and letters). There are apps that help keep passwords organized and stored. Use one.
5) Enable fraud protection. The good news is that when fraud is detected, reputable companies help make it right. The credit union fraud caused the card owner to incur over $500 in unauthorized charges. The card holder had all the money put back into her account. Enable fraud protection on all credit cards. Most banks that hold credit cards will work with the cardholder to identify the fraud and reimburse the charges. Fraud protection makes the correction easier to catch and quicker to remedy.
6) Beware of phone scams. Fraudsters are becoming more sophisticated every day in order to get you to hand over your personal information over the phone. This is true not only with voice calls, but with text messages, and smartphone apps as well.
Generally speaking, if you get a request for personal information via your phone and you did not initiate the request, chances are the request is fraudulent.
This is especially true for scam calls purportedly coming from the IRS. The IRS will always notify you by mail first if there are any issues. Then and only then will they communicate using other means to resolve the issue in question, and that is usually only when you initiate the communication with them in response to a letter you may have received.
Amy Gregory has a passion to protect, and when a customer at
Paramount Title was defrauded of $130,000, Amy pulled out all the stops to
track down the funds and then went above and beyond to ensure no customer of
hers would ever fall victim to wire fraud again.
Our story begins with an innocuous email delivered to our
homebyer on June 18, which appeared to come from the lender’s office. The email
informed our buyer that a representative from Paramount Title would call her to
confirm receipt of the funds to close.
Someone called the buyer, but it wasn’t us. A fraudster
named “Jimmy” on the other end of the line confirmed wire instructions for a
specific bank account, with the account name referencing Paramount Title, and
instructed our buyer to send funds in the amount of $130,000.
Our buyer wired the funds.
The following day our buyer checked her account and saw the
wire had been returned to her account. She replied to the email thread with the
fraudster from the previous day asking if she knew what happened and why the
funds were returned.
The fraudster told her the company’s escrow account was
under its annual tax audit and that is why her funds were returned. Then he
gave our buyer new wiring instructions for another bank account. Our buyer
called “Jimmy,” who confirmed the new writing instructions were correct.
Our buyer wired the funds again.
On June 20, our buyer received another email from the
fraudster stating there was an issue with the wire. The fraudster asked our
buyer to call her bank and request a hold be lifted off the wire. Tragically,
our buyer called her bank and obtained the federal reference number for the
The next day a representative from the receiving bank called
to say they flagged her wire transfer and they were not going to release the
funds yet because it looked suspicious.
That’s when our buyer decided to look up the title company. She then called us, the real Paramount Title, and shared her story. Our office confirmed we don’t employ anybody by the name of “Jimmy” – and this was most definitely a case of wire fraud.
This is where Amy swoops into the picture.
Amy was quick to discuss all options for our buyer to report
the crime, including offering to report the issue on her behalf. Amy contacted our
US Secret Service agent (YES, we actually have a US Secret Service agent in our
rolodex to help us in these “special” circumstances), finally reaching him at
10 o’clock at night to discuss the details of the file.
Amy wanted to see if the agent could provide any assistance
on what our buyer could do to get her money back. She conferenced in our buyer,
so she could speak directly with the agent. The agent then offered to call the
“fraudsters” bank and see how they could help.
On June 22, thanks to Amy’s tireless efforts driven by a
passion to protect, the full amount of the wire was returned to our buyer. Our
buyer closed on her home two weeks later.
“I spoke with the client shortly after the ordeal was over,
and she expressed to me how good it felt that someone had her back through the
process,” said Andrea Somers, Compliance Officer for the Florida Agency
Network. “Amy truly goes above and beyond in everything that she does.”
But our story doesn’t end there, because Amy went above and
beyond to ensure no customer of hers would ever fall victim to wire fraud
First, she implemented the website “www.inquirebeforeyouwire.com,”
a message we now we blast everywhere we can. When we receive a new contract, our
customer is informed of this very real threat. When a customer receives an
email from us, they see the Inquire Before You Wire image. It doesn’t matter
how small, or big, the transaction is.
She also implemented additional processes where phone calls
are made to the contacts on each file, to discuss wire fraud, the current fraud
trends being seen in our industry and to lay out exactly how the client will
receive wire instructions.
What’s more, Amy decided to go one step further by achieving
the Certified Anti-Money Laundering Specialist (CAMS) certification. This
achievement demonstrates Amy’s commitment and leadership in protecting our
clients and our industry. Amy feels we have a duty to protect and serve the
Amy’s passion to protect pushes our team to uphold the same
standard of care, to protect and try to prevent tragic situations involving
wire fraud from occurring on our watch again.