In light of the increasing and ongoing wire fraud in real estate transactions, HAR recommends the following to help prevent wire fraud from happening to you or your buyer:

Fake emails from title companies or other agents appear to be one way of being defrauded. Do NOT identify the title company to be used for the closing of the transaction in the MLS remarks or in any email exchange with clients, licensees or other parties. The bad person finding out the title company could be the first step to a wire fraud;

The buyer should only have verbal discussions, on the telephone or in person, with the title company concerning wiring instructions, which should be initiated by the buyer making the contact before it’s time to wire and NOT as a result of information received in an email from the title company, bank or licensee;

Licensee should not exchange emails with anyone or any entity concerning any matter related to buyer’s wiring instructions.

NAR has prepared a suggested email notice template to inform your buyers of this issue.

Email Notice Template by NAR
IMPORTANT NOTICE: Never trust wiring instructions sent via email. Cyber criminals are hacking email accounts and sending emails with fake wiring instructions. These emails are convincing and sophisticated. Always independently confirm wiring instructions in person or via a telephone call to a trusted and verified phone number. Never wire money without double-checking that the wiring instructions are correct.

 

Protecting Your Business and Your Clients from Cyberfraud

By 2019, cybercrime will cost businesses an estimated $2 trillion annually.  Don’t be a part of that statistic!  Implement the following best practices to safeguard you, your clients, and your business from online criminals.

Best Business Practices: Develop and enforce formal policies for ensuring data security.

  • Create, maintain and follow a comprehensive Data Security Program.*
  • Create, maintain and follow a comprehensive Document Retention Policy.*
  • Avoid storing clients’ personally identifiable information for longer than absolutely necessary.  When you no longer need it, destroy it.

Best Email Practices: Unsecure email accounts are open doors to cyber criminals. Follow these guidelines to help keep that door securely shut and locked tight.

  • Whenever possible, avoid sending sensitive information via email.
  • If you must send sensitive information via email, make sure to use encrypted email.
  • Never trust contact information in unverified emails.
  • If an email looks even slightly suspicious, do not click on any links in it, and do not reply to it.
  • Clean out your email account regularly.  You can always store important emails on your hard drive.
  • Do not use free wifi to transact business.
  • Avoid using free email accounts for business.
  • Use strong passwords.
  • Change your password regularly.

Best Transaction Practices: Real estate transactions require flurries of information between numerous parties. This makes for primetime opportunities for fraudsters. How do you secure your deal?

  • From the very start of any transaction, communicate and educate.  Get all parties to the transaction up to speed on fraud “red flags,” and make sure everyone implements secure email practices.    
  • When wiring money, the person doing the wiring should pick up the telephone and call the intended recipient of the wired funds immediately prior to sending the funds in order to verify the wiring instructions.
  • Remember to use only independently verified contact information.
  • Stay paranoid.  A few years back the director of the FBI almost got taken by an email banking scam.  If it can happen to him, it can happen to us.

Best Damage Control Practices: It’s happened. A breach of data, a successful scam, a hack. What to do?

  • If a money wire has gone out, immediately contact the bank to try and stop the funds.
  • Notify all affected or potentially affected parties.  Many states have data breach notification laws.
  • Change all of your passwords.  If possible, change usernames as well.
  • Talk to your attorney.
  • Contact the police.
  • Report the breach to the FBI Internet Crime Complaint Center:  http://www.ic3.gov/default.aspx (link is external)
  • Report to your REALTOR® Associations.

Source: National Association of REALTORS®