Earlier this summer, a North Carolina real estate firm reported a significant wire fraud in which a loan payoff statement was diverted and modified before transmitted to the attorney. The firm then wired the payoff to a fraudulent account resulting in a significant loss.
For several years, increasingly sophisticated frauds have been perpetrated to steal Seller’s net proceeds and, later, buyer’s incoming funds necessary to close. This new fraud was the first in which we know a payoff statement was altered and a loan payoff intercepted. Unfortunately, crime insurers advise us this fraud has been repeated multiple times across the nation.
As for the basic details, the firm routinely requested and received loan payoffs via facsimile transmissions, which were received by an online fax service vendor and then forwarded to a designated email account with the firm. The law firm’s account was compromised by a criminal hacker, which monitored all incoming faxes. Non-wiring instructions were quickly forwarded to the attorney’s designated account to prevent detection. However, faxes containing wiring instructions were modified to change the payoff account information, and then forwarded to the attorney. The altered payoff instructions had no obvious indicia of fraud, appearing identical to the legitimate instructions. As this was a new scam, the attorney was not able to learn from the experience of others.
Now that some of the details are known, we encourage all of our insureds to take these precautions to avoid falling victim:
Faxes should not be assumed any safer or more secure than email. A quick google search under the term ‘fax spoofing’ reveals how easy it is to send spoofed faxes for free from any mobile device.
More secured versions of fax services should be used. Both stored pages and the data which is transmitted should be encrypted and only sent using secured email.
The fax account should be regularly monitored to verify faxes are only being forwarded to the correct designated email account.
As with email accounts, proper password security procedures should be followed, including making sure passwords are significantly complicated and changed frequently. Passwords should not be shared among different users or between different accounts or services accessed by the same user. For real estate practitioners, passwords should be in compliance with the ALTA Best Practices.
When it is not possible to verify the validity of the payoff account information, we encourage all attorneys to either overnight or hand deliver payoffs. This is especially the case if the payoff account is different than previously used for the same lender.
All attorneys should consider cyber, crime insurance and/or other insurance policies which cover social engineering fraud. Working with an agent experienced with law firms is key to getting appropriate coverage and value.
Troy is Managing Counsel for LM Title Agency, LLC, a wholly owned subsidiary of Lawyers Mutual serving attorneys throughout North Carolina. Prior to heading the title agency, he worked for Lawyers Mutual as Claims Counsel, focusing primarily on real estate, fraud and technology related claims. His experience includes working as Claims and Subrogation Counsel for a title insurance underwriter and eight years in private practice handing real estate litigation, commercial transactions and residential closings. Contact Troy directly at 919-585-1182 or email@example.com.