Real Estate Fraud is Real. Best Practices for Avoiding Fraud.

Real Estate fraud is real. You need to be aware of the vulnerabilities of your transaction, and how to safeguard your information and your investment.

Beginning with internet home searches and mortgage applications, technology plays a major role in Real Estate. Most of the paperwork for a residential Real Estate transaction can be completed on line. For home buyers and sellers, this can be both convenient and alarming.

Wire fraud is currently the scam of choice, but DocuSign, the vehicle by which you place your signature on transaction documents, has also been known to be targeted.

eMail is the weakest point in a business interaction. Any email related to your Real Estate transaction, ones requesting information, requiring a specific action, or with any reference to money, should be verified with a call to the supposed sender before proceeding.

The article below was originally directed toward Real Estate agents to help them recognize fraud and help their clients steer clear. But I think it’s a piece worth reading for anyone involved in a business transaction.

Avoiding Fraud: Key Practices in Real Estate

By Suzanne De Vita

Did you know it can take cyber criminals one day to decipher an eight-character password? Did you know it can take them 591 days to figure out a 10-character one?

“It is a crime for anyone to exceed their authorized access to a computer or computer network or system,” explained Martin Hellmer, a supervisory special agent for the FBI, in a recent webinar on wire fraud. “It can be as simple as someone gaining access to someone’s email account because they’ve learned their password, to someone hacking into your computer from the other side of the world.”

Whether by compromised data, cracked passwords or phishing, real estate is a target. More and more, home buyers and sellers—and the practitioners who serve them—are reporting theft via wire fraud, in which criminals access emails, learn of a pending transaction, and then message phony wiring instructions to victims. The funds, generally, are irretrievable once sent.

Bogus DocuSign emails, emails with illegitimate referrals and ransomware are also on the rise. Aside from making off with money, criminals can filch personally identifiable information, or PII, through any or a combination of schemes.

“One of the reasons that makes real estate attractive [to criminals] is that there are smaller companies involved that may not have the security of Fortune 500 companies,” said Finley Maxon, senior counsel for the National Association of REALTORS® (NAR), on the webinar. “There’s a lot of different players.”

Carrying out these crimes is relatively simple, Hellmer noted. Criminals can easily find fraudster intel online, and hackers can interact with any one, accomplice or target, with a few keyboard strokes.

According to Hellmer, a lot of criminals conspire within the dark web. Many operate through Tor (a derivative of “The Onion Router,” developed by the federal government). Activity is concealed by layers of “relays”—”usually nine or 10 different relay nodes” in which traffic travels. With activity hidden, it can be problematic to trace.

Avoiding a breach comes down to education, Maxon said. Be cautious of changes to wiring instructions—it almost never occurs. Educate homebuyers and sellers on what to do should they get an email with information regarding a transfer.

“Educate and empower yourself, employees, business partners and clients,” urged Maxon. “It is very, very important that as real estate agents and brokers we’re talking to clients—not scaring them, but making them aware of what’s out there and what’s lurking.”