Wire fraud in multifamily transactions: How to spot it and how to stop it
Wire fraud is a growing risk in real estate transactions. In 2022 alone, the FBI received 21,832 complaints of business email compromise (BEC) with an adjusted loss of over $2.7 billion.
“Real estate transactions are particularly vulnerable to wire fraud because they occur at a regular and (on a) reoccurring basis and typically use established, straightforward processes,” says Krista Christensen, Vice President and Manager for Cyber and Wire Fraud Strategies at Fidelity National Financial, a provider of title insurance and settlement services.
Multifamily investors, regardless of portfolio size, must be on their guard when completing property purchases, especially during closing stages.
“Fraudsters have learned the who, what and when of purchase transactions, so they know when earnest money deposits are typically sent, when in the closing process loan documents are typically finalized and when closing funds are sent,” Christensen says.
How does wire fraud occur?
Title transactions moving online has exposed vulnerabilities. It’s given rise to an increase in phishing, a fraud method in which cybercriminals attempt to impersonate reputable businesses or known parties through email to either defraud an unknowing user of money or get them to reveal sensitive information.
Business email compromise is a form of phishing and among the most common types of fraud nationwide.
“BEC is a scheme in which criminals use email to trick a person into sending funds to an account controlled by the fraudster,” says John Geronimo, Executive Director and Fraud Strategy Director with Commercial Banking at JPMorgan Chase.
BEC in a title transaction typically looks like:
- A cybercriminal gains access to a known party’s email, referred to as an email takeover.
- The cybercriminal monitors communications and waits until money is about to be moved.
- The cybercriminal uses a compromised, authentic account or spoofed email address to impersonate the known party. The cybercriminal then provides new instructions that direct the buyer to send funds to an account that the criminal controls.
“If the victim is the buyer, the spoofed email may purport to be from the escrow officer, the buyer’s real estate agent or even the buyer’s lender requesting immediate transfer of the closing funds,” Christensen says.
What are the warning signs of wire fraud?
Given the overall rise in phishing, most people know to scrutinize email addresses for irregularities that might indicate fraud. But spotting red flags isn’t always easy.
“Sometimes, the fraud attempt comes from a legitimate email address, and you just don’t know,” Geronimo says. “Even then, identifying that an ‘m’ has been replaced with ‘rn’ can be hard to spot if you’re not looking for it.”
According to Christensen, perhaps the biggest wire fraud red flag for multifamily investors is a change in wire instructions.
“It’s important to remember that it is extremely rare for a settlement company, or any other party, to change banking information in the middle of a real estate transaction,” Christensen says.
Other warning signs include:
- Emails that demand urgent action, particularly those sent at the end of the month or the beginning of bank holidays
- Outreach to the buyer through multiple mediums, e.g., texts and phone calls, regarding the wire transfer
- Emails sent outside of business operating hours
- Grammatical or spelling mistakes within communications
What can you do to prevent fraud?
Fraud prevention begins with attention to detail.
“You really need a culture of vigilance,” Geronimo says. “It’s all about having internal controls and being able to deploy them effectively.”
- Understand the transaction process: Ask your broker or agent questions about each stage of the closing process. Knowing timing and payment options (e.g., cashier’s check or wire) for finalizing closing funds is especially important.
- Be wary of changes: Be skeptical if you receive new instructions. “Buyers should assume that emails — especially those asking for sensitive information or asking for transferring of funds — are not legitimate unless, and until, they can be verified,” Christensen says. To appropriately verify communications, you can get in contact with the party in question using a trusted, verified phone number.
- Directly validate instructions with the known party: “[It’s] the best way to ensure the funds are being sent to the appropriate account,” Christensen says. “Plus, buyers should not rely on incoming phone calls purportedly from the title or settlement company to verify the banking information. There are apps that allow fraudsters to manipulate the caller ID, making the phone number appear to be from the known party.” For that same reason, it’s impossible to verify instructions through email. As Geronimo mentions, you may think you’re conversing with your attorney or title company — but you are actually dealing with a compromised account.
What should you do if you suspect wire fraud?
For fraud victims, time is of the essence.
- Request a payment recall: “Immediately contact the sending bank to request a recall due to fraud,” Christensen says. “Ask the sending bank to contact the receiving bank to request a freeze of the beneficiary account pending the recall.”
- Contact law enforcement: Geronimo suggests getting in touch with both local police as well as the nearest FBI field office. The dollar amount of the loss might dictate which has jurisdiction over the matter. In fact, it could be helpful to make this outreach proactively during regular business planning. Simply asking whom you should go to and what you should do if a crime transpires can help you prepare.
- File a report with the FBI: It’s best practice to file a report with the FBI Internet Crime Complaint Center at www.ic3.gov.
- Get additional support: Christensen recommends downloading the American Land Title Association’s rapid response plan, which you can follow step by step.
By the editorial team at Story by J.P. Morgan