Wire fraud in multifamily transactions: How to spot it and how to stop it

Wire fraud in multifamily transactions: How to spot it and how to stop it

Wire fraud is a growing risk in real estate transactions. In 2022 alone, the FBI received 21,832 complaints of business email compromise (BEC) with an adjusted loss of over $2.7 billion.

“Real estate transactions are particularly vulnerable to wire fraud because they occur at a regular and (on a) reoccurring basis and typically use established, straightforward processes,” says Krista Christensen, Vice President and Manager for Cyber and Wire Fraud Strategies at Fidelity National Financial, a provider of title insurance and settlement services.

Multifamily investors, regardless of portfolio size, must be on their guard when completing property purchases, especially during closing stages.

“Fraudsters have learned the who, what and when of purchase transactions, so they know when earnest money deposits are typically sent, when in the closing process loan documents are typically finalized and when closing funds are sent,” Christensen says.

How does wire fraud occur?

Title transactions moving online has exposed vulnerabilities. It’s given rise to an increase in phishing, a fraud method in which cybercriminals attempt to impersonate reputable businesses or known parties through email to either defraud an unknowing user of money or get them to reveal sensitive information.

Business email compromise is a form of phishing and among the most common types of fraud nationwide.

“BEC is a scheme in which criminals use email to trick a person into sending funds to an account controlled by the fraudster,” says John Geronimo, Executive Director and Fraud Strategy Director with Commercial Banking at JPMorgan Chase.

BEC in a title transaction typically looks like:

  1. A cybercriminal gains access to a known party’s email, referred to as an email takeover.
  2. The cybercriminal monitors communications and waits until money is about to be moved.
  3. The cybercriminal uses a compromised, authentic account or spoofed email address to impersonate the known party. The cybercriminal then provides new instructions that direct the buyer to send funds to an account that the criminal controls.

“If the victim is the buyer, the spoofed email may purport to be from the escrow officer, the buyer’s real estate agent or even the buyer’s lender requesting immediate transfer of the closing funds,” Christensen says.

What are the warning signs of wire fraud?

Wire fraud quote

Given the overall rise in phishing, most people know to scrutinize email addresses for irregularities that might indicate fraud. But spotting red flags isn’t always easy.

“Sometimes, the fraud attempt comes from a legitimate email address, and you just don’t know,” Geronimo says. “Even then, identifying that an ‘m’ has been replaced with ‘rn’ can be hard to spot if you’re not looking for it.”

According to Christensen, perhaps the biggest wire fraud red flag for multifamily investors is a change in wire instructions.  

“It’s important to remember that it is extremely rare for a settlement company, or any other party, to change banking information in the middle of a real estate transaction,” Christensen says.

Other warning signs include:

  • Emails that demand urgent action, particularly those sent at the end of the month or the beginning of bank holidays
  • Outreach to the buyer through multiple mediums, e.g., texts and phone calls, regarding the wire transfer
  • Emails sent outside of business operating hours
  • Grammatical or spelling mistakes within communications

What can you do to prevent fraud?

Fraud prevention begins with attention to detail.

“You really need a culture of vigilance,” Geronimo says. “It’s all about having internal controls and being able to deploy them effectively.”

  • Understand the transaction process: Ask your broker or agent questions about each stage of the closing process. Knowing timing and payment options (e.g., cashier’s check or wire) for finalizing closing funds is especially important.
  • Be wary of changes: Be skeptical if you receive new instructions. “Buyers should assume that emails — especially those asking for sensitive information or asking for transferring of funds — are not legitimate unless, and until, they can be verified,” Christensen says. To appropriately verify communications, you can get in contact with the party in question using a trusted, verified phone number.
  • Directly validate instructions with the known party: “[It’s] the best way to ensure the funds are being sent to the appropriate account,” Christensen says. “Plus, buyers should not rely on incoming phone calls purportedly from the title or settlement company to verify the banking information. There are apps that allow fraudsters to manipulate the caller ID, making the phone number appear to be from the known party.” For that same reason, it’s impossible to verify instructions through email. As Geronimo mentions, you may think you’re conversing with your attorney or title company — but you are actually dealing with a compromised account.

What should you do if you suspect wire fraud?

For fraud victims, time is of the essence.

  • Request a payment recall: “Immediately contact the sending bank to request a recall due to fraud,” Christensen says. “Ask the sending bank to contact the receiving bank to request a freeze of the beneficiary account pending the recall.”
  • Contact law enforcement: Geronimo suggests getting in touch with both local police as well as the nearest FBI field office. The dollar amount of the loss might dictate which has jurisdiction over the matter. In fact, it could be helpful to make this outreach proactively during regular business planning. Simply asking whom you should go to and what you should do if a crime transpires can help you prepare.
  • File a report with the FBI: It’s best practice to file a report with the FBI Internet Crime Complaint Center at www.ic3.gov.
  • Get additional support: Christensen recommends downloading the American Land Title Association’s rapid response plan, which you can follow step by step.

By the editorial team at Story by J.P. Morgan
Your time is valuable. Process rent payments faster and easier online with Story by J.P. Morgan.
GET STARTED

Chase, J.P. Morgan, JPMorgan Chase, and Story by J.P. Morgan are marketing names for certain businesses of JPMorgan Chase & Co. and its affiliates and subsidiaries worldwide. “JPMorgan”, “JPMorgan Chase”, the JPMorgan Chase logo, “Story”, and “Story by J.P. Morgan” are trademarks of JPMorgan Chase Bank, N.A. JPMorgan Chase Bank, N.A. is a wholly-owned subsidiary of JPMorgan Chase & Co. Visit jpmorgan.com/cb-disclaimer for additional disclosures and disclaimers related to this content. Changes to Interbank Offered Rates (IBORs) and other benchmark rates, such as the London Interbank Offered Rate (LIBOR) are, or may in the future become, subject to ongoing international, national and other regulatory guidance, reform and proposals for reform. For more information, please consult jpmorgan.com/IBOR.

The information and materials contained herein are for informational and educational purposes only and not for business, legal, accounting, tax or any other advice. We make no representation or warranties or give any guaranties with respect to the content and hereby disclaim any and all liability for your action or inaction. Always consult your own attorney, tax advisor, accountant or other appropriate professionals.

JPMorgan Chase, 10 S. Dearborn, Mail Code: IL1-0723, Commercial Banking Marketing, Chicago, IL 60603-3403, United States.

2023 JPMorgan Chase & Co. All rights reserved. JPMorgan Chase Bank, N.A. Member FDIC. Deposits held in non-U.S. branches are not FDIC insured.