Wire transfer instructions are emailed to the buyer. The buyer complies with the instructions to the letter. The next day, escrow contacts the buyer asking if the money has been sent yet. The buyer checks with his bank and is assured that the funds have been transferred out. When the money has still not shown up, everyone begins to retrace steps. As it turns out, the wiring instruction was bogus. The email came from an address that looked very much like that of the escrow or title company, but it was not actually theirs.
And the recipient bank account? It was real; it just wasn't the correct one. And, yes, it has been emptied out by now.
The scheme has been perpetrated by hackers, and it has been going on around the country for a while now. Chicago Title put out an alert that described the steps involved. We summarize them here:
First, hackers identify the email accounts of real estate agents and brokers. Then they hack directly into the accounts "and identify emails referencing pending real estate deals. From these strings of emails, the hackers pull out specific details about the deal, such as: (a) the parties/ names, (b) the title company involved, (c) the escrow officer in charge of the deal, and (d) other information specific to the transaction."
Next, they send fraudulent email "directly to the buyer or lender, making it look like it was sent by the real estate agent, mortgage broker, or escrow agent. These fraudulent emails now direct the buyer and/or lender to wire the funds necessary to close escrow directly to a different bank account than provided in the preliminary report or in the escrow instructions. Obviously, this new bank account is controlled by the hacker, not the title company or the escrow holder."
Then, if the buyer, or the lender, does not detect the fraud, "the money is wired to the bogus account controlled by the hacker and is immediately withdrawn. Due to the amounts involved and the complex nature of investigating and prosecuting wire fraud, the odds are that the authorities will do nothing to help in these instances." [my emphasis]
For the most part, prevention recommendations tend to focus on the non-secure nature of most email accounts. It's a fair bet that most real estate agents do not have secure accounts and they can be easily hacked. But, in a world where Target, Sony, and the Defense Department get hacked, it is not plausible to think that most agents, escrow companies, and clients are ever going to enjoy a very high level of security.
While suggestions like two-factor authentication and encrypted emails may have their place, it is refreshing that a practical, non-technical word of advice comes from, of all places, an alert put out by the Silicon Valley Association of REALTORS®. To wit:
"Buyers and sellers should confirm all email wiring instructions directly with the escrow officer by calling the escrow officer on the telephone. In that conversation, the correct account number information should be repeated verbally before taking any steps to have the funds transferred."
Certainly, if wiring instructions are changed via email, the buyer should confirm that by phone with the escrow officer and the buyer's real estate agent.