Everyone knows if something sounds too good to be true then it probably is, right? Well, remember that as you make sure you, your business and your customers are safe from scammers these days.
In fact, Realtors and title insurance companies are becoming two of the most popular victims for criminals targeting the unsuspecting public. Not only are such scams a bad thing for your customers, they certainly won’t cast you in a very good light if your likeness is being used in a scheme targeting the clients you work so hard for.
Look at some of these recent headlines from around the country.
The people behind these scams are really good. It’s not often a state supreme court justice gets tricked. You need to do all you can to protect yourself – and your clients.
How does such a thing happen?
Scammers often use phishing emails to get login credentials for Realtors (or lender/title companies) Yes, we know you know what a phishing email looks like. You probably get several a week – if not a day (though a good spam filter will keep many at bay). These damaging messages look like legitimate emails, but if you let your guard down and click on their links, they can steal your information and send it to criminals. Once they know how to login in to your system and contact your customers, they wait for their opportunity to use this new information for their gain.
This is bad for you, bad for all of us in the real estate industry. Once scammers know how to login, they’ll monitor your e-mail activity, just lurking around, waiting for a potential target. A few days before a deal is officially closed, scammers will send a fraudulent email that appears to be from you or the title company. In some cases, they spoof the title company’s actual email address. That means they can make it appear that the message is coming from whomever they want. Scammers also like to use accounts that are just one or two letters off from the account they are trying to impersonate. Remind your people to double-check email addresses.
The unsuspecting buyer wires the money according to the fraudulent instructions. Often, that message will tell the buyer that there was a last-minute change and that the money for the deal needs to be deposited in a different place that what was agreed upon.
That new bank is obviously one that they control – and one you’ll never have access to. That means that the scammer and his cohorts will have all the buyer’s money, and the deal will be dead. No money for you, which of course, is only secondary to the fact that you have a distraught client who was schemed by someone they thought was you.
Not an ideal situation for anyone involved, except the newly-wealthy criminal.
Though Realtors and title companies have no direct role in these sort of scams, such parties can be held negligent – or even liable – if a client falls victim to a scam if it can be proven that steps were not taken to protect the client’s privacy or security. That is in accordance with the Consumer Financial Protection Bureau (CFPB).
So not only is it good practice to make buyer’s aware of potential scams, it’s the law. (We hope you don’t need the threat of legal action to want to keep your customers safe, but just in case.)
How can I protect myself?
There are several things you can do to greatly reduce your chance of getting caught up in this scam. Most of them are easy and free. Feel free to share our tips below with anyone you think could use a friendly reminder. Here is what we tell people who work with Sky Title:
Be clear with your clients about the role of a title and escrow company.
The first thing to do is reminding your client to NEVER wire money without confirming with the escrow agent first. Tell them if they get an email that you didn’t personally tell them they would receive to be suspicious. Remind them if they have any doubt of a message’s authenticity they can call you personally or check with the title company. Always be willing to confirm that a step in the process is legitimate and convey that to every client.
Also, be sure to specify what your role is – and is not – in the transaction. In addition, encourage your clients to call the title and escrow company well in advance of closing. That way, they will already know who is assigned to their transaction.
Use good email practices
Never click a link in an email you’re not expecting. It’s good practice that if you’re unsure about a message to call the supposed sender or get your IT team involved.
Password strength is just as important too. Use unique passwords, and change them often. For the record, Password1 or abc123 are NOT secure. Pick hard security questions. Your mother’s maiden name is no longer to be used for anything important. Think about how easy that would be to figure out for someone putting forth just a little bit of effort. Thanks for nothing, Facebook.
Use your title company… in a good way of course. After all, they’re fighting this crisis too. Share the information you have about scammers with them. You’ll both benefit. After all, if your title company is not concerned about scammers, you should be concerned about them. A good title company has an Escrow Security Bond and a Cyber Liability Policy in place already. You can bet Sky Title does.