What /
Example: (From an Article via American Land Title Association Website.
Title
and settlement agents should always be aware of fraudulent email schemes that
attempt to divert escrow funds to unauthorized accounts. Now, there’s a new
wrinkle in cyber attacks hitting the title and settlement industry. An
independent escrow company in Southern California received a “legit-looking”
email from a lender confirming two wire instructions for a total of $650,000.
Instead of verifying the wire confirmations through the lender’s website, the
escrow company took the word of the email.
The
escrow company then disbursed off the confirmation sending $650,000 to a
fraudulent account to a party that didn’t exist. Unfortunately, the email was
a fake and the money was never there. One of the wires was recalled.
Unfortunately, the second wire was not and the consumer lost $133,000.
Title
and settlement agents need to know that this can happen to them. When the
agent gets a wire confirmation from a lender, they should not disburse until
they verify the instructions on their website. Companies need a formalized
policy of confirming disbursements online. Agents should call their lender if
confirming wires online is not an option.
You
should revisit your procedures and ensure your disbursal agents are aware of the
risk and your procedures – be sure you confirm this in writing from a
liability – risk positions.
The
Recent attempt to Perpetrate this Scam in Georgia:
1. It appears to
originate from an email that states “Download your document from Google Drive”
or something of that nature. I believe we have had some of these come over.
2. The next step
includes a hack into the email, preferably a mortgage person, lender, or
attorney which gives access to people sending out Wire instructions or even
simply Closing Disclosures identifying emails of people in the transaction.
3. The hacker will
then send or change wire instructions to the account of their choice from the
email they hacked. The agent never really knows the issue until the money has
been sent and taken by the hacker. Generally the fail point happens when the
funds for close are not there.
4. There have also
been reports of hackers calling in, referencing the borrower and stating they
are from BBT or whomever and sending in new wire instructions.
The
sharing Credit Union on this one asked to remain anonymous, but if you feel a
need to talk I will inquire into whether they might wish to consider private
discussion.
|