Commercial Real Estate
Wire fraud in multifamily transactions: How to spot it and how to stop it
Wire fraud is a risk that all multifamily owners and operators need to guard against. Read this article for helpful information on how to protect your operation, with tips from experts.
Wire fraud is a growing risk in real estate transactions. According to FBI statistics, in 2020 there were 13,638 reported victims of wire fraud in real estate, leading to losses of more than $213 million.
“Real estate transactions are particularly vulnerable to wire fraud because they occur at a regular and [on a] reoccurring basis and typically use established, straightforward processes,” says Krista Christensen, Vice President and Manager for Cyber and Wire Fraud Strategies at Fidelity National Financial, a provider of title insurance and settlement services.
That threat spreads to multifamily investors, both large and small, who must be on their guard when completing a property purchase, especially during closing stages.
“Fraudsters have learned the who, what, and when of purchase transactions, so they know when earnest money deposits are typically sent, when in the closing process loan documents are typically finalized, and when closing funds are sent,” Christensen says.
As the risks continue to increase, it’s important for multifamily investors to understand how wire fraud unfolds in real estate title transactions and what they can do to prevent it.
How does wire fraud occur?
Most title transaction processes have shifted online, a trend accelerated by the COVID-19 pandemic. Although this change has created efficiencies, it has also exposed vulnerabilities.
It has given rise to an increase in phishing, a fraud method in which criminals attempt to impersonate reputable businesses or known parties through email. The goal of phishing is to either defraud an unknowing user of money or get them to reveal sensitive information. The FBI said there were 241,342 phishing complaints filed in 2020, an increase from the 114,702 complaints observed in 2019, 114,702.
Business email compromise is a form of phishing and among the most common types of fraud nationwide. It uses social engineering and computer intrusion methods to divert funds and is routinely deployed in fraud attempts directed at multifamily investors.
“BEC, simply, is a scam or scheme in which criminals use email to induce or trick a person into sending funds to an account controlled by the fraudster,” says John Geronimo, Executive Director and Fraud Strategy Director for Commercial Banking at JPMorgan Chase.
But what exactly does BEC look like in the context of a title transaction?
- A criminal gains access to a known party’s email, referred to as an email takeover.
- The criminal monitors communications and waits for the moment when money is about to be moved.
- The criminal uses a compromised account or spoofed email address to impersonate the known party. The criminal then provides new instructions that direct the buyer to send funds to an account that the criminal controls.
Fraudsters, true to their nature, are opportunistic and will manipulate any account they can access or impersonate.
“If the victim is the buyer, the spoofed email may purport to be from the escrow officer, the buyer’s real estate agent, or even the buyer’s lender, requesting immediate transfer of the closing funds,” Christensen says.
Say a fraudster was able to compromise the email account of a settlement company representative. They might then send a message to the buyer stating that, due to COVID-19, all closing funds must be wired that day to avoid closing delays. To discourage the buyer from inquiring with the real party, the email may say the sender will be with clients, traveling, or otherwise unavailable.
What are the warning signs of wire fraud?
Given the overall rise in phishing, most online users know to scrutinize email addresses for irregularities that might indicate fraud. But spotting red flags isn’t always simple.
“Sometimes, the fraud attempt comes from a [legitimate] email address, and you just don’t know,” Geronimo says. “Even then, identifying that an ‘m’ has been replaced with ‘rn’ can be hard to spot if you’re not looking for it.”
According to Christensen, perhaps the biggest wire fraud red flag for multifamily investors is a change in wire instructions.
“It’s important to remember that it is extremely rare for a settlement company, or any other party, to change banking information in the middle of a real estate transaction,” Christensen says.
Other warning signs include:
- Emails that demand urgent action, particularly those sent at the end of the month or the beginning of bank holidays
- Outreach to the buyer through multiple mediums, e.g., texts and phone calls, regarding the wire transfer
- Emails that are sent outside of business operating hours
- Grammatical errors or spelling mistakes within communications
What can you do to prevent fraud?
Fraud prevention begins with attention to detail.
“You really need a culture of vigilance,” Geronimo says. “It’s all about having internal controls and being able to deploy them effectively.”
As a buyer, it’s critical that you understand the transaction process flow. Ask your real estate professional questions about each stage of the closing process. Knowing timing and payment options (e.g., cashier’s check or wire) for finalizing closing funds is especially important.
Geronimo adds that buyers should always operate from a place of initial skepticism when they receive new instructions. Christensen agrees.
“Buyer should assume that emails — especially those asking for sensitive information or asking for transferring of funds — are not legitimate unless, and until, they can be verified,” she says.
To appropriately verify communications, you can get in contact with the party in question using a trusted, verified phone number.
Directly validating the instructions with the known party “is the best way to ensure the funds are being sent to the appropriate account,” Christensen says. “Plus, buyers should not rely on incoming phone calls purportedly from the title or settlement company to verify the banking information. There are apps that allow fraudsters to manipulate the caller ID, making the phone number appear to be from the known party.”
For that same reason, it’s impossible to verify instructions through email. As Geronimo mentions, you may think you’re conversing with your attorney or title company — but you are actually dealing with a compromised account.
What should you do if you suspect wire fraud?
Time is of the essence if you believe you’re the victim of fraud.
“The first step for the victim to take is to immediately contact the sending bank to request a recall due to fraud,” Christensen says. ”While requesting the recall due to fraud, the victim should ask the sending bank to contact the receiving bank to request a freeze of the beneficiary account pending the recall.”
The next step is to contact law enforcement.
In the event you believe fraud has occurred, Geronimo suggests getting in touch with both local police as well as the nearest FBI field office. The dollar size of the loss may dictate which has jurisdiction over the matter.
In fact, it could be helpful to make this outreach proactively during regular business planning, not tied to any one wire transfer. Simply asking who you should go to and what you should do if a crime transpires ensures you’re prepared. It can be difficult to navigate the process once you’re in the middle of a fraud-related loss.
Finally, it’s best practice to file a report with the FBI Internet Crime Complaint Center at www.ic3.gov.
For additional support, Christensen recommends downloading the American Land Title Association’s rapid response plan, which you can follow step by step.
Internet Crime Report 2020, FBI IC3; March 2021
Rapid Response for Wire Fraud Incidents, ALTA; August 2018