Real Estate Wire Fraud: Who is Liable?

Written By Tom Kelly

I was talking to a FBI cyber agent, about real estate wire fraud, while back, and he he’s had the same experience that we’ve had in the hundreds of wire fraud cases he’s investigated;

“It’s almost always been the real estate agents, lenders, or title companies whose emails were compromised.” -FBI Cyber Agent

If your real estate transaction has fallen victim to wire fraud. THIS IS SERIOUS. We strongly recommend seeking professional help to determine what happened, stop more wire fraud from occurring, and determine if you can recoup the money. Call our CyberSecurity Emergency Hotline. 

Wire fraud in real estate is almost always linked with Business Email Compromise (BEC) and in some rare cases even phone numbers being hijacked.

Who Typically Bears Liability in Real Estate Wire Fraud?

  1. The Seller: Sellers typically have the least liability when it comes to wire fraud. Their primary focus is on selling the property, and they may not have a direct hand in the closing process.

  2. The Buyer: Buyers usually only bear some liability for what they wire; escrow, fees, down payment, or maybe cash transactions. There is some burden on them to verify the wire instructions. But they have legal recourse options. This is if they are misled into wiring funds to a fraudulent account.

  3. Real Estate Agents: They are responsible for sharing important financial information, including closing details. If an agent fails to take reasonable security measures to prevent wire fraud and business email compromise, they may be held liable, both professionally and financially. Their license comes with a duty to secure customer information.

    Real Estate agents usually have some liability if their email was compromised exposing information about the deal that was then used to trick the victim into wiring money to the fraudulent account. It is also possible the fraudulent email could come from their email address.

  4. Title Companies: Title companies often handle the financial aspects of real estate transactions. They are responsible for coordinating the wire transfer of funds between parties. If wire transfer instructions come from their email, or they exposed the transaction information they  will likely face liability, especially if they failed to implement proper security measures. This is common.

  5. Lenders: In some cases, lenders are involved in the wire transfer process, providing mortgage funds for the purchase. Lenders must also take steps to verify the legitimacy of wire transfer instructions. If they fail to do so, they may share liability for the losses incurred. It’s also not uncommon for their emails to be compromised to gain transaction information which can open up liability.

The Factors of Real Estate Wire Fraud Liability: Do these apply to you?

  1. Whose security was compromised? 

    1. Whose Email was compromised?

    2. Who exposed the transaction information?

    3. What information was exposed?

    4. What email did wire instructions come from?

  2. Who Wired the funds? Did they verify the instructions with anyone? How did the Verify?

  3. Disclosures? Did the title, real estate company include notices like “Always independently confirm wiring instructions in person or via a telephone call to a trusted and verified phone number. Never wire money without double-checking that the wiring instructions are correct.” 

  4. Reasonable Security? Did the companies provide regular security awareness training for employees? Password Hygiene? Multi-Factor Authentication? The boring stuff.

What Are Your Options After a Real Estate Wire Fraud Incident?

  • IF YOUR SECURITY WAS COMPROMISED: You need to Investigate and assess the situation to regain control of your IT systems, and then prepare your defense and compliance requirements or your license could be at risk. Call our hotline. This is what we specialize in.

  • IF YOUR SECURITY WAS NOT COMPROMISED: We recommend you get an investigation report from cybersecurity incident response company (like us) this will help prove you are not liable, and can help with recovering funds in litigation.

  • IF YOU DO NOT KNOW: We recommend Investigating; assess the situation and examine options. That’s what we help with; call our hotline.

In the end of the day you are responsible for your computers, accounts, and IT systems and how they are used. The “cloud” providers are responsible for the security of the platform, you’re responsible for the security of the account.

How did the Business Email Compromise Happen:

Business Email Compromise (BEC) is a form of cyberattack where fraudsters gain access to and/or mimic legitimate email accounts, particularly those of key figures in a real estate transaction, usually the real estate agents, title companies, or lenders.

  1. They typically gain access to the email through compromised credentials, this can be from phishing credentials or buying compromised credentials on the dark web, after all most people use the same email and password combination across multiple accounts. In more sophisticated cases this can be done with malware on the target’s computer or hosted email servers, like Microsoft exchange. You get the point.

  2. Once inside the business email accounts, cybercriminals gather information about the transaction(s), including the parties involved, transaction timelines, and even the specific nature of the deal.

  3. The scammer uses the information to craft convincing emails that appear genuine with wire instructions for the real estate closing. These emails will often come from the agent or title company’s compromised email. Often they contain urgent or time-sensitive instructions, increasing the pressure on recipients to respond quickly. Scammers often exploit trust and authority dynamics to trick recipients into complying with their instructions.This has become easier to do with remote closings.

But it's not uncommon for the lender’s email or real estate agent’s email to be compromised which exposes the transaction information, then the criminals will spoof the title company’s email (basically send email appearing to come from them). Another common tactic is typo squatting; buying a similar domain to send the email from like bob@raelstate.com instead of bob@realestate.com.

Litigation

Liability in real estate wire fraud can vary depending on the specific circumstances and factors discussed. Legal recourse may involve pursuing the responsible parties for damages incurred. Buyers, sellers, and agents may seek legal remedies in the event of wire fraud and BEC, with the goal of recovering lost funds.

Get Professional Help - Mitigate Damages of Real Estate Wire Fraud

If your real estate transaction has fallen victim to wire fraud, we’re here to help. We can investigate what happened, your potential liability, your options, and help eliminate the compromise.

This is not intended to be legal advice. We are happy to help put you in touch with a cybersecurity and/or data privacy attorney as part of the process.




The Cybersecurity Emergency Team

Phoenix, Arizona Based

Nation Wide Cybersecurity Emergency Services



Tom Kelly
Previous

How to Tell if Your WiFi is Hacked
Next

Mac Hacked: Signs Your MacBooks' Security is Compromised