Your client saved up tens of thousands of dollars to buy a home. They found the right one after weeks of hunting. Their offer was accepted. They made it through the inspection process. Now, it’s finally time to close.

Your client saved up tens of thousands of dollars to buy a home. They found the right one after weeks of hunting. Their offer was accepted. They made it through the inspection process. Now, it’s finally time to close.

Then a cybercriminal posing as an attorney or a real estate professional fools your client into wiring the down payment to him or her instead of the seller.

Poof! The money is gone, the buyer has lost the house, you’ve lost your commission, and adding insult to injury, confidential personal information has been compromised too — all due to a successful phishing scam.

This hideous scenario has become all too real, and it could turn the American dream of homeownership into a nightmare for unsuspecting consumers and a huge business headache for brokers and agents. Awareness is all the more important now that the spring housing market is heating up.

Real estate scams are increasing

Down payment theft is an increasingly popular tactic that falls under “business email compromise,” which according to the FBI, was responsible for 40,203 incidents in 2013 and 2016 and $5 billion-plus in losses. Real estate-related scams increased in the number of complaints filed by title companies by 480 percent in 2016.

 

Down payment scams take advantage of people’s trusting nature and inclination to follow what seems like a legitimate process. Homebuyers and agents could be especially vulnerable after navigating a tight housing market that has left them looking forward to a fast closing.

In a typical attack, hackers compromise the email account of a person or professional involved in an upcoming transaction. They wait for just before the buyer is set to wire funds, and then pounce.

They impersonate the real estate pro, title company or attorney in an email, say there has been a late change to the wiring instructions, for example, the mortgage company switched banks and buyers should wire the closing costs to a different account, which actually belongs to the hackers.

Not only is the prospective homeowner’s money probably gone forever, but personal data such as Social Security numbers, addresses and bank information likely has been compromised as well.

In another threat, attackers are becoming increasingly sneaky in impersonating web services such as DocuSign, Microsoft Outlook and Google Drives that are often used in real estate transactions. Again, they’re taking advantage of human nature — when someone receives an email from what seems to be one of these trusted services, one’s first instinct is usually to just follow the directions.

Unfortunately, criminals are using these brands to entice victims into logging into bogus websites and freely enter their information, which gives complete access to their email accounts.

What consumers can do to protect themselves

Now more than ever, homebuyers and real estate agents must protect themselves from the horrible down payment scam. Real estate agents can proactively take steps to warn buyers about the nefarious characters out there.

Here is a six-part checklist to give your clients:

  1. Carefully examine any email request for transfers of funds. Does anything seem out of the ordinary? Follow your gut.
  2. Beware of a sudden change, such as a request to wire money to a different, unfamiliar party.
  3. If you have doubts whether an email sender is genuine, don’t use the “reply” function. Instead, use “forward” and type in the email address you know to be valid.
  4. Immediately delete email from a sender who seems suspicious. Do not click on links or open attachments, as they often contain malware that will hand over access to your computer.
  5. Be careful what you post to social media. Announcing on Facebook that you’re about to close on a new house might not be a good idea.
  6. Last but not least, do not rely on email to confirm requests for transfers of funds. Pick up the phone, and make a call.

Sadly, as online fraudsters become more sophisticated, real estate agents and their clients must become smarter about their tricks.

Asaf Cidon is the vice president of email security at Barracuda Networks in California. Follow him on Twitter, or connect with him on LinkedIn.

Show Comments Hide Comments
Sign up for Inman’s Morning Headlines
What you need to know to start your day with all the latest industry developments
By submitting your email address, you agree to receive marketing emails from Inman.
Success!
Thank you for subscribing to Morning Headlines.
Back to top
×
Log in
If you created your account with Google or Facebook
Don't have an account?
Forgot your password?
No Problem

Simply enter the email address you used to create your account and click "Reset Password". You will receive additional instructions via email.

Forgot your username? If so please contact customer support at (510) 658-9252

Password Reset Confirmation

Password Reset Instructions have been sent to

Subscribe to The Weekender
Get the week's leading headlines delivered straight to your inbox.
Top headlines from around the real estate industry. Breaking news as it happens.
15 stories covering tech, special reports, video and opinion.
Unique features from hacker profiles to portal watch and video interviews.
Unique features from hacker profiles to portal watch and video interviews.
It looks like you’re already a Select Member!
To subscribe to exclusive newsletters, visit your email preferences in the account settings.
Up-to-the-minute news and interviews in your inbox, ticket discounts for Inman events and more
1-Step CheckoutPay with a credit card
By continuing, you agree to Inman’s Terms of Use and Privacy Policy.

You will be charged . Your subscription will automatically renew for on . For more details on our payment terms and how to cancel, click here.

Interested in a group subscription?
Finish setting up your subscription
×