For most people, the process of buying or selling a home involves the largest transfer of money they’ll make in their lifetimes. From down payments to closing costs to mortgage payoffs, billions of dollars change hands in real estate transactions every year. This is why it’s no surprise that cyber criminals regard the vast real estate market as one huge opportunity to defraud people and steal their money.

However, the sheer amount of real estate cybercrime (such as title and deed fraud, in which hackers impersonate a title company or Realtor and misdirect transfers of funds) taking place today is a surprise. We’ve seen an unprecedented explosion in cyberscams targeting home buyers, sellers and the companies they work with to complete real estate transactions. These scams are costing people hundreds of millions of dollars each year.

As with the overwhelming majority of cyberattacks, the most effective defense against real estate fraud is awareness. It’s vital to know who you’re communicating with, what warning signs to look for and how to confirm the legitimacy of documents and requests — especially if they involve large transfers of money. While real estate cyberfraud is becoming more widespread and financially destructive all the time, there are many ways to fight back.

How real estate cyberscams work

One of the most common real estate scams is business email compromise (the costliest type of cyber attack, according to the FBI). A hacker will break into the email account of a title company or Realtor and instruct a homebuyer to send funds (ostensibly to close a deal) to a fraudulent account. By the time the victim realizes that the money wasn’t sent to a legitimate account, the hackers have transferred it to a new account, closed the first one and disappeared.

Companies don’t have to be infiltrated for this type of scam to work. Hackers will also steal personal information from other sources (large-scale data breaches at companies like Equifax can put this information up for grabs) and use it to manipulate their targets. And homebuyers aren’t the only ones who are fooled — title companies, escrow companies and other entities that handle funds have also made the mistake of transferring money into fraudulent accounts.

It isn’t just wire fraud that home buyers have to be on their guard against. Title and deed fraud is also a rapidly emerging cyber threat in the real estate industry. This type of attack relies on identity theft. Cyber criminals steal your personal information so they can change the name on a title or deed and use the equity you’ve spent a lifetime building to secure fraudulent loans.

In some cases, the thieves even sell homes that don’t belong to them. Title and deed fraud can lead to foreclosure, damaged credit ratings and other crippling financial blows to homeowners.

Homeowners who have vacation homes, rental properties or secondary real estate of any kind are especially at risk of title and deed fraud. Not only is it harder to keep track of documentation for multiple properties, but these homeowners are also liable to ignore foreclosure notices and other alerts that could reveal fraudulent activity.

This gives criminals more time to take out illegitimate loans and disappear before raising any red flags. The same applies to homeowners who have inherited properties. They often have no intention of selling, renting or living in the home for a protracted period of time, which puts them at increased risk of undetected fraud.

Rosenthal explains that the nature of her business provides ample opportunities for criminals to steal information and infiltrate private communications: “The problem in our world is that you’re moving so quickly all the time. And you’re having to verify and reverify information over and over.”

But she says the “main thing to watch out for is email being hacked and secondary wire instructions being sent.” This is why Rosenthal’s company observes a concrete set of policies to mitigate the risk of fraud, such as independently verifying the legitimacy of financial institutions or any other entities involved in wire transfers.

Because real estate transactions involve so much personal information shared with many different parties (realtors, lawyers, title companies, financial institutions and so on), they can make home buyers particularly vulnerable to identity theft. As noted above, this can lead to title and deed fraud, as well as a wide range of other negative consequences (such as compromised accounts).

Cyber criminals are drawn to real estate transactions because there’s often a large amount of money involved, along with many attack vectors to exploit. As more and more hackers take advantage of these realities, homebuyers and those who facilitate real estate transactions need to be on their guard.

How home buyers can protect themselves

Like any other social engineering attack, real estate cyber scams work against victims who aren’t trained to notice when something is wrong and take steps to defend themselves. So here are some of the most effective ways home buyers can do exactly that:

Look for wire transfer alarm bells

If a title company, lender, or anyone else tells you the details of a wire transfer have changed, alarm bells should be ringing. Make sure you confirm all transfers with a phone call or in person, and follow up with the recipient to make sure the funds were distributed properly. And never rely on phone numbers that can be found on documents received via email — verify numbers and any other contact information independently by checking legitimate websites and publications.

Triple check documents for discrepancies

Check for discrepancies in any documents and emails you receive — different formatting, contact information, names and so on should all be cause for alarm. Rosenthal observes that the “best-case scenario is original disbursement instructions that come directly from the seller and are signed by the seller in person.” Another reliable way to confirm account information is with a legitimate voided check, but this should be confirmed with the account holder as well.

Only work with professionals you trust

Make sure you find real estate agents, lenders, lawyers and other professionals you trust, and ask about the cybersecurity safeguards they have in place. Don’t be afraid to ask tough questions if you’re nervous about something — it’s your money and personal information, and you have every right to know how it’s being handled.

Rosenthal can point to a specific list of measures her company takes to ensure that transactions are secure and clients are protected. Every company should be able to do the same.

Make your accounts super secure

Change passwords, implement multi-factor authentication on your accounts and devices, always use a VPN when connecting to wireless networks, even those you trust, and be extra careful before a real estate transaction. Cyber criminals are becoming more sophisticated every day, so home buyers need to be more suspicious than ever.

Purchasing or selling a home can be a momentous occasion in a person’s life — in both cases, it’s often the culmination of a lifetime of hard work and saving. Cyber criminals have no respect for that hard work or the lives they destroy, and you should always remember that your most powerful weapon against them is your own awareness.

Share This