ALERT: Wire Fraudsters Targeting Real Estate Transactions

By Jessica Edgerton, NAR associate counsel

fraudIn recent months, real estate professionals have reported an upswing in a particularly insidious wire scam. A hacker will break into a licensee’s e-mail account to obtain information about upcoming real estate transactions. After monitoring the account to determine the likely timing of a close, the hacker will send an e-mail to the buyer, posing either as the title company representative or as the licensee. The fraudulent e-mail will contain new wiring instructions or routing information, and will request that the buyer send transaction-related funds accordingly. Unfortunately, some buyers have fallen for this scheme, and have lost money.

A possible red flag to be aware of, and to alert clients to, is any reference to a “SWIFT wire” transaction, a term that indicates an overseas destination for the funds. However, unlike many other e-mail-based “phishing” schemes, this particular manifestation appears to be more sophisticated and less recognizable as fraud. The communications do not contain the typical grammatical or stylistic oddities that are often present in scam e-mails. In addition, because the perpetrator has been monitoring the licensee’s e-mail account, the fraudulent communication may include detailed and accurate information pertaining to the real estate transaction, including existing wire and banking information, file numbers, and key dates, names, and addresses. Finally, the e-mails may come from what appears to be a legitimate e-mail address, either because the thief has successfully created a sham account containing a legitimate business’s name, or because he or she is sending the e-mail from a truly legitimate—albeit hacked––account.

Be aware, also, that this particular scheme is only one of many forms of online fraud being perpetrated against real estate licensees and their clients. In protecting all parties to a real estate transaction from cybercrime, real estate professionals should consider the following guidance:

1. Prevention.
The best line of defense against fraudsters is to make sure that all parties involved in a real estate transaction implement security measures before a cyberattack occurs. These measures include the following:

  • Never send wire transfer information via e-mail. For that matter, never send any sensitive information via e-mail, including banking information, routing numbers, PINS, or any other financial information.
  • Inform clients from day one about your email and communication practices, and alert them to the possibility of fraudulent activity. Explain that you will never send, or request that they send, sensitive information via email.
  • Prior to wiring any funds, the wirer should contact the intended recipient via a verified telephone number and confirm that the wiring information is accurate. Do not rely on telephone numbers or website addresses provided within an unverified e-mail, as fraudsters often provide their own contact information and set up convincing fake websites in furtherance of their schemes.
  • If a situation arises in which you have no choice but to send information about a transaction via email, make sure to use encrypted e-mail.
  • Security experts often recommend “going with your gut.” Tell clients that if an e-mail or a telephone call ever seems suspicious or “off,” that they should refrain from taking any action until the communication has been independently verified as legitimate. When it comes to safety and cybersecurity, always err on the side of being overly cautious.
  • If you receive a suspicious e-mail, do not open it. If you have already opened it, do not click on any links contained in the e-mail. Do not open any attachments. Do not call any numbers listed in the e-mail. Do not reply to the e-mail.
  • Clean out your e-mail account on a regular basis. Your e-mails may establish patterns in your business practice over time that hackers can use against you. In addition, a longstanding backlog of e-mails may contain sensitive information from months or years past. You can always save important e-mails in a secure location on your internal system or hard drive.
  • Change your usernames and passwords on a regular basis, and make sure your employees and licensees do the same.
  • Never use usernames or passwords that are easy to guess. Never, ever use the password “password.”
  • Make sure to implement the most up-to-date firewall and anti-virus technologies in your business.

2. Damage Control.
If you believe your e-mail or any other account has been hacked, you should take the following steps:

  • Immediately change all usernames and passwords associated with any account that you believe may have been compromised or otherwise made vulnerable by the attack.
  • Contact any clients or other parties who may have been exposed during the attack so that they take appropriate action. Remind them not to comply with any requests from an unverified source.
  • Report any fraudulent activity to the Federal Bureau of Investigations via their Internet Crime Complaint Center. More information can be found here:
  • Brokers should report any fraudulent activity to their state or local REALTOR® association so that the associations can send out alerts or take other appropriate action, including contacting NAR.

This advice is not all-inclusive, and real estate practitioners should work with Information Technology and cybersecurity professionals to ensure that their e-mail accounts, online systems, and business practices are as secure and up-to-date as possible.

For more information on this and other cyberscams, as well as further information on cybersecurity best practices, visit these resources:

Blog Contributor

This post was contributed exclusively for REALTOR® Magazine.

More Posts - Website - Twitter - Facebook

  1. Steve Freeman

    Your advice: “If a situation arises in which you have no choice but to send information about a transaction via email, make sure to use encrypted e-mail.” falls short. How about a recommendation for encrypted email products?

  2. The title company usually emails a PDF of the wiring instructions with notes regarding the specific transaction. I’m not sure how we get around that. Maybe we return to the days of faxing everything.

    Thanks for the informative article. I had no idea this was going on.

  3. I have received emails from Title companies requiring funds by wire only with out acknowledging the risks or offering an alternative. We have experienced that wire transfers take several days to occur. There must be another way.

  4. Real1

    I have recvd several fraudulent emails and have forwarded them to MRIS, this is scary and a solution must be found immediately, our clients and the Realtor are all at risk, and I agree with the previous person, we should go back to faxing until a solution is found, we all must put our heads together and find one.

  5. Kate Rose

    Where is the verbiage for us to put on our email signatures warning clients about this latest stealing the down payment scam? I have been looking and reading all over and can’t find it.

  6. Robert Freedman

    Kate, you can get that at this URL:

  7. This is scary stuff. I had my email account hacked several years ago. The hacker was sending out emails to my clients. One client called me because they thought the email was strange. That is how I found out it was hacked. I immediatly changed my password. I created a new email account and shut the hacked email account down. It tool a long time to shut down the email because all my past clients had the email address.

    A real pain.

  8. It’s too bad we have to worry about stuff like this. I suppose that there will always be crooks. I just hope one day the powers to catch them are stronger than their abilities to do harm.