FBI Report: E-mail Account Compromise Techniques Used to Steal Millions in Real Estate Settlement Funds

E-mail Account Compromise Techniques Used to Steal Millions in Real Estate Settlement Funds

Page Count: 4 pages
Date: August 17, 2017
Restriction: None
Originating Organization: Federal Bureau of Investigation, Office of Private Sector
File Type: pdf
File Size: 610,215 bytes
File Hash (SHA-256): 6D696F3F01E3E5FA64379E03459A7DD9AE569F04475EEB69B8943C13FB00A5F2

Download File

The Office of Private Sector, in coordination with the Criminal Investigative Division, is providing this LIR to inform private sector partners about the increasing use of e-mail account compromise (EAC) techniques in the US real estate settlement industry. Consumer borrowers, settlement/title companies, real estate agents, real estate attorneys, builders, and others are being targeted by criminal actors netting millions in illicit proceeds. These proceeds are often directed initially to US banks then re-directed via money service businesses and international accounts to Mexico, Nigeria, South Africa, China, Ghana, Turkey, and India. The increased use of EAC techniques, as well as, the evolving expansion into previously unidentified countries indicates this fraud scheme is not slowing and puts additional strain on industry participants to be vigilant with their e-mail communications and identity verification processes.

Criminal threat actors diverted an estimated $19 million in fiscal year 2016 from real estate purchase transactions by manipulating e-mail communications of key participants to re-direct legitimate wire transfers, including down payments, earnest money, and settlement proceeds to criminally-controlled accounts. The increasing use of EAC techniques such as identifying realtors via real estate web sites, spoofing, phishing, social engineering, chat rooms, spam, and malware is attributable to positive real estate market indicators such as housing prices/supply, interest rates, the increase in well-publicized multi-million dollar land development contracts, and the proven ease in infiltrating the transaction process. This threat will likely continue on an upward trend as these conditions persist. Please see the below diagram for a step by step overview of a common EAC scam.

One of the most widely reported vulnerabilities identified by victims is that industry participants in real estate settlements – whether they involve all-cash or mortgage loan purchase transactions – may not be aware of the minute differences or changes in the e-mail accounts of parties with whom they routinely conduct business. Consequently, they are inadvertently participating in the illicit transfer of funds to criminal actors. As real estate settlement transactions occur on a regular and recurring basis and typically use long-established straightforward processes between known participants (brokers, financial institutions, real estate agents, title and escrow companies and attorneys), it is very likely criminal actors and organized groups will increasingly continue to target these businesses and individuals for illicit financial gain.

Share this: