October is National Cyber Security Awareness Month (NCSAM). This designation has been observed in the United States since 2004, when the Department of Homeland Security and the National Cybersecurity Alliance (NCA) established it to bring awareness of cybercrime and the need for Americans to operate safely online, whether at work, home or school. In collaboration with the Cybersecurity and Infrastructure Security Agency (CISA), NCA strives to improve the digital habits of Americans to mitigate increasing cases of identity theft, fraud and extortion.
While most companies have security measures in place to protect sensitive digital information, it is imperative that employees do their part to keep it secure. National Cyber Security Awareness Month is a great time to refresh everyone on good cyber hygiene.
The theme of this year’s observance is See Yourself in Cyber. Throughout October, the NCA and CISA will highlight best practices that include:
- Enabling multi-factor authentication
- Using strong passwords
- Recognizing and reporting phishing
- Keeping your software up-to-date
The “See Yourself in Cyber” theme encourages people to operate safely online, no matter what they are doing on the internet. Whether you are shopping, posting pictures on social media, or doing research for school or work, it is important to be vigilant and protect your basic information. Letting your guard down – even once – gives cyber criminals the opportunity to harvest information they can use to hack into your financial accounts or exploit for financial gain.
In the world of title insurance and real estate settlements, one of the biggest threats to our customers and business is wire fraud. We are regularly educating our employees, title agents, real estate agents and consumers to stay alert.
Wire fraud involves schemes to intercept wired funds that are being transferred during real estate transactions. According to the Federal Bureau of Investigation (FBI), wire fraud resulting from Business Email Compromise (BEC) and Email Account Compromise (EAC) cost businesses and consumers $2.4 billion in 2021 alone.
Tips for Preventing Wire Fraud
- Secure your devices and accounts. Securing your computer, phone and mobile devices, and practicing good email and password hygiene can make you less vulnerable to any cybercrime. Click here for best practices.
- Be vigilant. All parties to a real estate transaction are potential targets. However, cybercriminals tend to prey on older buyers who they believe may have limited knowledge of cybersecurity or wire transfer protocols.
- Consider using cashier’s checks instead of wiring funds. Your title company can verify checks with the bank prior to funding, which satisfies Good Funds requirements and eliminates your risk of wire fraud.
- Learn your title company’s process for wiring funds. Many companies have policies against emailing wiring instructions. Ask your closing agent for a list of approved contacts and wiring instructions at the beginning of your transaction. Keep them handy to use as a reference.
- Slow down. Fraudsters work hard to lull buyers into a false sense of security so they don’t take the time to scrutinize requests. Always check the sender’s email address for irregularities. When responding to an email, use “forward” instead of “reply.” Typing in a trusted email address lowers your chance of accidentally replying to a cybercriminal who sent you a spoofed email.
- Be suspicious of any changes to wiring instructions, especially on Fridays or before holidays. Changes to wiring instructions are rare and should only come from your closing agent. Since it can take up to 72 hours to wire money, fraudsters often request wire changes on a Friday or just before a holiday, so the funds are gone by the time anyone notices. There may be little your financial institution can do to recover funds once they are wired into a new account.
If you receive a request to change wiring instructions:
- STOP!: Never reply to an email or text with wiring instructions. If you receive a phone call with wiring instructions, tell the caller you’re going to hang up to verify the information.
- CALL: Call a trusted phone number you have used before to contact the buyer, seller, agent, lender or escrow officer, or use a number written in the contract. NEVER use a number listed in an email or text; there could be a fraudster on the other end ready to trick you into wiring funds to their account.
- VERIFY: After calling a trusted number, ask to speak with the person who allegedly called or sent the email or text. Always verify any change of plans with a trusted party before acting on them.
By keeping this wire fraud plan in mind, you can do your part to stop funds from winding up in the hands of a cybercriminal.
For more information and resources to promote cyber security for your organization, click here to sign up for CISA’s Cybersecurity Awareness Program.