Bulletin: NY000605

Date:
May 17, 2017
To:
All New York State Agents, Office Counsel, and Managers
RE:
Cyber Fraud/Email Compromise

Our industry is subject to an ever increasing number of cyber security threats.  We have also seen the recent implementation of regulations designed to prevent Cyber Fraud. One type of Cybercrime is email compromise.  The Federal Bureau of Investigation recently published a public service announcement on email compromise (Click Here).  Email compromise is a crime that is rapidly affecting the way we do business in today’s market place. The fraudsters have discovered the speed at which our industry is currently facilitating real estate transactions and have begun hacking into the email accounts of the real estate professional and clients we work with. The fraudster are monitoring these accounts waiting for an opportunity to insert themselves into the fast paced, email fueled, real estate transaction.  They set up bogus email accounts designed to look like emails that come from a realtor, an attorney, a lender, a title company, a buyer or a seller.

We are seeing an increasing number of reported crimes where bogus email accounts send wire instructions or wire instructions changes to the disbursing agent in an attempt to have legitimate closing funds diverted to a fraudster controlled account.  If you are receiving wire instruction or other disbursing instruction via email, remember those instructions are subject to a hack.  The responsibility for preventing this type of Cybercrime is on all the parties to the transaction especially the parties working with the closing funds.   Once a wire transfer has been sent to the fraudsters account, it is challenging to recover the funds.

Communication and the attention to detail is key in the prevention of this type of crime.  While best practices, cyber security policies, regulations and software are an excellent defense, it is only the beginning.  The diligence and attention of the real estate professionals working the transaction are additional necessary elements to prevent this type of crime. 

Offices should undergo training to identify red flags.  Some of the red flags are set forth in the attached flyer - Protecting Yourself from Real Estate Cyber-fraud. Please also Click Here to view a public service announcement issued by the FBI on Email Compromises referenced above. Finally please review our national bulletins on www.vuwriter.com. Training should be on-going and continuous. Your training should include policies and procedures to verify the legitimacy of any disbursement instruction received via email, including the verbal confirmation of instructions and a prohibition against last minute changes to the instructions. These policies should be communicated to the parties in the transaction. A plan of action should be in place if you suspect you are a victim, including working with your local banking representative and criminal authorities. Cyber Fraud insurance may also be available from your business insurance carrier.  Prevention and planning will prevent this crime from occurring. 

If you have any questions regarding this bulletin please contact Stewart Title Insurance Company Legal Services at 212-922-0050.

Attachments: Protecting Yourself from Real Estate Cyber-fraud; FBI PSA Email CompromisesFBI Alert I-050417-PSA

THIS BULLETIN IS FURNISHED TO INFORM YOU OF CURRENT DEVELOPMENTS. AS A REMINDER, YOU ARE CHARGED WITH KNOWLEDGE OF THE CONTENT ON VIRTUAL UNDERWRITER  AS IT EXISTS FROM TIME TO TIME AS IT APPLIES TO YOU, AS WELL AS ANY OTHER INSTRUCTIONS. OUR UNDERWRITING AGREEMENTS DO NOT AUTHORIZE OUR ISSUING AGENTS TO ENGAGE IN SETTLEMENTS OR CLOSINGS ON BEHALF OF STEWART TITLE GUARANTY COMPANY. THIS BULLETIN IS NOT INTENDED TO DIRECT YOUR ESCROW OR SETTLEMENT PRACTICES OR TO CHANGE PROVISIONS OF APPLICABLE UNDERWRITING AGREEMENTS. CONFIDENTIAL, PROPRIETARY, OR NONPUBLIC PERSONAL INFORMATION SHOULD NEVER BE SHARED OR DISSEMINATED EXCEPT AS ALLOWED BY LAW. IF APPLICABLE STATE LAW OR REGULATION IMPOSES ADDITIONAL REQUIREMENTS, YOU SHOULD CONTINUE TO COMPLY WITH THOSE REQUIREMENTS.