It looks like it’s time to update my Value of a Hacked Email Account graphic: Real estate and title agencies are being warned about a new fraud scheme in which email bandits target consumers who are in the process of purchasing a home.
In this scheme, the attackers intercept emails from title agencies providing wire transfer information for borrowers to transmit earnest money for an upcoming transaction. The scammers then substitute the title company’s bank account information with their own, and the unsuspecting would-be homeowner wires their down payment directly to the fraudsters.
This scam was laid out in an alert sent by First American Title to its title agents:
“First American has been notified of a scheme in which potential purchasers/borrowers have received emails allegedly from a title agency providing wire information for use by the purchaser/borrower to transmit earnest money for an upcoming transaction.”
“The messages were actually emails that were intercepted by hackers who then altered the account information in the emails to cause the purchasers’/borrowers’ funds to be sent to the hacker’s own account. The emails appear to be genuine and contain the title agency’s email information and/or logos, etc. When the purchasers /borrowers transferred their funds pursuant to the altered instructions, their money was stolen with little chance of return. This scam appears to be somewhat similar to the email hacking scheme that came to light earlier this year that targeted real estate agents.”
“It is apparent in both scams that the hackers monitor the email traffic of the agency or the customer and are aware of the timing of upcoming transactions. While in the reported instances, a customer was induced to misdirect their own funds, an altered email could conceivably be used to cause misdirection of funds by any party in the transaction, including the title agent themselves.”
This scam is almost certainly not unique to First American Title; scams that work against one corner of an industry generally work against the industry as a whole.
Attacks like this one illustrate the value of two-factor authentication for email. The larger providers have moved to enabling multi-factor authentication to help users avoid account compromises. Gmail.com,Hotmail/Live.com, and Yahoo.com all now offer multi-step authentication that people can and should use to further secure their accounts. Dropbox, Facebook and Twitter also offer additional account security options beyond merely encouraging users to pick strong passwords.
Of course, all of this additional security can be defeated if the bad guys gain control over your machine through malicious software. To keep your computer from being compromised, consider adopting some of the recommendations in my Tools for a Safer PC primer.