Wire fraud continues to be a major threat to the real estate industry. More than 12.5 billion in losses from real estate wire fraud were reported since 2013. Despite growing awareness of the threat, real estate cybercrime is still on the rise.
According to reports by the FBI, in 2017, 9,645 victims reported a loss of over $56 million while those numbers ballooned to 11,300 victims and $149 million in 2018.
Why Cybercriminals Target Real Estate
Real estate is the third most common sector for fraud attempts according to a study by FinCen. So why are cyber criminals narrowing in on real estate? Specific characteristics of real estate transactions make them vulnerable to cyber attacks.
Large sums of money involved
Criminals know a real estate transaction is a unique opportunity where a significant amount of money is exchanged in a one-time event. Real estate transactions allow cybercriminals to quickly cash-in on hundreds of thousands of dollars with a single attack.
Sensitive information exchanged
Real estate transactions also require buyers to provide their most sensitive personal information. Cybercriminals can use real estate transactions to access bank account and social security numbers, and other sensitive information that they can then use at any time to access funds — even those unrelated to a real estate transaction.
Homebuyers are eager to complete the transaction
Buying a home is a unique and important life event and homeowners are often eager to receive the keys to their new home. A traditional closing can take several weeks and homebuyers are often keen to complete the transaction. This excitement can sometimes cause a homebuyer to move quickly and with less diligence, opening up the opportunity for a cybercriminal to intercept a transaction.
Homebuyers are looking for guidance
The closing experience is a complicated process that most homebuyers are unfamiliar with. First time homebuyers especially are looking for guidance from their title company, real estate agent, or lender on where, when, and how to complete their closing documents and wire their escrow funds. Cybercriminals take advantage of the trust homebuyers place in their transaction partners and pose as an agent or lender to deceive the homebuyer.
Multiple parties involved
A typical real estate transaction includes up to 12 parties exchanging information. Each party typically uses its own software system to communicate and update information on a particular transaction. These disconnected communication channels open up holes for cybercriminals to capture the highly-sensitive information being exchanged.
Traditional real estate transactions revolve around email
Email is an ideal target for cybercriminals because they don’t need to hack into a sophisticated security system to access information. Rather, a criminal can easily and discreetly jump into a communication stream via email and trick a buyer into sending money without raising any alarm bells.
Evaluate your Security Measures
Title & escrow businesses are central to every real estate transaction and now face added pressure and increased responsibility to ensure a safe and secure closing experience. Secure transactions come down to two basics
1. STREAMLINED COMMUNICATION
As cybercriminals increase their focus on real estate transactions, title & escrow companies must consider new avenues for exchanging information that streamline communication between parties and reduce the number of systems and platforms involved.
New portal-based communication channels provide a mechanism for secure information exchange. For example, Qualia’s Connect platform (a secure, app-based communication channel for homebuyers to send information and track the progress of their closing), integrates with Qualia’s title & escrow software and replaces the use of email for all parties involved in the transaction.
2. A SECURE TECHNOLOGY INFRASTRUCTURE
ALTA best practices and third-party certifications offer a starting point for assessing the security standards of your technology providers. Below are the high-level certifications and best practices your providers should offer as a baseline security assessment.
- ALTA best practices (pillar 3): ALTA’s best practices require that client data is private and restricted from unapproved parties.
- Two-Factor Authentication: Additional security layers require users to provide multiple authenticators (such as answering a security question or providing an additional password) to prove their identity. These greatly mitigate the risk of outsiders accessing the system.
- AES-256 Data-at-rest Encryption: Data encryption acts as a lock, providing access only to those who have the proper key.
- Third-Party Certifications: A third party can act as an unbiased authenticator of a technology provider’s security standards. Two trustworthy certifications in the title & escrow industry are: SOC-2 and ISO 27001.
Qualia’s team also recommends businesses ask their technology providers these 7 questions to ensure compliance and security that meets the highest standards.
To learn more about cybersecurity threats in the real estate sector and the steps companies like Qualia are taking to ensure secure transactions, read about Qualia’s participation in ALTA’s Coalition to Stop Real Estate Wire Fraud.