Over the past year Brady & Kosofsky has implemented cutting edge security hardware and software to meet the requirements of protecting our clients’ non public private information. In addition to other capabilities, we have now have “real time” ability to detect penetration and hack attempts.
Over the last few months, we have noticed a spike in attempts to hack emails and divert funds. We have incredible resources, however this is just something each one of us needs to keep an eye out for. We need to know our transactions, and if something looks fishy… (pun intended) it probably is. Here are a couple of examples:
1. “the mysterious contract”- Over the last five years we have adopted “team” email boxes. All of our orders for titles are sent to a team email and all contracts are sent to another team email. I received an email from a real estate broker asking me to review a contract. I have known this broker for years, but have not done a closing for her in a long time. Instead of rushing to open the contract, I called her first. She typically uses a different settlement provider and I wanted to make sure that she meant to send me a closing. It also gave me a great reason to reconnect with her. When I spoke to her I thanked her for the referral etc… and she had no idea what I was talking about. I sent the email to my IT department and sure enough it was a virus. This would have disabled some layers of security and possibly hurt my system.
2. “the pick $25,000.00”- This is an interception tactic which is being used by cybercriminals to divert earnest money, cash to close and other funds from the Attorney to the criminals account or from the consumer to the criminals account. The criminals will monitor emails between closing agent and realtors and when they see any wire instructions, they will modify the wiring instructions, and send us ( the closing agent) revised wiring instructions. Then when we wire the funds as directed they are lost to the criminal. This could have devastating effects on consumers and businesses alike…. All the technology in the world cannot always sniff this out… to battle this, we implemented a policy to confirm wiring instructions and modifications by using a really dangerous tool…. the PHONE. We will call the parties to confirm, before changing any wiring instructions.
3. “the wrong address”- our correspondence with parties is very specific as to where emails are to be sent for different reasons. If an email is sent to the wrong place we take a long look at it before relying on it. If we get an email which contains wiring instructions to our “general info mailbox” we call to confirm.
There are many variations to these schemes and many more out there! Keep your eyes open, use your common sense, know your clients and partners… and when in doubt… PICK UP THE PHONE!!! you will be surprised!