By now, we should all be aware that our industry is under attack by cyber thieves.  All of you should have procedures in place to prevent cyber thieves from stealing funds related to your closings.  Some of the best practices we have seen include:

  1. Obtaining the wiring instructions directly from the party to whom you are sending the wire (in person);
  2. Obtaining a phone number directly from the party to whom you are sending the wire (in person).

We have seen some Law Offices that insist on obtaining the wiring instructions directly from the party to whom you are sending the wire.  Oftentimes this means, getting them directly from the seller AT CLOSING.  (I suppose you could also get them from the parties Agent, either by facsimile or hand delivery.)  Once the wiring instructions have been delivered to the Closing Attorney, those Offices insist that they can only be changed by the party through the same medium… usually hand delivery. The main point here is to DISTRUST ANY E-MAIL CORRESPONDENCE.

A good rule of thumb is to assume that any e-mail you receive is fraudulent.  The thieves favorite target is the e-mail of one of the Real Estate Agents representing the parties.  Obtain a phone number directly from the parties where you can reach them.  If you are asked to change wiring instructions, only do so after speaking to the party at the number they gave you.  I have heard a story from one of our customers in which the cyber thief actually called the office to discuss the request.  When the paralegal received the e-mail changing the wiring instructions, she asked the client to call her.  When she answered his call, she immediately recognized that the caller was not the correct person because she knew that her client had a Hispanic accent.  Scary stuff!!!  Do not trust a phone call made by one of the parties to your office.  Do not call a phone number given to you in an e-mail.  Perhaps most important of all, discuss these procedures with the parties and tell them why strict observance of the rules will be required.  After all, you are trying to safeguard THEIR money.

Understand that these schemes are ever changing.  We have become accustomed to cyber thieves targeting the proceeds of the Seller.  However, there has been at least one recent case in which the Lender’s wire was stolen!!! If the Lender asks you to return the wire in an e-mail, you must question it.  Make sure that you have a contact for the Lender where you can verify the request with them verbally.  Remember that the phone number you use to confirm the request CANNOT COME FROM THE E-MAIL WHICH MADE THE REQUEST.

Always be mindful of Phishing e-mails.  A phishing e-mail is a bogus e-mail in which the sender tries to get you to click on something in the body of the e-mail.  Once you do so, you can potentially create a vulnerability in your Network’s defenses.  The cyber thieves can exploit that vulnerability.  If they can install a key logger program onto your computer, they may be able to duplicate your password and initiate a wire on their own.  The thieves can be very clever about how they construct the e-mail.  For example, if your website profile says that you are an avid college basketball fan, they will send you an e-mail about obtaining free tickets to the NCAA Tournament.  One trick you can employ to determine whether the e-mail is bogus or not is to hover your mouse over the sender’s name in the e-mail.  When you hover your mouse over the sender’s name, it should give you the sender’s e-mail address. Does it look legit?  If not, delete the e-mail.  If you are unsure, and the sender is someone you know, like a Real Estate Agent, call them and ask them if they sent the e-mail.

Always implement the security procedures recommended by the Bank where your Trust Account is located.

Review your Cyber insurance policy.  Remember that the basic Cyber Policy does not typically cover what is called “Social Engineering”.  This term describes the theft that is the subject of this article. Make sure that you have a policy that protects you and your clients from these kinds of thefts.  Discuss the policy with your insurance agent if you are unsure if you are covered for “Social Engineering.”

Click HERE to read an article from our friends at North American Title that lays out four steps to follow if you believe that funds have been stolen from one of your closings. We have also included an article that highlights some Closers around the Country that were able to avert disaster by utilizing good procedures and a distrusting nature. Click HERE for this article.