Between January 2017 and November 2018, sixty victims in Maryland lost over $2 million combined as a result of hijacked real estate transactions. Fitz notes that those numbers could be much higher, since many individuals and companies may refrain from reporting that they were scammed.
A BEC real estate scam usually starts with an attacker hacking the email account of an agent or company employee, often via a phishing email. The attacker then observes the correspondence within the hacked account and begins to identify potential targets. Next, the attacker will imitate the appearance of the agent’s emails and use a separate account to send spoofed emails to victims. These emails typically ask the victim for an advance payment or include updated wiring instructions, and are carefully timed to coincide with real transactions.
Employees and consumers both need to be on the lookout for these schemes. Any online transaction is a tempting target for fraudsters, and attacks targeting real estate transactions are increasing rapidly. “It’s doubled year-over-year, and as we put procedures in place, these criminals adapt,” says Fitz. New-school security awareness training can provide employees with up-to-date knowledge of phishing and other social engineering tactics.
The Baltimore Sun has the story: https://www.baltimoresun.com/business/bs-bz-bec-crimes-title-industry-20180822-story.html