Risk alert warns of liability for wire fraud targeting real estate closings

Credit unions and their members continue to be victimized in a wire transfer fraud scheme designed to steal the funds needed to close real estate transactions, according to a new risk alert from CUNA Mutual Group.

In this scam, fraudsters hack title company/closing agent’s email to search for upcoming real estate closings. When they find one, they frequently send a spoofed email to the purchaser containing “updated wire instructions” for the closing. Alternately, the fraudster could send the fraudulent email from within the compromised email account.

Believing the updated instructions to be legitimate, the purchaser provides the wire instructions to their financial institution to execute the wire. Upon discovery of the fraud, the purchaser’s financial institution is generally unable to recover the funds from the beneficiary bank, and the purchaser could file a lawsuit against the beneficiary bank or their own financial institution to recover the funds, according to the alert.

Credit unions should consider these risk mitigation tips to avoid wire fraud schemes related to real estate closings:

  • ensure wire transfer agreements and wire transfer request forms disclose how wires settle at beneficiary banks and ensure the language is closely aligned with the requirement in UCC 4A-207(c)(2);
  • avoid using electronic wire transfer agreements and request forms that are e-signed;
  • train frontline staff so they can warn members of this scam when members request a wire for a real estate closing, and staff should verify the updated wire instructions on behalf of the member using a reliable phone number; and
  • if the credit union’s loan department receives an email purportedly from a title company/closing agent containing updated wire instructions for member loan closings, verify the instructions by calling the title company/closing agent using a reliable phone number.

CUNA Mutual Group’s risk alerts, in additional to additional risk-prevention resources, may be accessed on their Protection Resource Center. Log-in is required.

Leave a Reply