February 16, 2016

Red Phone in HandThe Facts

Dot Some I’s and Cross Some T’s Closing Agency, Inc. (“Dot Some I’s”) was celebrating its centennial. Since the day its doors opened 100 years ago, Dot Some I’s has prided itself on trust. When a file came in, like thousands before it, Dot Some I’s began running the necessary title searches, got the parties’ contact information, and obtained the wiring information for the sellers’ bank account. The sellers, who travel a lot, gave Dot Some I’s their e-mail address so that they could be contacted and receive information on the road. The sellers’ broker, with whom Dot Some I’s previously had worked, provided her cell phone number.

A few weeks later, Dot Some I’s was ready to complete the closing. Dot Some I’s contacted the relevant parties and scheduled the closing for Friday, which was four days away. Per the sellers’ instructions, Dot Some I’s sent them an e-mail letting them know that everything was in order, and that the closing would be that coming Friday. Dot Some I’s also confirmed that the sellers’ proceeds from the closing would be $105,000. Finally, Dot some I’s overnighted documents to the sellers, who signed and returned them.

Unbeknownst to the sellers and Dot Some I’s, the sellers’ e-mail account had been hacked, and the hackers were monitoring all communications in and out of the account. The hackers saw an opportunity, and took advantage of it. Specifically, early Friday morning, the day of the closing, the hackers, who were posing as the sellers, sent a friendly e-mail from the sellers’ account asking Dot Some I’s to wire the proceeds of the closing to a different bank account. The hackers provided the new wiring information, and a phone number, in case Dot Some I’s had any questions.

Because Dot Some I’s had been corresponding with the sellers over e-mail throughout the process, it did not question the validity of the e-mail. Further, because Dot Some I’s did not have the sellers’ phone number on file, it had no way to verify the e-mail by confirming the phone number. While Dot Some I’s did not bother verifying the information by calling the number provided in the e-mail, doing so would have been futile. The number, of course, was the hacker’s number, and the hacker would have verified the information.

The closing went off without a hitch, or so everybody thought. After the documents were signed and the parties left the office, Dot Some I’s completed the transaction by disbursing the money received in connection with the closing to the relevant parties. Per the updated information in its file, Dot Some I’s wired the sellers’ proceeds to the hackers’ bank account. The hackers quickly transferred the funds out of that account and vanished.

Monday morning, when the sellers realized that the proceeds from the closing were not yet in their bank account, they contacted Dot Some I’s. For the first time, they reached out by phone. Dot Some I’s, not surprisingly, told the sellers that their money was wired per the updated instructions that the sellers provided Friday morning. The sellers, a bit dumbfounded at this point, asked “what updated instructions”? From that point it did not take long for the parties to figure out that they were the victims of fraud.

The Lesson

While you cannot eliminate the possibility that your company will be the victim of such fraud, a simple preventative measure like obtaining phone numbers at the start of all transactions can go a long way towards reducing such risk. If Dot Some I’s had the sellers’ phone number on file, it would have realized that the phone number in the fraudulent e-mail was different. Of course, calling the numbers would have uncovered the fraud and saved all parties involved a great deal of hardship.

In addition to obtaining contact information, such as phone numbers, at the beginning of the closing process, industry experts advise companies to be suspicious of e-mails received at odd hours, and instructions to wire money to banks outside of the state in which the closing is scheduled to take place, and last minute changes in payment instructions. Finally, if anything appears suspicious, ask questions – your customers will appreciate the fact that you are looking out for their best interests.

CPIM and TIAC thank Jordan Rubinstein, Esquire, of Troutman Sanders LLP, for writing this article.