What does the chairman of MIT’s board of trustees and a Supreme Court judge for New York State have in common with the Weintraubs of Lebanon, Oregon? They were all victims of real-estate spoofing scams, a form of cyber-security fraud that has grown from $19 million in 2016 to over $1B in 2017.
Thieves have learned that large sums of money change hands when people purchase a new home. According to the US census bureau, the median price of a home on the U.S. West Coast today is $390,000. With a 21% average down payment, transfers of over $82,000 are a regular occurrence. These funds are transferred under the exclusive control of buyers and would be transferred without the checks and balances present when banks fund the remainder of the loan.
This makes the home purchase process a high-value, soft target. Rather than being forced to outwit banks and insurance companies who are protected by security professionals and sophisticated monitoring systems, thieves recognize that a local realtor is not meaningfully defended in most cases. They simply have to fool the buyer into transferring the funds into an account that is under their control.
The scam starts with an email to the realtor or title agent. These individuals are trusted by the buyer and are in a position to trigger a transfer. The spear-phishing email results in the delivery of malware that permits the thief to monitor all email exchanges. From this point, the thief watches the normal flow of business until a suitably large transaction is found. When the home purchase is just about to close, the thief sends email messages from the infected PC to the buyer that appears to be from the realtor. The spoofed email contains detailed information such as transaction sums, bank names, seller (Read more...)
*** This is a Security Bloggers Network syndicated blog from The State of Security authored by Stephen Wood. Read the original post at: https://www.tripwire.com/state-of-security/featured/real-estate-scams-growing/