Spaces Blog

Protecting Your Assets in the Age of Cyber-Scams

One of the most troubling trends in real estate now is the prevalence of wire fraud.

Buyers and sellers alike have been impacted across the nation.

So what does wire fraud look like? And what can buyers, sellers, and real estate professionals do to protect themselves?

What does Wire Fraud look like in the Real Estate Industry?

Cyber criminals hack the email accounts of real estate brokers, title companies and consumers who are in the process of buying or selling a home. In other instances, they create alternative email accounts with just minor changes to the name of the email account, which typically goes unnoticed by the recipient of the email.

Often the computer hackers monitor email exchanges between the parties of a real estate transaction and gain specific information, such as the buyer and seller names, subject property address, and file numbers.

As the closing date approaches and arrangements are made for the buyer to wire the money to the closing company, or for the title company to wire the proceeds from the sale to the sellers, the scammer will send a last-minute email from a hijacked account or similar looking email address updating the wiring instructions.

The email with updated wiring instructions looks legitimate and often contains the transaction specific information the hackers obtained in the body of the email or as an attachment.

Buyers can inadvertently wire their down payment to a fraudulent account. And title companies can be tricked into inadvertently wiring the seller’s proceeds, too.

Some hackers are now even calling title companies or clients while impersonating the buyer, seller, title company or broker, to change the wiring instructions.

Many times, once the consumer’s funds are wired to the wrong place, the money is irrecoverable, untraceable, and the funds have been sent out of the country.



Marcia Waters, the Director of the Colorado Division of Real Estate says “Unfortunately the costs to Colorado consumers can be in the tens to hundreds of thousands of dollars with just one successful scam. Unless you pay very close attention, everything may look right — the email signature, address and the website. But, by the time homebuyers realize something is wrong, the money is already gone and in an untraceable bank account, leaving them at the closing table with no money and eliminating their ability to purchase the home.”

In the first three months of 2016 the FBI reported that $209 million had been stolen in such cyber-attacks and the frequency of such attacks continue to rise.

This past February, a Longmont seller lost over $80,000 from the sale of their property to one of these scams. And unfortunately, there have been several more cases of this activity in Colorado in the last couple of years.

So, what can buyers, sellers, and real estate professionals do to protect themselves?


Buyers should:

1.   Know that wiring instructions will never come from your Realtor. Wiring instructions should be encrypted, sent in a secure email, and will come from the title company.

2.   Upon receipt of wiring instructions, buyers should call the title company, speak to the title representative, and verify the wiring instructions over the phone. Buyers should call the title company using an independently obtained phone number. Don’t get the phone number for the title rep through your email.

3.   If you get wiring instructions via email twice, or if they change close to closing, this is a Big Red Flag. Don’t initiate your wire transfer, and contact your Realtor ASAP.


Sellers should:

1.   Bring a voided check or wiring instructions to closing. Wiring instructions for the entity that will receive the seller’s proceeds after closing should be acquired in person, at a branch of their bank, if at all possible.

2.   If it is not possible to acquire wiring instructions in person at their bank, sellers should call their institution using an independently obtained phone number. Sellers should not get the bank’s phone number through their email.

3.   Let the title rep for your transaction know, over the phone, that you will be bringing your voided check or wiring instructions to closing and you will not be asking them to accept wiring instructions from you over email.

4.  Use reputable and experienced title companies and title representatives. Seasoned title reps know what to look for and will be an invaluable asset in helping keep your proceeds protected.

5.   If anything seems fishy, contact your Realtor ASAP.



All Parties should:

1.   Avoid free Wi-Fi. It can look like you are logging into a trusted source when, in fact, you are logging onto the cybercriminal’s device. Once you are logged on, the hacker has full access to your logged on device (phone, tablet or computer). More people have their emails compromised, passwords stolen, and other sensitive information captured using free Wi-Fi than a secure network.

2.   Limit posts on social media about personal information that could aid a cybercriminal. Cybercriminals use information they learn from social media websites to determine who to target and when.

3.   Don’t click through links from your email to find contact info for financial institutions or title companies. If you need to search for contact info, do an independent web search.

4.   Update your computer: Keep your operating system, browser and security software up-to-date.




5.   Develop strong passwords and change them often. Check out the newest protocol on how to create strong passwords, do not use simple passwords such as Password123456, birthdates, pet names or other information that is easily found (e.g.: social media). Change your passwords often.

6.   Don’t open invoices or documents from unknown sources and delete spam. Most hackers gain access to email accounts with phishing emails. These are usually emails with zip files attached, claiming to have invoices or documents that require you to enter your credentials to access it. Also be sure to get rid of spam. Sometimes even opening an innocent message or clicking on an unrecognizable link can infect your computer with spyware. When it doubt, toss it out.

7.   Carefully review wiring instructions and look out for inconsistencies. For example, if you and your client have been working with XYZ Title Company in Denver, and the wiring instructions list Jane Doe Title Company out of Florida, something is clearly wrong. It may not always be this glaringly obvious, so look out for any inconsistencies (e.g. a different street address in the same city or a different telephone number).

8.   Verify, verify, verify. Fraudsters are using compromised email accounts, fake websites, and changing phone numbers as ways to misdirect valid payments into their hands. Do not use the number listed on the wire instructions as fraudsters can easily change that information. It’s a good practice to always verify payment instructions in person or by calling a phone number that is publicly available and listed on multiple sites and resources.

As Realtors, Ken and I have a big responsibility in making sure that these kinds of issues don’t happen to our people. When in doubt, ask questions, reach out, and if something seems fishy, it probably is.