Last week, a UD alumnus was shocked to be told at the closing that the mortgage broker had not received his wire transfer of funds to cover the closing costs and down payment. The buyer had wired the funds and had a valid receipt that the funds had been transferred. Where were they?

What happened?

It turns out that the mortgage broker’s email account had been compromised: A criminal had used the account to email the buyer. As a result, the buyer had wired the funds to the scammer’s bank. The buyer reports that another of the same broker’s clients was also tricked into wiring money to a scammer’s bank.

In both cases, email that appeared to come from the broker’s email account reminded the buyers to wire the funds and provided the information necessary for a wire transfer—to the scammer’s bank. Neither buyer questioned the change in bank from the one the mortgage company had agreed to use. Neither noticed that the “Reply-to:” field was not the mortgage broker’s real account nor that of anyone else at the mortgage company.

Next, the scammers emailed multiple, insistent reminders to the buyers. These emails also appeared to come from the broker’s email account, but the “Reply-to:” address was still not the broker’s account. The buyers should have found it odd that the broker was repeatedly emailing them: One or two notices would be the normal business practice. In this case, the scammers sent multiple messages to create a false sense of urgency.

How can you recover from this kind of fraud?

  • The UD alum reports that his bank is helping him recover the funds out of which he was defrauded and that he expects to be able to complete the closing on his house in the near future. His chances of recovering the money have been increased because he followed the advice that the University gives people subject to financial cyber fraud:
    1. Report the fraud to local police immediately.
    2. To aid in recovery of funds, give the police report number to all parties affected by the fraud—in this case, the buyer’s bank, the mortgage broker, the real estate agent, the bank that was supposed to receive the funds, and, if known, the bank that received the wire transfer.
    3. Report the fraud to the FBI’s Internet Crime Complain Center (IC3).

    By following those reporting procedures, the buyer also helped make law enforcement and financial institutions more aware of this type of fraud. As one person at the failed closing said, “I’ve heard of this kind of scam, but this is the first time I’ve seen it.”

  • The buyers and the mortgage broker affected by this scam may also have to deal with future instances of identity theft. At this time, it is not known how much of the broker’s or her clients’ personally identifiable information (PII) were exposed by the breach of the broker’s account.

    If you are affected by fraud like that described here, you can find further advice about remediating the situation by following the Federal Trade Commission’s Identity Theft Recover Steps.

How can you reduce your risk from this kind of fraud?

  • To reduce the risk of your own financial, email, UD, and other accounts being compromised, use multi-step or two-factor authentication (2FA) whenever possible. That way, even if a hacker has your account name and password, he probably won’t be able to get into your account without another secret code. UD, Google, Amazon, Yahoo, and most financial institutions now offer this additional safety feature for your accounts. In this case, if the broker’s account had been protected with 2FA, the scam may have been prevented.
  • When your money is at stake, carefully examine email that asks for payment. Examine the links, the alleged sender’s email address, reply-to address, and body of the message for anything that does not jibe with previous information you have received from the company or financial institution with whom you are doing business. In this case, the broker’s clients missed several clues that they were being scammed.
  • If you have even the least suspicion that things are not on the up-and-up, contact the company or financial institution with whom you are doing business. Do not just reply to the email, but contact the alleged sender using known or published telephone numbers or websites. In this case, if the UD alum had called his mortgage broker to check on the email message he’d received, he would have been spared much inconvenience and would have alerted the broker to the scam before it came to fruition.
  • Cyber crime is on the rise! Scammers use spoofed and compromised accounts to commit fraud every day. Be alert. Report scam attempts. Think B4 U Click!