What is BEC & how should title agents avoid fraud?

“Business Email Compromise or BEC is a type of scam that targets businesses & their fund transfers. Scammers generally target organizations that conduct large wire transfers in the course of their usual business and rely on email for much of their communication regarding the wires” – FinCEN.

The scammers usually compromise a key email account by methods such as phishing, social media engineering or spoofed emails. They then fraudulently transfer funds to criminal controlled accounts. Often, the victim who receives the email is tricked into thinking that it is a legitimate email from a trusted source & continues with making the payment not knowing that they are transferring money to the fraudster’s account.

Losses due to attempted business email compromise schemes have seen an almost 3x rise per month since 2016. An average of $301 million per month in 2018 as compared to $110 million per month in 2016. –  Financial Crimes Enforcement Network (FinCEN)

Manufacturing /construction firms were the top targeted sectors for BEC fraud followed by commercial services. But the real estate industry, although third, saw a 16% increase of BEC fraud in 2018 as compared to 2017.

Source: FinCEN

Frequent high-value transactions along with an improved market will continue to make the real estate market an attractive target for these types of BEC scams. Real estate firms have the highest average fraudulent transaction amount at $179,001.

Top BEC identified scam types

What are the top scam types? Fraudulent vendor or client invoices are the most common BEC method because of the potential of greater financial gain with the average transaction amount being $125,439. A vast majority of suspicious activity reports also stated that the scammer impersonated a realtor or agent on the sale side of a real estate transaction, directing the buyer to wire money to a fraudulent account.

FIncen 2
Top BEC identified scam types – FinCEN

Title & settlement companies are on the front line in the battle against wire transfer fraud & need to be aware of how to tackle both BEC & email account compromise (EAC) frauds. As a title agent, you need to:

1. Understand the legal & regulatory requirements for your operation– There are several requirements, like the Gramm-Leach-Bliley Act (GLB), which requires financial institutions to explain their information-sharing practices to their customers & to safeguard sensitive data, or guidelines which require private entities to notify individuals of security breaches of information involving personally identifiable information. Leveraging a vendor like SLK Global, which has more than 15 years of industry knowledge, and maintains relevant certifications, can enhance compliance to the latest regulatory and legal requirements.

2. Be aware of the latest threats & schemes- As companies come up with ways to reduce fraud and increase security, it is important that you are aware of the latest solutions, as well as the latest threats. You can get some updates by referring to information security articles published by ALTA here.

3. Have robust technology systems- Ensure that your systems have the firewall turned on. Always make sure that you have the latest Antivirus & Antispyware technology installed. Another critical thing title agents have to be aware of is either not to download or be very careful while downloading email attachments. The FBI website publishes information on how to protect your computer against internet fraud, here Again, leveraging vendors who are SOC 1 & SOC 2 compliant, like SLK Globalcan help title agents access a strong technology and information security infrastructure, and reduce chances of falling prey to fraud and other scams.

Check out these useful links from ALTA to help stop BEC & wire frauds.

Do let us know what you think of the blog & if you want to know more about how our technology-enabled solutions can help you mitigate risks and streamline your operational workflow click here.

Leave a Reply

Your email address will not be published. Required fields are marked *