With potential buyers becoming more desperate to secure a property, the hot housing market has been a driving force in the increase in wire fraud and other Internet crime schemes, the head of a title industry verification company said.
Internet crime schemes involving business email compromise typically used to intercept wire transfers — including those used to send closing funds or loan proceeds — made up one-third of the total losses last year, a Federal Bureau of Investigations report stated.
The J. Edgar Hoover Building, headquarters of the Federal Bureau of Investigation
In 2021, the Internet Crime Complaint Center received 19,954 business email compromise and related email account compromise complaints with adjusted losses of nearly $2.4 billion.
CertifID works with law enforcement to help victims recoup their losses. In investigating those instances, “the common theme with regard to residential homeownership is that there’s not only this fear of missing out, but this transactional fatigue that takes place,” said Tom Cronkright, its executive chairman, who also owns a title company that was victimized twice by BEC fraud.
The typical homebuyer has probably made offers on at least five homes, before their sixth or seventh gets accepted, but they’ve offered over the asking price, and contingency clauses for things like inspections and appraisals have been waived, he said.
“They’re committed to closing this transaction because they know what it’s taken over the last several weeks or months to get to a point where they have something that they can own,” Cronkright said. “So, what it does at the end of the transaction, when everyone should be at a heightened stage of alert, that fatigue sets in.”
It makes the buyer more susceptible to phishing attacks. After all, they already have been sending funds via electronic funds transfer for various items during the process.
And the fraudsters have gotten more sophisticated in their attacks. They make a case to the buyer as to why the money needs to be sent by wire transfer, and claim that the entire transaction could be in jeopardy if they don’t cooperate, Cronkright said.
The fear of losing the property makes the fatigued buyer less cautious than they should be.
“The cyber scammers are really focused on real estate because they’re seeing just how large the sum of monies between parties are being transferred,” he continued. And the losses are even higher if the home purchase is supposed to be an all-cash transaction.
“What stood out for me in the report is that cybercriminals are becoming more efficient,” Cronkright said. “So the number of instances went up 7% but they extracted 64% higher gains.”
For all kinds of computer-related fraud, IC3 received 847,376 complaints with $6.9 billion of losses last year. In 2020, complaints totaled 791,790 with losses of $4.2 billion.
Losses relating to BEC and EAC increased by 33% in 2021 over the previous year, to $2.4 billion from $1.8 billion, with the per-incident loss increasing from $92,932 in 2020 to $120,277. The IC3 report notes BEC fraudsters target real estate transactions among other deals.
The number of complaints by real estate investment and property rental fraud victims totaled 11,578, a 15% decrease from 13,638 in 2020. Despite that, the total reported losses of $350.23 million was an increase of 64% compared with the prior year’s $213.2 million.
While almost three-quarters of the victims of online crimes were over 40, the associated loss from those aged between 20 and 29 more than doubled compared with 2020. This increase among younger victims is likely a result of this age group entering the highly competitive home purchase market, which in many ways is driven by the increase in work-from-home, Cronkright said.
In the 20-to-29 age group, 69,390 victims with losses of $431.1 million filed an IC3 report. This compares with 70,791 victims with $197.4 million in losses for 2020.
Those between 30 and 39, who are also moving heavily into homebuying, made 88,448 reports to IC3 with losses of $937.3 million. For 2020, IC3 received 88,364 reports from victims in this age range, but the dollar loss was $492.1 million.
The IC3 received 3,729 complaints identified as ransomware with adjusted losses of more than $49.2 million during 2021. In June, it started tracking ransomware reports in 16 of what it defined as “critical infrastructure sectors.”
Of the 14 sectors with at least one ransomware report, the broad category of financial services ranked second, with 89, trailing only healthcare and public health at 148.
Meanwhile, fraudsters are also using online romance scams, in which an innocent party is taking the ill-gotten gains into their account. This helps the criminals avoid the banks’ know-your-customer rules.
“Of the 130-plus recoveries we were involved in last year, probably 75% of those went into accounts of people that believed they were helping this online dating person with a transaction in the United States and they were being recruited not knowing [they were] an unwitting money mule,” Cronkright said.