« FTC Develops New Tools for ID Theft Victims, Provides Tips for Businesses to Protect Data | Main | Title Pros Explain Why You Should Attend ALTA's Business Strategies Conference »


Title Agent Snuffs Out Fraudulent Email Attempting to Obtain Funds   

A title agent’s diligence in Washington successfully prevented a fraudulent email request for the company to send a wire transfer.

Maureen Pfaff, general manager and chief financial officer for Olympic Peninsula Title Co., recently received a random email requesting the company wire nearly $11,000 to a TD Bank in Florida.

Pfaff said she knew immediately the email was fraudulent because the message came from her father, who wouldn’t make a request like this via email.

“Additionally, the formality of the email and signing it the way they did was a dead giveaway,” Pfaff said.

Realizing it was a scam, Pfaff strung the criminal along, eventually sending something encrypted so she could get an IP address to include in the complaint filed with the FBI. Pfaff created a fake wire transfer notification in an encrypted email, which generated a report when opened.

Pfaff said this was the third fraud attempt the company has experienced in the past six months.

“They’ve all been different strategies,” she added.

Title professionals who receive these types of emails should report the incident to the FBI’s Internet Crime Complaint Center, which is used to track trends in criminal activity.

Below are some of the emails between Pfaff and the fraudster (click to enlarge the image):

  Emails-1 Emails-3

Emails-5 Emails-7









Criminals use various tricks to obtain information and money. Here are several other schemes title professionals should be aware of that are being used by criminals:

  • Social engineering: This is the practice of manipulating users into performing certain actions that will provide the attacker privileged information.
    • Example: WHMCS is a firm that makes online billing and invoicing software that tie into a company's client data and financial backend. One of their database administrators loved social media. Now, he wasn’t putting passwords out there or detailed data about company. But a hacking group used his social media profiles to create a document on him that included everything from his kids’ names and his anniversary to his hobbies and interests outside of work. The hacking group called WHMCS, impersonating the guy, to supposedly reset a forgotten password. When the rep asked the standard security questions, they knew so much about this guy that they knew all the answers. So the company reset the password, the hacking group was in, and they proceeded to download 1.1 gigabytes of credit card numbers and erased all of their databases.

  • Spearfishing: This an email spoofing fraud attempt that targets a specific organization, seeking unauthorized access to confidential data. As with the email messages used in regular phishing expeditions, spear phishing messages appear to come from a trusted source.
    • Example: The perpetrator finds a web page for their target organization that supplies contact information for the company. Using available details to make the message seem authentic, the perpetrator drafts an email to an employee on the contact page that appears to come from an individual who might reasonably request confidential information, such as a network administrator. The email asks the employee to log into a bogus page that requests the employee's user name and password or click on a link that will download spyware or other malicious programming.  If a single employee falls for the spear phisher's ploy, the attacker can masquerade as that individual and use social engineering techniques to gain further access to sensitive data.

  • Whaling: This is a phishing scheme that targets upper management and their access to sensitive information. A successful attack can yield executive passwords and other account details that can open up corporate hard drives, networks and even bank accounts.
    • Example: In 2008, 20,000 CEOs were sent an email masqueraded as a federal subpoena. The official-looking email instructed CEOs to click a link to download special software with which to view the subpoena. About 2,000 CEOs responded unwittingly downloaded a key logger that captured passwords and other sensitive data and sent it back to the phishers. Armed with access, the phishers launched further attacks against those companies.

  • Microphishing: In this scheme, targeted emails are crafted and sent to employees.
    • Example: The hackers will learn someone’s tendencies and copy them in emails. For instance, someone may constantly invert two letters when typing, use a nickname in emails, use Esquire or have an image of their signature. This is a common target for wire transfers. Staff at title companies should be aware of fictitious email that may come from a lender directing transfer of funds to an incorrect account.


Feed You can follow this conversation by subscribing to the comment feed for this post.

Verify your Comment

Previewing your Comment

This is only a preview. Your comment has not yet been posted.

Your comment could not be posted. Error type:
Your comment has been posted. Post another comment

The letters and numbers you entered did not match the image. Please try again.

As a final step before posting your comment, enter the letters and numbers you see in the image below. This prevents automated programs from posting comments.

Having trouble reading this image? View an alternate.


Post a comment