« All Cash Buyers Highest Since 2014 | Main | Fresh Phish: Microsoft Authenticator »


Have You Heard of Lender Fraud? Email Solution Helps Title Company Prevent Theft

Example of rpost

Paul Hofmann WTP attends ALTA’s Large Agents Conference because he gets to hear from similar-size companies about the issues they are facing. During the January event, Hofmann learned about a service that tracks outbound email and monitors for anomalies after it’s delivered.

Intrigued by the technology, Hofmann, owner of Washington-based Aegis Land Title Group, signed up with RPost. A day after implementing the solution, Aegis Land Title Group detected two of their emails were opened in Russia.

“Seeing the emails were opened in Russia was an immediate red flag,” Hofmann said. “Then we had to start investigating and making phone calls.”

That’s when things really started to get interesting.

The title company’s emails were delivered to a U.S. server and then auto-forwarded and opened on mobile devices in Russia. This activity triggered high-risk alerts back to Aegis’ security team. A quick investigation revealed the title company was involved in a transaction with a fraudulent lender.
Aegis was working with a borrower refinancing two commercial properties. The consumer found the lender online. It turns out the lender was a fake. Despite having the appearance of a legitimate website and allegedly operating in 49 states, Aegis uncovered inconsistencies. When checking the lender’s address in South Florida, a Google Street View displayed an image of a duplex apartment. Additionally, when they called the lender’s main phone number, it was disconnected.

“I’ve been in the title for 30 years and haven’t experienced this type of fraud,” Hofmann said. “The technology is pretty simple and puts a beacon in the email. The geofencing (a virtual perimeter for a real-world geographic area) and categorizing of emails based on the country where the emails are opened and then ranked by risk made the whole package worthwhile.”

Mike Rooney, vice president of enterprise sales at RPost, said the technology pings their servers every time there’s activity with an email after it’s been delivered. The solution identifies the location, network, and several other proprietary risk indicators. RPost then uses analytical AI to make risk-based decisions for customers.

“In real time, the technology can detect these anomalies and trigger high-risk alerts to customer security teams. These alerts serve as an early warning signal and prompt proactive fraud investigations, before it’s too late,” Rooney said.

RPost’s solution also checks a nefarious network list, an evolving list of networks which has been associated with fraud in the real estate industry. Title companies that work with RPost participate in this list by providing information about suspicious networks.

“The solution was built for email eavesdropping and is now detecting different types of fraud impersonations, such as this case of lender fraud which had nothing to do with eavesdropping,” Rooney said.

Hofman said his company has already caught two other fraudulent transactions, which resulted in 30 phone calls.

“The phone calls we’ve made after getting the ‘red’ alerts have been great on the sales and marketing side because our customers really feel like we are actively looking out for them,” he said.

Hofmann added he’s seeing this type of fraud spread.

“We’re also seeing construction disbursement fraud, with criminals sending fake invoices to title companies,” he said. “Having this technology in place is key because these things are evolving fast. Title agents should also look at their passwords and auto-forward settings, and implement multi-factor authentication.”


Feed You can follow this conversation by subscribing to the comment feed for this post.

The comments to this entry are closed.