Survey: Title Companies Report Increase in Cyberattacks But Mitigation Efforts Help
More than 90% of title insurance companies reported the volume of cybercrime attempts increased or remained the same over the past year, according to a Cybercrime & Wire Fraud Study sponsored by the ALTA Land Title Institute.
Over half of the 470 title professionals surveyed reported an increase in cybercrime attempts from 2021 to 2022, while another 40% reported similar volume of attacks. This is up from 86% that reported an increase or comparable level of incidents from 2020 to 2021.
“Fraud attempts are increasing compared to a year ago, meaning title and settlement companies must be even more vigilant,” said Diane Tomb, ALTA’s chief executive officer. “In response to the increased attacks, more companies have mitigation efforts in place, so while there is still significant concern about the issue, companies are better equipped to protect their businesses and customers.”
Companies with higher transaction volume were targeted with more frequency. According to the survey, 73% of companies with over 250 closings monthly experienced an increase in cybercrime compared to 61% of those with 76 to 250 closings and 38% with 75 closings or less.
While fraud attempts remain elevated, mitigation efforts are helping and more companies are reporting the ability to recover diverted funds. In 2022, 26% companies reported that they were able to recover the total amount of funds incorrectly transferred due to fraud compared to only 17% in 2021. Additionally, two thirds of companies reported recovering more than half of the stolen funds.
When there are losses, a company’s insurance provider typically did not cover its losses due to cybercrime in 2022. Of the businesses that experienced losses, 54% reported their insurance policy did not cover any of the amount, 10% reported that some of the losses were paid, 5% said most losses were paid. Only 7% indicated all the total amount was covered.
Most companies reported that average consumer losses were $100,000 or less, including 14% that reported losses under $1,000, 22% with $1,000 to $25,000, and 24% with $26,000 to $100,000. Two-thirds of companies reported that customers who transferred funds to the wrong account due to fraud were assisted by financial institutions to recover the funds, followed by insurers (23%) and the FBI (22%).
“It’s important that all fraud attempts get reported to authorities, however, cybercrime in the land title industry is underreported,” Tomb said. “While nearly 60% of companies report successful wire fraud attempts to the FBI via the Internet Crime Complaint Center, only a third notify the bureau about attempted fraud.”
Efforts to Reduce Fraud
Compared to last year, there has been a significant increase in the share of companies that conduct mitigation efforts. In 2023, the survey showed that 86% of companies reported to engage in mitigation activities and services compared to 63% in 2022. Two thirds of the companies surveyed reported spending up to $25,000 annually on mitigation efforts.
The survey showed nearly all companies inform customers about the risks of cybercrime targeting real estate transactions. The most common methods include standard warnings on email (85%), oral or telephone warnings (67%), written information mailed to consumers (41%) and specific warnings on the company websites (41%). Companies also often remind customers about cybercrime risks throughout the transaction process. According to the survey, 64% of companies communicated with customers frequently using written reminders, 31% provided warnings or education at the beginning of the transaction process and 30% did so at the time of closing.
“Title insurance companies protect their business and customers by conducting a range of mitigation efforts, including customer and real estate agent training, simulated phishing testing of employees and wire/payee verification software,” Tomb said. “Additionally, companies use ALTA resources, such as the Rapid Response Plan & Outgoing Wire Prep Checklist to protect against fraud. These mitigation efforts help to ease concern of future fraud. While cybercrime remains a major issue, the share of companies concerned that it would impact business over the next 12 to 18 months declined from a year ago.”