A glimpse into the cyber scams that await real estate investors around the corner- Part 2

04 Jul

The "Man in the Middle" Cyber-Attack (Wire Fraud) How it is Executed 

Once a real estate investor has found a deal, they contact a title company to close the deal (it can come from a recommendation or acquaintance). The hacker waits for this opportunity

As soon as the investor sends an e-mail to the title company, the hacker, who has already broken into the investor's e-mail system, starts operating

The hacker sees all the e-mails that the investor sent to the title company. The title company replies with identifying details and the logo of the company and its signature. However, this e-mail will no longer be seen by the investor, since the hacker defined in the e-mail that every e-mail message received from the title company will be moved to the "Deleted Items" folder or another hacker designated folder

This gives the hacker full control over the media, and he can delete e-mails and send the investor fraudulent e-mails from the same email address as the company with a fake company details

In fact, a fictional reality was created with the hacker in place of the real title company

 The hacker follows the investor throughout the process and sees all attachments from the bank and the title company

Even if the investor calls the title company, it will be up to date on all the details since the hacker also sent them emails on behalf of the investor.  The investor will not see or understand that the hacker sent him the fake e-mail which appears to be exactly like the original with other bank details and not the real one

To clarify,  the investor with get a fake details of the wire transfer by e-mail

It is important to emphasize that even if the investor calls the title company, they must make sure to speak with the real title officer and not the false contact the hacker sent.

Once the money has been transferred to the hacker's account, the probability of getting it back is 0. Commonly, the money is converted to Bitcoin or another form of cryptocurrency and cannot be detected. Authorities do not know how to cope and/or do not want to deal with such fraud. The FBI receives about 150 complaints about phishing and wire frauds in the U.S. every day

This is a particularly sophisticated fraud, with the investor exposed to devastating losses in one moment. Such theft is one of the most common thefts in today's digital world which will only worsen in scope and severity

Share this article with real estate investors in the U.S. since awareness is the first stage of protection. There is obtainable protection  and preventative actions  ̶  one is to carry out penetration tests for the computer/e-mail and network, and this will be expanded on in the next article.

* The email will not be published on the website.