Fraud is one of those issues that we don’t like to think about in the mortgage industry. Yet it always seems to be there, lingering on the fringe of our focus. From time to time, the topic bubbles up in the news or at a convention. We talk about it a bit, giving it the proverbial “15 minutes of fame.” But rarely are we forced to drastically alter the way we do business or invest large amounts into protecting ourselves from it. Inevitably, it seems a vendor comes along with a new technology, and the fraud (or, at least, the coverage of it) goes away. Or our service providers tweak the way they operate. At the very least, the issue always seems to go away to the extent that we can return our full attention to emerging markets, new loan products and sales strategies.
That’s about to change.
The latest mortgage fraud to affect the mortgage industry is being called wire fraud or down payment wire fraud. Each case tends to involve a combination of email hacking, identity fraud and wire fraud. A scammer hacks the sensitive data of an impending mortgage transaction, assumes the identity of a party involved (such as a real estate agent or title/closing professional), and attempts to convince another party to change the down payment wiring instructions so that the down payment is actually sent to the fraudster’s account. Sounds simple enough. Should be easy enough to quell, right?
The speed at which these scams are evolving, and the lengths scammers are willing to go to in order to fool us are at once impressive and terrifying. The latest iteration of wire fraud is one that will take an entire industry to stamp out.
Let’s start with the scope of the threat. If you’re a mortgage originator of any kind (lender, broker, etc.) …or involved in the mortgage transaction in any way, but feel this threat isn’t something you’ll ever encounter, consider these numbers:
- $5.3 billion: The amount targeted by perpetrators in the mortgage industry alone in 2016 (source: FBI)
- 480%: Year-over-year increase in wire fraud scams reported by title companies to the Internet Crime Complaint Center (IC3) in 2016.
- 15%: The amount of perpetrated fraud attempts actually even reported in 2016! (Source: IC3)
- 2,370%: Increase in identified exposed losses to the most typical of wire fraud scams between January 2015 and December 2016.
- 103: Number of nations to which fraudulent transfers have been rerouted (Source: IC3 and ALTA)
The threat from wire fraud is wide. It’s international in nature. It’s difficult to track. And, its perpetrators are growing increasingly more sophisticated in their ability to disguise its true nature. Some fraudsters are now even using things like phone porting technologies to camouflage their phone numbers to resemble those of authorized parties to the transaction. Even “call and verify” is no longer a foolproof way to thwart wire fraud.
New technologies aimed at thwarting this epidemic are already starting to come online. But there are other things that can be done as well. I start by imploring readers to ask themselves this question: “How confident am I that my service providers are working actively to protect my interests?” This applies especially to lenders and originators, but can be fairly asked of real estate professionals, settlement services firms and more. The fact is that numerous parties touch each mortgage transaction. Multiple entities are asked to protect sensitive data that can be used by hackers to separate lenders and consumers from their funds. And many of these entities are falling well short in that task.
Even now, in the wake of an industry-wide scramble to comply with TRID, lock down vendor networks and protect personal data, many firms still trust service providers they know little or nothing about. Many times, these service providers have no vested interest in the outcome…and it shows in the way they go about their business.
Ask yourself what you really know about your title agent; closing professional; vendor manager; correspondent lender and so forth. Are you sure they’re constantly and consistently working to make themselves as “fraud-resistant” as possible? Are they regularly educating themselves (and even you) about the latest fraud scams? Do they research and invest in technology and trained personnel positioned to protect you? And if they were doing the right things when you first sent an order their way years ago; are they still doing those things today?
It seems that, like any other criminal, the typical wire fraud perpetrator looks for the easiest target. Even if we can’t prevent 100% of wire fraud at the moment, we can make ourselves and our clients “harder targets.” But that starts with the questions above—and the answers you get. Because if you’re not even asking them, chances are, you’re not far from learning about wire fraud the hard way.