Could You be a Target of Cyber Fraud?

Here are some tips from the FBI on how to avoid becoming a victim of fraud.

Dear Members,

It wouldn’t be late August/early September without a hurricane brewing… so keep an eye on what is happening in the Atlantic Ocean. Here’s hoping that the storm doesn’t get large enough or close enough that it is within the “zone” where insurance companies say “no thanks” and bring all closings to a halt!

I received some very interesting responses to my warning last week about email fraud, cyber fraud, bank account hacking, etc. Within an hour of my email, I received a half dozen responses from Members telling me of their similar experiences! I got a phone call from a Member in Miami-Dade who had his mail stolen and trust checks altered, his bank account password stolen AND had his cell phone number ported to another carrier! He was able to prevent any losses but only because HE was vigilant and had great support from his bank – which contacted him when they saw an unusual payee on a check.

Last week, Florida Land Title Association sent out an excellent alert with all kinds of information from the Federal Bureau of Investigation. I have copied some of the suggestions for safer procedures below. Here is a link to the full alert.

• Avoid free web-based e-mail accounts: Establish a company domain name and use it to establish company e-mail accounts in lieu of free, web-based accounts.
• Be careful what is posted to social media and company websites, especially job duties/descriptions, hierarchal information, and out of office details.
• Be suspicious of requests for secrecy or pressure to take action quickly.
• Consider additional IT and financial security procedures, including the implementation of a 2-step verification process. For example -
  • Out of Band Communication: Establish other communication channels, such as telephone calls, to verify significant transactions. Arrange this second-factor authentication early in the relationship and outside the e-mail environment to avoid interception by a hacker.
  • Delete Spam: Immediately report and delete unsolicited e-mail (spam) from unknown parties. DO NOT open spam e-mail, click on links in the e-mail, or open attachments. These often contain malware that will give subjects access to your computer system.
  • Forward vs. Reply: Do not use the “Reply” option to respond to any business e-mails. Instead, use the “Forward” option and either type in the correct e-mail address or select it from the e-mail address book to ensure the intended recipient’s correct e-mail address is used.
  • Consider implementing Two Factor Authentication (TFA) for corporate e-mail accounts. TFA mitigates the threat of a subject gaining access to an employee’s e-mail account through a compromised password by requiring two pieces of information to login: something you know (a password) and something you have (such as a dynamic PIN or code).
• Significant Changes: Beware of sudden changes in business practices. For example, if a current business contact suddenly asks to be contacted via their personal e-mail address when all previous official correspondence has been through company e-mail, the request could be fraudulent. Always verify via other channels that you are still communicating with your legitimate business partner.
• Create intrusion detection system rules that flag e-mails with extensions that are similar to company e-mail. For example, legitimate e-mail of abc_company.com would flag fraudulent e-mail of abc-company.com.
• Register all company domains that are slightly different than the actual company domain.
• Carefully scrutinize all e-mail requests for transfers of funds to determine if the requests are out of the ordinary.

Keep your wits about you and good luck! It’s a jungle out there………

DOUBLETIME® 7.0.4: The most recent update to DoubleTime has been available for about a month, but only a little more than half of you have taken the few minutes required to install this important update. This update fine-tunes the Closing Disclosure and the ALTA Settlement Statements. The ALTA Settlement Statement now shows the charges for the title premiums the way they “should” be shown, using Florida Promulgated rates, and not the way TRID requires that they be shown on the Closing Disclosure. In most cases, when the transaction is a purchase and sale, the seller pays the premium for the owner’s coverage and the buyer pays the simultaneous issue and lender endorsements. The Contact Information table on Page 5 of the Closing Disclosure has been further automated to make it easier to complete. There are over 100 other “behind in the scenes” tweaks and improvements in this update, so please complete your installation as soon as possible. If you have any questions, please visit the DoubleTime® Support Center page at www.thefund.com/DT7 or contact The Fund’s Helpdesk at (800) 421-9378.

I hope you have found this information helpful. Thank you for your support of The Fund!

Best Regards,

Melissa Jay Murphy
Senior Vice President and
General Counsel