Earlier this year, I wrote about the email compromise scam in real estate. In a realtor’s forum recently, a fellow agent shared details of a hack literally in action.

A Hack in Action

The agent shared that she was in escrow representing the seller. The buyers received an alert in their personal bank account—the same account that would be used to wire money to escrow—that a new, external account had been set up, labeled “Escrow account.” The alert prompted the buyers to confirm  the amounts of two wire deposits into this new “Escrow” account, which would ensure they were in fact the owners of this new account. The buyers’ bank accounts and the lender for the new home loan are the same, but this trial confirmation request was with First American Trust. The title company in this escrow is First American Title.

Confused, the buyers contacted their realtor, who called escrow, the lender and the seller’s agent to inquire whether this was standard in Northern California, as it was the agent’s first transaction in the area. Of course, all three confirmed that no, it was not.

This incident happened the day before both buyers and sellers were scheduled to sign closing papers.

The bank’s fraud department traced the hack to a login from India that used ISP HostRoyale Technologies Pvt Ltd. It turns out, the buyers’ emails were hacked, and the hackers were following their emails for the previous 24 days while the buyers were in escrow. The hackers were able to go into the buyers’ personal bank accounts to set up the fraudulent “Escrow” account.

The takeaway? Buyers need to be on the alert for any usual activity in their accounts, and no money should ever be transferred to any accounts without being verified by both escrow and the lender. An experienced real estate agent can help you double check every part of this process — another big benefit of having a good agent in your corner.