Colorado Banker - July/August 2018

16 O V E R A C E N T U R Y : B U I L D I N G B E T T E R B A N K S - H E L P I N G C O L O R A D A N S R E A L I Z E D R E A M S Wire Transfer Scams: What Happened to the Closing Proceeds?! BY ED BARKEL, LEWIS ROCA ROTHGERBER CHRISTIE LLP C losing day for a home purchase, a real estate transaction or the purchase of a business is always an exciting day. Unfortunately, internet thieves are targeting financial insti- tutions, professionals and individuals participating in financial transactions seeking to steal wire transfers used to fund the deals. According to the FBI, between October 2013 and May 2016, thieves diverted or attempted to divert wire transactions valued in excess of $3 Billion. 1 Hackers are very sophisticated and very crafty. A frequent scam works like this. Hackers target email accounts of realtors, title companies, business bro- kers, banks and law firms. They may even search press releases or social me- dia looking for upcoming transactions and new targets. Once they hack into an email system, they use software to search for key words like “closing” and “wire transfer”. The hackers then mon- itor email traffic to identify the date of a transaction, the parties involved in the transaction and wire transfer instruc- tions. In most transactions, an email is circulated describing the breakdown of the closing proceeds, the parties to re- ceive proceeds and wire instructions for each recipient. On closing day, the hacker will try to take over the targeted email account or mimic the sender’s email by creating a new fake email domain that looks like the sender’s email account. 2 Then the hacker forwards the original wire transfer instruction email string substituting “updated wire instructions” for the targeted proceeds. The parties sign the documents, the bank uses the “updated wire instruc- tions” to deliver the purchase funds and everyone is happy, right? Yes, until the bank or the buyer’s representative picks up the phone and is asked: “What happened to the closing proceeds?” At that point the money is gone and the buyer, seller, the bank and anyone who relied upon the bogus instructions will be pointing fingers at each other in an effort to avoid liability. Best Practice Tips fromthe FBI 3 • Be careful when posting deal information, job duties/descrip- tions and hierarchal information to social media and compa- ny websites. Hackers will lace emails with details designed to enhance credibility. • Be suspicious of requests for se- crecy or pressure to take action quickly. Be on heightened alert if you receive a request to hide changes to the transaction from deal participants or to move up wire transfer deadlines. • The FBI recommends the imple- mentation of security and verifi- cation procedures. For example: o Out of Band Communi- cation: Establish other com- munication channels, such as telephone calls, to verify wire transactions. When using phone verification, use previ- ously known numbers, not a number provided in an e-mail requesting a wire transfer or changing wire instructions. o Two-Factor Verification: Arrange a second-factor au- thentication early in the relationship and outside of