Tim Myers was closing on a home in Fort Wayne, Indiana, when the email he expected arrived in his inbox: A mortgage officer had sent instructions for transferring the down payment and asked that the money be sent within the next few hours. Mr. Myers and his wife went to the Flagstar branch and wired $34,000 to a Bank of America account.
All seemed well, until the next day, when the registrar handling the settlement sent instructions to transfer the down payment through a secure portal. Myers called the company and said he had already sent the money.
Then came the terrible news: he had been scammed.
Fortunately, Myers was able to close the sale on the property anyway and ultimately got his money back. In many cases, victims of real estate escrow fraud never see their cash again, according to FinCEN, the enforcement arm of the U.S. Treasury Department.
How Escrow Wire Fraud Works
The FBI classifies escrow fraud as a “business email compromise” crime. More than 21,000 such crimes were reported in 2023, with total losses of nearly $3 billion that year.
The amounts stolen can be devastating: In one instance, the FBI reported that it helped a victim recover $426,000 that was sent to a Stamford, Connecticut, home in 2023.
Scammers know that big money is involved in real estate transactions. At closing, the buyer pays the seller either a down payment or the full purchase price, which can be tens or hundreds of thousands of yen.
With all of the escrow funds at risk, scammers will look for a weak cybersecurity link anywhere in the transaction, and that link typically has to do with the real estate agent, loan officer, recording company or closing attorney.
And then the hacking begins. Once the scammers have access to that person or entity’s online activity, they learn who is trying to buy a home. The buyer receives an email, phone call or text message from someone claiming to be a settlement solicitor or a registration company with instructions on where to send money.
That’s what happened to Myers: The email he received included an exact description of the property he was looking to buy, the company logo, and the loan officer’s contact information.
“It looked real,” Myers said, “and even had this ridiculous instruction that said, ‘Beware of wire fraud.'”
Signs of a real estate fraud
- The email address doesn’t match. Scammers often use a Gmail address instead of an address associated with the company’s domain. In a twist, the initial email address may look legitimate, but when you click on the reply, the recipient’s different address will appear.
- Wire transfer instructions will be provided in the body of the email, not in the secure portal.
- The content of the email is urgent or confusing: The scammer may claim that a wire transfer needs to be made immediately, or the instructions may contradict what was explained to you by the closing agent.
- The email has irregularities in formatting, grammar, and spelling. If the email is actually from a mortgage loan officer or real estate company, it will be professionally written and won’t have funny spaces or wording.
- Scammers won’t answer the phone. Even if the email includes a phone number, the scammer may claim they are too busy to answer.
- You’ll have to make a large down payment. Scammers tend to go after deals that involve large down payments and are less likely to target loans with no or small down payments.
Fraudsters typically move money from one bank account to another, from where it’s often moved overseas or into cryptocurrency, making it nearly impossible to trace or recover, said Claudia Li, vice president at CertifID, which sells fraud recovery services and wire fraud insurance.
“Our realistic view is that if it’s been more than 24 to 48 hours, the chances of recovery are not high. They were never going to be high to begin with,” Lee said.
Myers transferred $34,000 during his lunch break on Monday and realized he’d been scammed by noon on Tuesday. He believes he sent the money to a Bank of America branch in Indianapolis. After multiple phone calls, he was able to get through to a branch manager, who agreed to flag the transaction for further investigation.
The criminals were barely thwarted.
“They had about 24 hours to do what they wanted, and thankfully I was quicker than them,” Myers said.
Myers reported the crime to local, state and federal law enforcement and contacted CertifID, and after about four months of tense phone calls, the money was returned.
Myers was lucky: Of the 2,000 escrow fraud victims who reported in 2020 and 2021, only 22% got their full money back, according to FinCEN.
Though the outcome was positive, the crime plagued Myers’ finances for months. The fraudulent use of his Flagstar checking account forced Myers to freeze it, which meant that automatic payments, such as for his children’s daycare, stopped being sent.
Myers still doesn’t know who was behind the attempted theft.
“It’s been a long ordeal,” Myers said. “It’s been a headache to say the least.”
Let’s take another step
Wire fraud is popular among criminals for several reasons. Home sales are run by a vast ecosystem with many avenues through which scammers can infiltrate and many players who don’t always pay attention to cybersecurity. The National Association of Realtors has 1.5 million members, almost all of whom are independent contractors. The American Land Title Association has 6,000 members, many of whom are small real estate companies. More than 5,000 lenders originated mortgages in the U.S. in 2023, according to federal data.
The ultimate target is home buyers, many of whom are trying to navigate a lengthy, complicated buying and selling process filled with seemingly endless steps and bewildering jargon.
“It’s a daunting process, especially for first-time buyers,” said Diane Tomb, CEO of the American Land Title Association, who advises buyers to take the quick step of verifying instructions by phone before executing a wire transfer.
“It sounds easy, but in practice it’s not easy,” Tomb says.
Myers realized later that he should have been more cautious. The email with the wire instructions listed the name of a loan officer, but upon further investigation, he saw that the email came from a Gmail account, not a domain for the mortgage company. The wire transfer recipient was an individual, not a business, another red flag.
None of those signs were obvious enough to arouse Myers’ suspicions. CertifID’s Lee said scammers have refined their schemes so that only the most paranoid homebuyers notice the flaws.
“They’re good at it,” Lee says. “They make it look very believable, and they take advantage of the fact that wire transfers are time-sensitive. Nobody wants to miss a home.”
Myers also experienced firsthand gaps in consumer protections: Banks typically reimburse customers for fraudulent transactions, such as unauthorized withdrawals and fake credit card charges. Because Myers had authorized wire transfers to scammers, those protections did not apply.
Myers’ case also hasn’t been reassuring: He spoke with FBI agents, but the investigation has been complicated by the interjurisdictional nature of the crimes, and by the fact that the perpetrators aren’t easily identifiable.
Myers believes he learned a valuable lesson: He will never send money again without calling the recipient to verify their information.
“All of this could have been avoided with a two-minute phone conversation,” Myers said.