ABC Denver 7 recently reported a story about a family victimized by wire fraud and scammed out of $272,000. James and Candace Butcher sold their home in Longmont, CO and planned to use the proceeds as a down payment on their new home.
The couple was informed by the real estate agent that they would receive wiring instructions prior to the closing. They received the instructions via email two business days later from someone posing as a Land and Title representative. Unfortunately, the instructions were fraudulent and the Butchers unknowingly wired the funds into a hacker’s account.
The couple is now suing all of the parties involved in the transaction: Wells Fargo, Land Title Guarantee Company, Envoy Mortgage and Kentwood Real Estate. Ian Hicks, the couple’s lawyer, indicated that the perpetrator hacked into one of the company’s servers and gained access to sensitive information and then strategically emailed the fraudulent wire transfer instructions. Their lawyer also noted that Wells Fargo impeded the investigation and neglected to inform the Butchers of the FBI’s “Financial Fraud Kill Chain,” which can prevent a wire transfer and return the funds back to the victim within 72 hours.
The $272,000 was the Butchers life savings. They can no longer purchase their new home and have been forced to move into their son’s basement. It’s a heartbreaking story.
It may seem trivial but I’d like to know which system was compromised. Did they have multi-factor authentication or two-step verification enabled? Was sensitive information encrypted? What additional security layers were in place?
Perhaps a better question is, why isn’t there a more secure platform / protocol for transferring funds in the real estate industry?