| Threat actors can perform reconnaissance by searching for and weaponizing publicly disclosed data and using a variety of impersonation techniques to convince their target that they are known and trusted parties involved in real estate transactions, including attorneys, real estate agents, brokers, title agencies, escrow services, mortgage companies, third-party vendors, buyers, and sellers. To appear legitimate, they spoof a familiar contact’s source name or email address or use domain names that mimic a trusted source in spearphishing attacks. The messages typically instruct the target to transfer funds, divulge sensitive information, or submit account credentials via phishing links to the threat actors posing as trusted individuals. |
| Threat actors target and gain unauthorized access to legitimate email accounts using compromised credentials. Compromised email accounts contain a wealth of information, including personally identifiable information (PII), various forms of identification, legal documentation, settlement statements, closing disclosures, and pre-closing transactions. One part or a combination of this information can be used to commit further malicious activities, such as identity theft and fraud. Real estate wire transfer scams can result in system compromises, data breaches, financial losses, and reputational damages. |
| The NJCCIC continues to receive reports of impersonation scams and wire transfer fraud in real estate transactions. Threat actors targeted numerous New Jersey title agencies and real estate attorneys, compromised email accounts, and sent fraudulent wire transfer instructions. The funds were typically transferred before the scheme was discovered. Threat actors are likely to increase their targeting as spring and early summer approaches, as these seasons generally are peak for real estate, both selling and buying. |