by: Danielle Centofranchi, ECA Marketing Coordinator
With the ever evolving World Wide Web, it is no surprise that cyber criminals are becoming more prevalent within this digitally based Avatar community. It is becoming typical to hear about how multimillion dollar corporations encounter privacy breaches, losing control of their clients’ personal identification information, financial assets, and an array of other private data. To better understand the brink of how this can unfold to become a company’s potential nightmare, I entered ‘cybercrimes’ in a standard search engine. Not having the time to sift through the slightly over three million results, I researched the relevance as to how this can affect people in the title industry, and what proactive services are in place to protect the consumers and clients from potentially losing their personal and financial identities.
Spoofing and phishing are the two most commonly used ways in which hackers, or cybercriminals as they are referred to, can steal information necessary to complete title insurance and settlement services via the internet. This includes, e-mail, website communication, and smartphone use. Spoofing or imitating email addresses, is when the cybercriminals create email messages with a forged sender address, making it seem as though the email came from a legitimate contact, even though it did not (2015, Tyler, 2015). Phishing refers to an attempt to obtain identifying information, such as usernames, passwords, or account information by pretending to be a trustworthy electronic source (Yohe, 2015). Jeremy Yohe, from TitleNews, discusses how cyber thieves have begun targeting email accounts belonging to attorneys, title agencies, and real estate agents (2015). These criminals have devised a scheme where they pose as active participants in traditional closing transactions that occur immediately prior to the closing. The criminals create spoofed emails and send wire instructions to the purchasers, ordering the clients to deposit funds in to a fraudulent account.
Scary, right? The good news is that crimes of this nature are preventable when certain steps are taken by the title companies. These steps include setting up a two-step verification system to authenticate monetary transactions. Utilizing a data protection approach can ensure that information is secure and protected when shared over multiple networks, otherwise known as encryption software. And, safeguarding yourself as the consumer or client by inquiring if the company you are using has policies in place to protect against cyber attacks.
East Coast Abstract recently adopted the American Land Title Association (ALTA)’s Best Practices Compliance Manual. Pillar No. 3 discusses how ECA adheres to both federal, and state laws, including the Gramm-Leach-Bliley Act, which requires title companies to develop a written information security program which outlines procedures that are employed to protect not only personal information, but non-public personal information (NPI), as well (Yohe, 2015). In addition, ECA utilizes an encryption program to utilize when sending out e-mail with sensitive data and personal identification information, to prevent against email spoofing and phishing.
Understanding the importance of protecting our clients’ personal and financial assets is part of the standard of excellence we have established at ECA. With this at the forefront of our practice, we also have worked to ensure protection utilizing wire transfers, physical security controls and network security controls and have executed an acceptable use of information technology policy. Putting our motto, “when good enough is simply not good enough,” into practice, we want to ensure that we provide each client with an assurance that we will secure their personal and financial information to the best of our abilities.
Tyler, L.A. (2015). Spoofing. Fidelity National Financial 10(8), pp 1-4.
Yohe, J. (2015). Ramping up cybersecurity: The next big thing. TitleNews, 94(5), 10-15.