The real estate industry battles the rising tide of email fraud

Olufolajimi Abegunde, a Nigerian citizen living in Atlanta, and Javier Luis Ramos-Alonso, a Mexican citizen living in Seaside, California, were each convicted in 2019 in federal court in Tennessee of participating in a sophisticated international email-hacking scheme that bilked its targets out of hundreds of thousands of dollars.

Among those targets were a Memphis-based real estate company and a title company in Washington state that combined were swindled out of more than $200,000 through the scam.

In the case of the real estate company, a spoofed email that purported to be from a real estate agent at the company directed a closing attorney to wire $154,000 in home-purchase funds to a bank account controlled by the fraudsters. A similar business-email scheme was used to fool an employee of the Washington-based title company into wiring $60,000 to a Wells Fargo account that was ultimately controlled by Ramos-Alonso and his partner Abegunde — who had an MBA degree from Texas A&M University.

The illicit proceeds from the closing-fund thefts were then quickly moved from the U.S. bank accounts to various locations in West Africa via wire transfers. Ramos-Alonso and Abegunde — using U.S. bank accounts they either set up or controlled — were acting as so-called “money mules,” then, for a much larger international criminal enterprise.

The duo and their accomplices in the U.S. assisted this criminal group in laundering hundreds of thousands of dollars in illicit funds stolen via sophisticated email phishing schemes and system hacks — also known as business-email compromises (BEC). The criminal groups behind these BEC attacks target the large sums of money involved in home-purchase and other real estate closing transactions and seek to divert wired funds from the intended destination to the coffers of criminals.

The victims targeted can be lenders, real estate agents, title companies and other escrow agents, attorneys as well as homebuyers and sellers. Many of these BEC scams are perpetrated by well-organized overseas criminal groups that operate with the sanction of corrupt or authoritarian governments, which also get a cut of the action, according to cybersecurity experts interviewed by HousingWire.

The nations that harbor these criminal enterprises are typically U.S. adversaries — Russia, China, North Korea and Iran among them — or are simply countries with weak or underfunded justice systems where organized crime can flourish, such as parts of Southeast Asia, Latin America or Africa.

“Robbing a bank with a gun in a mask is old hat,” said Dean Kelker, senior vice president and chief risk officer at SingleSource, a leading provider of property-related services, including title and settlement services. “Now, everybody’s robbing banks with laptops.”

Ugly data

In its 2022 report to Congress on BEC and real estate wire fraud, the FBI reported that between June 2016 and December 2021 there were some 241,206 BEC and email account compromises globally, including real estate BEC scams, that involved a total dollar-loss exposure of $43.3 billion.

A separate report released recently by the Treasury Department’s Financial Crimes Enforcement Network (FinCEN), which is based on a review of Bank Secrecy Act (BSA) filings by financial institutions, revealed that there were slightly more than 2,000 real estate BEC incidents in 2020 and 2021 involving more than $700 million in attempted or processed fraudulent transactions.

The stolen-funds recovery rate in those incidents is not encouraging, either, according to the new FinCEN report. Of the slightly more than 2,000 reported real estate BEC incidents based on bank BSA data only, some 30%, or 613, did not include details on recoveries or were otherwise unclear. For the balance of the reported incidents, full recoveries were made in 447 cases (22.2%), with partial recoveries made in another 292 incidents (14.5%).

“BEC is one of the fastest-growing, most financially damaging internet-enabled crimes,” the FBI’s 2022 report to Congress states. “It is a major threat to the global economy.”

The FBI reported that in 2022 its Internet Crime Complaint Center (IC3) received nearly 22,000 BEC complaints of all types, including real estate scams, that involved adjusted losses of some $2.7 billion. For context, in 2016, the FBI’s IC3 reported that annual losses attributable to BEC scams totaled $360 million.

“If you realize you’ve been scammed, you literally have minutes to a few hours to call the bank,” said Jason Doshi, CEO and co-founder Paymints.io, which provides a secure digital-payment platform for real estate transactions. “If it’s a sophisticated hacker, by the time the bank investigates to figure out what happened, that money’s probably gone.”

Brian Haugli has previously led cybersecurity initiatives for the U.S. Department of Defense and Fortune 500 companies. He now serves as CEO of SideChannel, which provides turnkey cybersecurity services to mid-market and startup companies.

“This is a legitimate business to these folks [the criminals],” Haugli explained. “They have P&L [profit and loss] statements, and they get health care benefits and go on vacations.

“They are operating like a full-fledged business with a mission, a vision and a set of values.”

Cybersecurity experts stress that reported BEC crimes represent only the tip of a growing iceberg that threatens to disrupt the smooth sailing of global commerce. Many BEC victims don’t report being duped by the scams, they say, because the victims fear it could damage their reputations in the business community and among current and potential customers.

Ike Suri is chairman and CEO of FundingShield, a loan-level fraud prevention and risk management company that offers tech-based solutions to help clients securely manage funding processes and avoid wire-fraud schemes.

“Underreporting [of BEC fraud] is huge,” Suri said. “[Getting scammed] is an embarrassment.

“They [companies] don’t want the negative press releases. They don’t want to lose new business, and they don’t want to lose repeat clientele. It is seriously underreported.”

The perfect crime

Doshi said a high-dollar real estate transaction, such as a home purchase, offers criminals a tempting opportunity to commit what seems like the perfect crime.

“It’s just really the perfect recipe, with fragmented parties communicating over email during an emotional experience where a lot of money is involved,” he said. “And you generally don’t have that in any other instance other than purchasing a home.”

Suri added that the pandemic and the rise of remote work has only made it more difficult to guard against a real estate BEC scam.

“In the last few years, with Covid and work-from-home, the ability for a company to have all their employees under one umbrella and on one network, with all sorts of safeguards that they used to have, that kind of falls apart,” he said. “When you have your workforce spread all over the world using different routers, telecom systems and Wi-Fi networks, it becomes harder to fight [BEC] exposure.”

Carla Sanchez-Adams is a senior attorney at the National Consumer Law Center focused on emerging issues in the financial and fintech sectors. She said the homebuyer and seller have few protections or avenues for seeking reimbursement in cases where they are duped by a BEC wire-fraud scam.

“We have definitely heard of cases, and we’ve been consulted on cases, where the homeowner literally three minutes after the payment is sent, realizes, ‘Oh no! This was a fraud,’” Sanchez-Adams said. “And they call their bank to ask them to stop the wire … and the bank … does nothing.

“More attention should really be paid to the banks that are receiving the fraudulent transfers because they already have requirements under the Bank Secrecy Act for anti-money laundering and know-your-customer rules on who they’re allowing to open a bank account.”

She added that if banks were “on the hook, and they had to reimburse consumers, then maybe they’ll do more due-diligence.”

Deanne Rymarowicz, associate counsel with the National Association of Realtors (NAR), said educating parties in a real estate transaction about the risks of BEC fraud is “absolutely essential because in order to stop this, we have to prevent those authorized funds from being transferred [to bad actors].”

“And the way to do that is to identify the fraudulent transaction instructions from the get-go, before the payments are issued,” Rymarowicz added. “… People want to go fast. People want to get it done. But when your life savings is on the line, it’s worth taking a breath and a pause.”

“Still, no matter how careful you are, errors can happen, and people can become victims, and that’s when having the strategy and the plan in place to report it quickly becomes very important. So, NAR educates its members to know what to do if one of their clients does fall victim and that is to immediately report it through IC3.gov [the FBI’s Internet Crime Complaint Center].”

SingleSource’s Kelker said the existing law enforcement systems for combatting BEC fraud could benefit from better coordination and faster reaction times, however.

One of the things that has happened as a result of technology is that the velocity of transactions and how they’re often done virtually means literally in minutes money can disappear [via a BEC scam],” he said. “But the reporting systems that the government has generally take weeks before things are registered … and then you get into jurisdictional issues.

“Is this a Secret Service issue, or an FBI issue, or a State Department issue? … And while they’re debating about who’s in charge, and who’s responsible, the money has been gone, you know, 10 times over.”

Defending the fort

SideChannel’s Haugli said with respect to potential and actual BEC scams, he instructs his clients to assume they are likely on their own, so “it’s literally how do you protect and take care of yourself.”

Doshi of Paymints.io said technology exists to help protect against BEC threats, adding that being oblivious to the threat only compounds it.

“If you’re forced to use email, then transacting on secure portals and embracing technology is important as well as not being naive enough to think that it won’t happen to you,” he said. “No matter how big or small you are, you can be a victim of this.”

Haugli agreed that securing email systems is a vital and necessary defense, but he stressed that having a plan to address a BEC breach also is important.

“You need to have an incident-response plan so you can quickly act in case something happens and shut it down as quickly as possible,” he added. “It’s not about negating the damage. It’s about minimizing the damage at that point.

“I also can’t stress this enough to call a known good number [to verify last-minute changes].”

Haugli added that what makes BEC crime particularly hard to combat is the reality that the organized crime groups behind most of the attacks are often sanctioned or even supported by the governments in the countries where they operate.

“Most of them are going to be in aggressor, or opposition countries [to the United States], places like Iran, China, Russia, North Korea, some of the Eastern Bloc countries, even South America,” he said. “It’s any place where you can basically pay off your local, regional or whatever level of government so that you don’t get touched.

“… Anywhere you see government’s operating with any level of corruption, or just pure dictatorship, that’s where these criminal groups are operating.”

Perps and victims

The participants in these BEC schemes are often brazen and view their criminal activities as being justified simply because the opportunity exists. In some cases, they may themselves be unwitting victims of the larger, opportunistic criminal organizations they are conned into assisting.

For example, in Abegunde’s criminal case, court pleadings indicate that at one point he sent a text to a co-conspirator in which he allegedly discussed how he had lied to an FBI agent about the nature of his business as well as his relationship with the co-conspirator. The co-conspirator, who had set up a bank account for Abegunde’s use, replied, according to court records, that there was “no crime in seeing an opportunity and taking it.”

“To this, Abegunde simply stated, ‘LOL,’ a common [texting] abbreviation for ‘laughing out loud,’” court pleadings state.

The last laugh, however, was on Abegunde and his partner in crime, Ramos-Alonso. They were ultimately caught, convicted and sentenced to serve 78 months and 31 months, respectively, in federal prison for their roles in the BEC fraud perpetrated against the Memphis real estate company and the Washington title company, and more. (Abegunde has since filed an appeal in his federal court case that is still pending.)

In addition, a major irony is revealed in a Department of Justice (DOJ) summary of the Abegunde and Ramos-Alonso litigation. It seems Ramos-Alonso was himself duped into participating in the BEC fraud. He was originally recruited online by an individual claiming to be “Tammy Dolan,” a supposed Australian American living in Africa, whom Ramos-Alonso met through a dating site.

Ramos-Alonso began a “three-year romantic relationship” with Dolan “despite never meeting or speaking to Dolan,” according to the DOJ.

“Ramos-Alonso began sending money to her through an intricate network of strangers based in Africa and the United States, and he continued to do so despite receiving multiple warnings from businesses and individuals that he was facilitating criminal conduct,” a DOJ press release states. “The evidence at trial established that Dolan was actually a front for individuals connected to the money-laundering scheme who were directing Ramos-Alonso to move funds.”

That international criminal organization “is believed to have caused more than $10 million in damage to U.S. citizens and businesses,” a separate DOJ press release about the case states.

Where there’s good, there’s bad. Where there’s heads, there’s tails,” Suri of FundingShield said. “With technology, we can minimize it, but fraud is not going to go away.

“Fraud schemes will continue to change, and we simply have to stay ahead of it.”