The proliferation of fraud and business email compromise continues to pose a significant threat to businesses worldwide. The FBI indicates this fraud represents over $5 billion in reported losses to businesses just like yours.
We take your security seriously and intend to inform you whenever threats of this nature arise. We also ask that you remain vigilant and thoroughly investigate any request to gather information, and remember that Hillsborough Title does not accept changes to wire information via email. Fraudsters have become adept at impersonating executives and trusted partners and often use the anonymity of email to communicate with you.
There are growing concerns across the industry about Internet fraud. The FDIC continues to warn companies of increased electronic funds transfer (EFT) fraud. Most incidents are a result of compromised login credentials and are perpetrated using malicious software, key loggers, and illicit e-mail messages. The U.S. Treasury Department has reported increased incidents of wire transfer fraud and of fraud targeting ACH Batch transfers. You can greatly reduce your exposure to online fraud – and prevent fraud in its most common forms – by instituting the following recommended best practices in the documents below.
Download - Building an Email Fortress
Download - Business Email Compromise
Also, to read and share great tips on protecting yourself and others please download the online security flyer below.
Download - Effective Online Security Tips
Protect yourself and your business. You have worked hard to get where you are, so don’t fall victim to a fraudulent scheme.
Hillsborough Title wants you to stay vigilant against the possibility of Phishing scams as the attempts are on the rise in the real estate industry.
First, take a look at the sender's email. Depending on the email program you use, you may have to open the email (but NOT the attachment) in order to view the actual email address and not simply the name. When a new email address is created it can be created with any name, and in the current email, you can see that while the name is "John Doe", the email address actually belongs to a "Jane Doe"
Unfortunately, that name is likely false, as well, so it doesn’t help find the persons responsible. But, you can see clearly that their email doesn’t match the email on the signature line of the email. This is known as "spoofing" an email. As opposed to with "hacking", the perpetrator has not accessed any of the real party's information but has merely copied the information on the signature line to make it seem legitimate.
Spelling mistakes and typos are VERY common in phishing emails. The sentence asking for the receiver to verify the information is very poorly written (highlighted in yellow in the graphic to the right) A great tip is to read the email aloud to see if it makes sense. In this case, although the gist of the email makes sense, the actual message doesn’t sound correct. Also, they have poorly spaced the second sentence, misspelled "its", and strangely capitalized "settlement", which isn’t normally capitalized, but did not capitalize "HUD" which might be. None of these hints are indication of a phishing email alone, but when combined with the other information, it starts to look suspicious.
If these many red flags exist in one email, the simple answer is to verify the sender! However, do NOT email back, as if you hit reply to these emails you are not replying to "John Doe" but the spoofer. They may ignore you, or they may choose to respond with more information to convince you that this is a real document. ALL HILLSBOROUGH TITLE EMAILS SHOULD INCLUDE A SIGNATURE LINE INCLUDING PHONE NUMBER. If you’re not 100% positive on a document, please pick up the phone and verify the sender.
For more information on phishing and ways to protect yourself, view the consumer report below.