Authorities in the United States and Africa arrested eight people for alleged involvement in an international online fraud scheme that targeted Crye-Leike, a real estate company based in Memphis, Tenn., as well as other entities. The suspects, along with four others who are still at large, are accused of attacking computer servers and using bogus email messages to steal millions of dollars from individuals and companies involved in property transactions in the U.S., according to the Justice Department.
Wire fraud in real estate is one of the fastest growing cybercrimes in the country. The FBI reportedly received 301,580 complaints in 2017 and losses exceeded $1.4 billion, and in the real estate/rental sector alone, more than 9,600 victims lost over $56 million in the same year.
The type of fraud with the highest reported loss last year was Business Email Compromise (BEC)/Email Account Compromise (EAC), with losses totaling more than $675 million. According to the American Land Title Association: “In real estate transactions, fraudsters assume the identity of the title or real estate agent handling the sale. The criminals forge the person’s email and other details that appear specific and authentic. Next, posing as the real estate or title agent, the scammers send an email to the buyer, providing wire instructions to the criminal’s bank account, not the title agency’s legitimate account.”
Five of the suspects in the Crye-Leike case—who are citizens of Ghana, Mexico, Nigeria, and the U.S.—were arrested stateside. The other three were taken into custody overseas and are awaiting extradition to the U.S. In addition to its efforts to disrupt real estate deals, the ring, which has been in operation at least since 2012, also was involved in credit card and gold buying scams, law enforcement officials say. The suspects allegedly stole a total of approximately $15 million, the officials said.
The suspects are alleged to have carried out a Business Email Compromise scam against the real estate industry. The cybercriminals penetrate an email account belonging to someone involved in a real estate transaction, then monitor correspondence related to the deal. The scammer poses as a closing agent or other trusted party and instructs the buyer by email to send funds intended as a down payment—or even to cover the entire purchase price of a property—to a fraudulent account.
To combat the threat, the National Association of REALTORS® advises real estate professionals to make sure clients know that they will not receive instructions to transmit funds by email and that any such directions should be treated as suspect.
Crye-Leike, which has offices across the Southeast, played a key role in helping the FBI track the suspects. The firm contacted the FBI because its agents and customers were receiving suspicious emails, then helped authorities in their investigation, dubbed Operation Keyboard Warrior, according to a statement Crye-Leike provided to REALTOR® Magazine.
Crye-Leike stressed that information on its systems is secure. “We are very pleased that the FBI was able to identify suspects and take action. … Crye-Leike immediately took all the necessary steps to block attacks, and Crye-Leike has not discovered or been made aware of any smuggling or theft of data from its servers,” the statement said. The company declined to comment further.
The FBI said it would continue its efforts to combat the kinds of cyberattacks that have been directed at the real estate industry. “This should stand as a warning that our work is not over, and we will continue to work together with our law enforcement partners to put an end to these fraud schemes,” FBI Executive Assistant Director David T. Resch said in a statement.
Businesses should update security practices frequently and train employees how to recognize and react to phishing attempts. Consumers need to be informed of the risks and aware of potential red flags, especially if they are involved in a real estate transaction. The American Land Title Association provides a helpful resource on how consumers can protect their money and offers advice on what to do if they have been targeted by a scam. Anyone who suspects they’ve been victimized by online fraudsters should report the incident to the FBI’s Internet Crime Complaint Center.