CLTA Fraud Alert!
Monday, March 14, 2016
Published: March 14, 2016
It has come to the attention of the CLTA that the incidence of URL spoofing of title company Internet domain names has increased dramatically in the past several months. Additional information will be forthcoming from the CLTA on this and other fraud techniques.
In the meantime, please be aware that fraudsters are registering domain names only slightly different than those of companies legitimately servicing real estate transactions in order to more closely and subtly impersonate those involved, all in an effort to increase their chances of misdirecting funds.
URL Spoof Example: mytitlecompany.com is spoofed as mytittlecompany.com or mytitlecompany.co
- A legitimate e-mail address might appear as: email@example.com.
- The fraudster's e-mail address might appear as: firstname.lastname@example.org.
The Effect: The additional character in the spoofed address makes the fraudster's e-mail address much harder to recognize, not only because the domain name (mytittlecompany.com) looks virtually identical, but the email account name is indeed identical to that of the escrow officer (escrowofficer). This spoofed address is much more effective than email@example.com as the more sophisticated spoofed e-mail address is much harder to recognize as that of an imposter.
- Be aware of the ever-increasing URL spoofing technique in use by fraudsters.
- Be diligent in your review of e-mail communications, especially when replying to received messages and definitely when sending or receiving wire instructions
- Report all instances of URL spoofing encountered to the appropriate personnel within your organization immediately.