Couple push for more cybersecurity protections after targeted home sale
BATON ROUGE, La. (WAFB) — A couple is pushing for mandatory cybersecurity insurance for mortgage and title companies after the sale of their home was allegedly targeted by hackers.
Tim and Joya Smith thought they had done everything right. In April, they put their house up for sale and it sold quickly, but after closing, that’s when they say things got interesting.
“She gets a phone call saying we owe and we were behind on our payment,” Tim said. “You know, like what, late on our payment?” So we called the title company to ask them what was going on.
They received an email letter asking them to contact the mortgage company as soon as possible and telling them to pay.
“I mean, we thought we could move on and start looking for another home,” Joya said. “If we had gone through this process, who knows what kind of legal confusion might have tried to get another house bought?”
A series of text messages from the start of the investigation show where an independent IT expert audited the accounts. At the time, this expert thought there had been a hack and the money had ended up in Cincinnati.
While the couple say they were assured there would be no problems down the road, they say that wasn’t enough of a guarantee. The couple say they pressed the title company to find out if it had cybersecurity insurance to protect against this type of attack. But they say they never got a clear answer.
“We never got an answer on that,” Timothy said. “We asked the title company and specifically, do you have insurance for these types of transactions? And we were getting this backhanded response, you know, something to the effect of, well, you know, that happens, you know, so many. And it’s like I haven’t asked you if it’s happened so often. I’m asking you, do you have insurance? And to this day, this answer than the answer to this question has not yet been given.
When WAFB contacted the company, a spokesperson said that insurance covered this transaction. They added that it’s the title insurance they’ve had all along.
Natasha Engle is the real estate agent who represented the couple at the sale.
“My clients were actually drugged for almost two months with no response,” Engle said.
WAFB’s Scottie Hunter asked Engle if she knew what happened to the money.
“No. It could be in an offshore account somewhere lost. I mean no one has come forward to say exactly if they knew they were definitely, you know, basically robbed by wire fraud from the title company to another account which was obviously not the mortgage company,” Engle said.
Engle says his advice to his clients was to hire a lawyer.
“I mean, number one, any title company that you’re referred to or are considering closing, I think that’s the number one question that’s going to be asked now, do you have cybersecurity insurance? Do you have the appropriate email protection? You should know if they have checks and balances on where these leads go in terms of earnings,” Engle said.
Although they did not send the transfer themselves, the couple’s lawyer told them not only that they could be sued for the missing money, but that the bank could also seize the property, which could severely affect their credit.
“Oh yeah. I mean obviously your heart is sinking because, you know, my clients are getting ready to go buy another house,” Engle said. Like they couldn’t buy another house.
WAFB wanted to know what the chances were that something similar could happen to others.
Norman Morris is the CEO of the Louisiana Association of Realtors. He says that with so much money changing hands online, criminals are getting smarter about how they target these types of transactions.
“We’re seeing it more and more as we move forward with the emergence of technology,” Morris said. “What we’re seeing, Scottie, is that a buyer could work with the title company and a hacker actually goes into that system and sees all the correspondence and communication between the two. They go in and send a Fraudulent email to buyer that looks identical to correspondence from the title company the buyer is used to They pressed send without picking up the phone to check with the title company And what happens , it’s all those dollars being sent to an account by that bad actor, and once that’s done, it’s very rare that you can get that money back.
He tells WAFB that even if there is no state or federal law that requires companies to carry cybersecurity insurance, they should.
“I think as time goes on and what we see, I think that should definitely be a practice to look into and it will definitely help if you have it,” Morris said.
In this case, the title company covered the missing money and the couple’s mortgage was taken over while the matter continues to be investigated.
Click here to report a typo.
Copyright 2022 WAFB. All rights reserved.