Skip to main content
U.S. flag

An official website of the United States government

Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock () or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

U.S Secret Service Thwarts Loan Scam Totaling More Than $21 Million

Subtitle
Secret Service Continues to See Rise in Real Estate Business Email Compromise
Published By
U.S. Secret Service Media Relations
Published Date
Body

WASHINGTON, D.C. – Last week on Aug. 23, the U.S. Secret Service Global Investigative Operations Center (GIOC) thwarted a real estate related Business Email Compromise (BEC) attempt to defraud a purchaser out of more than $21,000,000.00.

The Secret Service worked closely with private sector partners to identify the scheme that led to the transfer of funds into a fraudulent bank account. Due to the swift action by the GIOC and their private sector partners, all funds were returned to the victim.

The Secret Service continues to see a sharp rise in BEC incidents – both successful attacks and unsuccessful attempts – across all sectors of business and industry. The real estate industry in particular has seen a notable impact. 

Home buyer payments are being intercepted through stolen confidential and contemporaneous information, then fraudsters are using a spoofed domain to send fraudulent wiring instructions to the home buyer. BEC schemes targeting home buyer payments affect individual home buyers, often first-time home buyers, and attempt to defraud the buyers out of a significant portion of life savings and personal wealth.  

Mortgage and loan payoff payments are being intercepted through fraudulent wire instructions inserted into the transaction process, and changes in payment information may not be confirmed or  scrutinized by the parties involved. 


There are numerous ways to prevent real estate Business Email Compromise schemes:

  • Update procedures to ensure proper verification of information before releasing funds.
  • Independently obtain mortgage payoff statements and confirm with verified and trusted sources.
  • Independently verify the authenticity of information included in correspondence and statements.
  • Enable Multi-Factor Authentication (MFA) on all email accounts.
  • Routinely change passwords.
  • Routinely monitor email account access, check for unauthorized email rules and forwarding settings.
  • Restrict wire transfers to known and previously verified accounts.
  • Pay using checks when the information cannot be independently verified.
  • Have a clear and detailed Incident Response Plan. For more information visit the Secret Service’s Preparing for a Cyber Incident page.

To learn more about the Secret Service and efforts to combat Business Email Compromise fraud, please click here.