Open Forum

 View Only
  • 1.  Security BUZZ - AI to the rescue

    Posted 03-31-2023 09:46

    In an attempt to fraudulently obtain more than $36 million, a threat actor emailed an escrow officer and their client, a commercial real estate company, while impersonating the senior vice president and general counsel of a trusted partner company. The email Security company Abnormal caught the wire fraud attack due to an unusual domain name using behavioral AI and an advanced modeling technique.
    Included in the email were an invoice and instructions for payment for a loan worth $36.4 million. While this number might ring alarm bells elsewhere, commercial real estate involves using large-sum loans, so there was no initial concern. A false company letterhead was used to legitimize the scam. The cyber attackers added another reputable real estate investment company to the email chain to make it even more convincing, using a typo-squatting domain. 
    The escrow officer may have fallen for it, but the BEC attempt was caught due to artificial intelligence (AI) technology spotting signs of fraud, such as discrepancies in the wiring instructions, newly registered email domains, and irregular language patterns in the email. In addition to this, there was a minor change in the sender domain from ".com" to ".cam."
    Just as we have trained users to watch for red flags in the email, the computer algorithm can process and identify many at incredible speed. While we still are playing a "whack a mole" game with adversaries in many domains, AI is increasingly improving its models to catch ever-more-savvy BEC attacks. 
    Take away

    • Essential antispam and antimalware services built into most email systems are no longer enough to protect against even basic BEC attacks.
    • Invest in advanced email protection services that use Machine Learning (ML) and Artificial Intelligence (AI) to analyze and block phishing and malicious emails based on the multitude of telemetries unavailable to the human eye.
    • Many of them support Microsoft 365 and G-Suite email platforms with zero-touch implementation. 


    ------------------------------
    Genady Vishnevetsky
    Chief Info Security Officer
    Stewart Title Guaranty Company
    Houston TX
    +1 (713) 625-8249
    ------------------------------
    ALTA Marketplace


  • 2.  RE: Security BUZZ - AI to the rescue

    Posted 04-03-2023 08:26

    I had never heard of Abnormal before this post, but we have been advocating for ages that you cannot trust the default security in any email platform, and we overlay additional email securities by default with our clients. Optionally we have been offering an email AI product barracuda has had for ages called Sentinel which seems very similar to Abnormal. 

    AI products learn a user's behavior and way of writing and will notice the difference when its someone else in your mailbox. Over the years with our customers using the Sentinel add-on I have been amazed of the things it notices. 



    ------------------------------
    Nicole Milliron
    Director of Operations
    Kloud9 IT
    Cleveland OH
    +1 (844) 556-8394
    ------------------------------

    ALTA Marketplace


  • 3.  RE: Security BUZZ - AI to the rescue

    Posted 04-03-2023 21:10
      |   view attached

    Great information, Genady, thank you!

    In related news, the Financial Crimes Enforcement Network (FinCEN) released their "Financial Trend Analysis" Report (attached) over the weekend. The report indicates that the average dollar value of Real Estate related BEC incidents increased from 2020 to 2021 and may reflect home price trends during that time frame.

    FinCEN's Press Release offers highlights from the report (See "FinCEN Analysis of Business Email Compromise in the Real Estate Sector Reveals Threat Patterns and Trends" (https://www.fincen.gov/news/news-releases/fincen-analysis-business-email-compromise-real-estate-sector-reveals-threat)) and reiterates the importance of activating the Rapid Response Program by having the victim or their financial institution file a complaint with the IC3 (https://www.ic3.gov/) or contact the nearest field office of the United States Secret Service (see: https://www.secretservice.gov/contact/field-offices).

    ALTA also encourages use of tools like the ALTA Outgoing Wire Preparation Checklist and the ALTA Rapid Response Plan for Wire Fraud Incidents. See more on the ALTA Website at https://www.alta.org/business-tools/information-security.cfm.

    #ALTACyber 



    ------------------------------
    Kelly Romeo | SVP & CIO | ALTA
    202-261-2948 | [email protected]
    ------------------------------

    Attachment(s)

    ALTA Marketplace


  • 4.  RE: Security BUZZ - AI to the rescue

    Posted 04-04-2023 10:04

    Genady, 

    Agree, Abnormal provides a significant layer of security that is seamless to the title agent and employee.  Great information and thanks for sharing.

    Kelly - thanks for posting the FINCEN report on real estate wire fraud and business email compromise.  The loss figures per incident are much more accurate than trying to comb through the FBI's IC3 report to determine the how much is being lost per stolen wire in a real estate transaction.   This type of awareness is important as we approach spring market.  



    ------------------------------
    Thomas Cronkright Esq.
    Executive Chairman
    Sun Title Agency of Michigan, LLC
    Grand Rapids MI
    +1 (616) 317-4221
    ------------------------------

    ALTA Marketplace