Information Security and Wire Transfer Fraud are critical topics for the land title insurance and settlement industry. Wire Transfer Fraud is a threat to every title operation regardless of size, location or years in business. ALTA’s priority is helping you protect your systems, plan for a rapid response in case of an incident, and prepare your employees, clients and customers to be aware and vigilant.
Industry Standard Policies and Tools
- ALTA Outgoing Wire Preparation Checklist: Use this checklist as a best practice for verifying outgoing wire information.
- ALTA Rapid Response Plan for Wire Fraud Incidents: Use this tool to customize your action plan when a wire fraud attempt occurs.
- Video: How To Complete an IC3 Report. Watch the video to see how easy it is to help law enforcement gather information.
- ALTA Cybersecurity Incident Response Plan: Use this tool to help your team to establish and maintain secure systems and be prepared to act quickly if an incident occurs. Leverage these resources to implement Step 1: Preparation:
- ALTA Cyber System Overview: Use this narrative to improve your understanding of a Cyber System Inventory, why it is important to Cybersecurity efforts, and how to create and maintain your company's inventory.
- ALTA Cyber System Inventory Workbook: Use this model workbook to create and customize your company's inventory.
- ALTA Business Impact Analysis: Use this guide to examine your software applications, determine which resources are critical to your operation, and discover when to add resources to minimize the business impact of downtime.
Employee Training and Awareness
- Monitor and Improve Employee Skills.
Consider a phishing security test for all of your employees. These companies can help: - Security Planner: https://securityplanner.org
- PhishMe: https://phishme.com/free
- KnowBe4: https://www.knowbe4.com/resources
- Webinars to Watch:
- Data Security Essentials: Strategies to Protect Non-public Personal Information (Download copy of presentation)
- Fortify Your Business: Lock Down Data and Protect Client Funds (Download copy of presentation)
- Safeguarding Escrow Trust Accounts
- Best Practices: Protecting Non-public Personal Information (Download copy of presentation)
- Fraud and Your Escrow/Trust Accounts (Download copy of presentation)
Resources for Your Clients and Consumers
- Wire Fraud Tips Video: Share this 1-minute video with homebuyers so they know how to protect their money.
- ALTA Wire Fraud Video: This 2-minute video provides four tips on how consumers can protect their money and offers advice on what to do if they have been targeted by a scam. Link to this video from your website, include in your email or share on social media.
- ALTA Wire Fraud Infographic: ALTA has produced this Rack Card explaining Wire Fraud. ALTA Members can brand the infographic with their own information at the ALTAprints website.
- ALTA Wire Fraud PowerPoint for Consumer Education: (Member-only content) Use this presentation to educate consumers about the dangers of phishing emails and wire transfer fraud. The presentation provides information on what to do if you’ve fallen victim to a scam and also highlights 10 tips to prevent wire fraud.
Get Information to Help Your Business and Your Customer Protect Closing Funds
Information Security Articles
Recent 2024 2023 2022 2021 2020 2019 2018 2017 2016 2015 2014
Important Yet Affordable Cybersecurity Defenses
ALTA is dedicated to helping members safeguard their operations from the constant threat of cyber attacks. Read on for a collection of helpful links to cybersecurity resources provided by ALTA’s Information Security Work Group and other trusted sources.
The Three Rs to Cyber Defense and Response
Just as when you were in school, if you could read but not write, you might get by for a while, but eventually you will have issues getting ahead in life. The same holds true for a strong cybersecurity defense and response program. Read on as two members of ALTA's Information Security Work Group walk through the three Rs of cybersecurity.
Fresh Phish: Microsoft Authenticator
It's important for title and settlement professionals to be aware of the latest phishing schemes. To help with this, ALTA has developed an infographic that highlights different phishing emails, what the fraudsters are attempting to do and how to spot the bait. This "fresh phish" attempts to steal Office 365 credentials to sell them or gain access to your email account. It's important to never approve multi-factor authentication requests that you didn't initiate.
New Critical Microsoft Outlook RCE Bug is Trivial to Exploit
An ALTA member could receive a phishing email with a specifically crafted hyperlink in the body of the email that utilizes and takes advantage of this Outlook vulnerability. Clicking on the malicious link bypasses Outlook’s existing security mechanisms and can lead to the leakage of local NTLM credentials (protocol used in networks that require user authentication) and the potential for arbitrary code execution. Microsoft recommends applying the recently released security updates as soon as possible to mitigate this critical vulnerability.
Fresh Phish: Microsoft OneDrive Document
It's important for title and settlement professionals to be aware of the latest phishing schemes. To help with this, ALTA has developed an infographic that highlights different phishing emails, what the fraudsters are attempting to do and how to spot the bait. This "fresh phish" attempts to steal Office 365 credentials to sell them or gain access to your email account. It's important to never approve multi-factor authentication requests that you didn't initiate.
Google Cracking Down Against Spammers to Protect Gmail Users
Starting in February, Google and Yahoo started requiring Domain-based Message Authentication, Reporting & Conformance (DMARC) policies to be enabled or they will start rejecting email. It's recommended ALTA members' IT managed service provider (MSP) or internal IT teams start checking their email domain policies to get a head of any potential Google or Yahoo email delivery issues.
Deepfake Video Conference Convinces Employee to Send $25M to Scammers
A deepfake phishing scam cost a multinational company more than $25 million after an employee was fooled by digital imitations of his colleagues on a conference call.
Cybersecurity Advisory: Top 10 Cybersecurity Misconfigurations
The National Security Agency (NSA) and Cybersecurity and Infrastructure Security Agency (CISA) released a cybersecurity advisory that highlights the most common cybersecurity misconfigurations in large organizations, and details the tactics, techniques and procedures actors use to exploit these misconfigurations.
Phishing Guidance: Stopping the Attack Cycle at Phase One
Several federal agencies issued a guide outlining phishing techniques malicious actors commonly use and to provide guidance for both network defenders and software manufacturers. This will help to reduce the impact of phishing attacks in obtaining credentials and deploying malware. The guidance for network defenders is applicable to all organizations but may not be feasible for organizations with limited resources. Therefore, this guide includes a section of tailored recommendations for small-and medium-sized businesses that may not have the resources to hire IT staff dedicated to a constant defense against phishing threats.
Ivanti Warns of New Connect Secure Zero-day Exploited in Attacks
Ivanti warned of two more vulnerabilities impacting Connect Secure, Policy Secure andZTA gateways, one of them a zero-day bug already under active exploitation. Some ALTA members may utilize Invanti’s Connect Secure VPN (also known as Pulse VPN) or these other products, opening them up to significant cyber risk if not resolved.
Survey: Title Companies Report Increase in Cyberattacks But Mitigation Efforts Help
More than 90% of title insurance companies reported the volume of cybercrime attempts increased or remained the same over the past year, according to a Cybercrime & Wire Fraud Study sponsored by the ALTA Land Title Institute. Read on for more results.
Hackers Target WordPress Database Plugin Active on 1 Million Sites
Malicious activity targeting a critical severity flaw in the "Better Search Replace" WordPress plugin has been detected, with researchers observing thousands of attempts in the past 24 hours. There may be some ALTA members running this plugin on their public website and could be impacted. Users are strongly recommended to upgrade to 1.4.5 as soon as possible.
Critical Cisco Unified Communications RCE Bug Allows Root Access
The vulnerability, tracked as CVE-2024-20253, makes enterprise communications infrastructure and customer service call centers sitting ducks for unauthenticated cyberattackers. Some ALTA members may use Cisco-based phone systems and could be impacted by this “critical” 9.9 out of 10 CVSS vulnerability, opening them up for possible cyberattacks.
CISA Issues Emergency Directive on Ivanti Vulnerabilities
CISA has issued Emergency Directive (ED) 24-01 Mitigate Ivanti Connect Secure and Ivanti Policy Secure Vulnerabilities in response to active vulnerabilities with Ivanti Connect Secure and Ivanti Policy Secure. Some ALTA members may use Invanti’s Connect Secure VPN (also known as Pulse VPN) and Ivanti Policy Secure opening them up to significant cyber risk if not resolved.
Apple Releases Security Updates for Multiple Products
Apple has released security updates for iOS and iPadOS, macOS, Safari, watchOS, and tvOS. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. How the scheme works: A criminal sends a text message or phishing email. If the URL link is opened on a iPhone, iPad or Mac, the person is sent to a website that has the vulnerability built into it. The individual’s Apple device then becomes compromised.
Regulators Say They Have the Tools to Address AI Risks
Bank regulators said that while they are actively exploring the risks that could emerge from financial institutions' reliance on artificial intelligence, existing tools and laws are sufficient to prevent those risks from harming consumers or the financial system.
CISA Adds Three Known Exploited Vulnerabilities to Catalog
CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise.
Citrix Warns of New Netscaler Zero-days Exploited in Attacks
The two zero-days (tracked as CVE-2023-6548 and CVE-2023-6549) impact the Netscaler management interface and expose unpatched Netscaler instances to remote code execution and denial-of-service attacks, respectively.
Cybersecurity Advisory from ALTA's Information Security Work Group
Considering the most recent cybersecurity incidents, ALTA's Information Security Work Group urges everyone to use extreme caution when opening emails containing links, attachments or requests for personal information, such as security credentials or authentication codes. Read on for additional guidance to improve cybersecurity protocols.