Alert: Phishing Email Appears to Come From Ellie Mae Targets Title Industry
October 3, 2024
A phishing email that appears to come from Ellie Mae is targeting the title insurance industry.
The fraudulent email has the subject line "You have a new Title & Closing request from the Encompass Title Center."
Premier One, which provides tech support and IT solutions, alerted ALTA about the phishing email. The scam is designed to deceive recipients into disclosing sensitive information. According to Premier One, the phishing email harvests multifactor authentication (MFA). MFA combines multiple credentials to authenticate a user, such as a password, a security token, or biometric verification. Hackers can bypass MFA by harvesting the tokens that users receive after completing their MFA challenge. Once the unsuspecting user completes any MFA requirements in place, the attacker is then able to retrieve the user's credentials along with the authentication token for the newly created session. The attacker will typically then use the harvested authentication token to connect to the session from their own device.
Companies should take the following precautions:
- Do Not Click on Links or Attachments: Avoid clicking on any links or downloading attachments from suspicious emails.
- Verify the Source: If you receive an unexpected email regarding title and closing requests, please verify its authenticity by reaching out to your known contacts within your team directly, using contact information you have on record.
- Report Suspicious Emails: Forward any questionable emails to your IT Security Team.
Webinar
ALTA recently held a webinar on best practices to identify phishing email. You can watch a recording here. To download a copy of the presentation click here.
Contact ALTA at 202-296-3671 or [email protected].