January 27, 2025

Real estate transaction scams target multiple Alberta lawyers

Similar ploys conned three firms into rerouting mortgage payout funds to fraudulent accounts

Several Alberta real estate lawyers have recently been hit with social engineering scams, prompting ALIA to again urge all its Subscribers to take extra precautions when facilitating transfers of funds.


In three incidents in December 2024, reported to ALIA by three different Subscribers, fraudsters impersonated different private lending companies that had provided mortgages to the Subscribers’ clients. Following the sale of each client’s property, the Subscriber or their assistant contacted the lender seeking a payout statement for the mortgage. The real lenders provided a payout statement to the Subscriber or their assistant, but the fraudsters replied in the same email chain with a revised payout statement.


In each case, the fraudsters created a fake email address that resembled the lender’s address, with a few letters changed. In one instance, the fraudsters also impersonated the Subscriber’s assistant to reply to the real lender, advising the closing date for the real estate transaction had been delayed.


The Subscribers or their assistants then wired the payout funds to the fraudsters’ bank accounts.

Scam breakdown

The fraudsters:

Unknown persons who infiltrated emails between law firms and private lending companies that were scheduling mortgage payouts.


The angle:

The fraudsters created an email alias similar to the lender's address. Posing as the lender, they sent an email to the law firm with a revised payout statement.


The target:

The fraudsters wanted the law firm to send the mortgage payout funds to the wrong bank account.

Quick action in one instance allowed a Subscriber that was targeted to minimize some of the damage. In this case, the client contacted the Subscriber to advise that they had fallen into default on their mortgage and had been contacted by their lender. This prompted the Subscriber to take immediate action to contact both their own bank and the fraudster’s bank. While some of the funds had been diverted by the fraudster, the banks were able to freeze the majority of the funds and return them to the Subscriber.


In the other two cases, the Subscribers did not become aware of the fraud until a month later, by which time most of the funds had disappeared. 

Red flags

The ploy used by these scammers included creating an email alias to deceive the Subscribers. Watch out for these indications of possible fraud:

Last-minute revisions:

Receiving an email purporting to provide a “revised” payout statement or a different bank account than was previously provided

Check the email address:

Look for small changes in the lender’s email address, such as a few letters swapped, even where the email appears to be in reply to an email chain with the real lender

Recipient does not match:

A recipient of funds that has a different name than the lender, such as a numbered company

Take action against social engineering fraud

Multi-factor authentication is an important yet simple tool for security. Requiring two or more steps — such as a password and a secondary code received via email, text message, or an app — to your verification process adds an extra layer of protection for accessing email accounts, cloud file storage, and banking services.


The same concept can be applied to verify transfer information for funds.  For example, if a client sends a lawyer an email with banking information for a funds transfer, the lawyer should use a separate method of authentication to confirm these details. The lawyer could meet the client in person or phone them using the number on file.


Where the lawyer is sending funds to a third party — such as a lender — the lawyer should verify the banking information for the third party through secondary means. For example, the lawyer could call the lender using a number that the client provides for the lender or that the lawyer is able to access outside of the email exchange with the lender. The lawyer could also consider calling the bank to ensure the funds are being sent to an account set up for the intended recipient of the funds.


Subscribers who suspect they are being targeted by a similar scam should contact their IT department to determine whether there has been a security breach.


Further safety measures lawyers can take after funds have been sent may include seeking confirmation of payout from the lender and having the client check independently with their lender. It may be possible to have a fraud reversed if it is caught early.

ALIA does not provide legal advice. ALIAdvisory newsletters, ALIAlert fraud warnings, ALIAction notices and the content on ALIA’s website, notices, blogs, correspondence and any other communications are provided for general information purposes only and do not constitute legal or other professional advice or an opinion of any kind. This information is not a replacement for specific legal advice and does not create a solicitor-client relationship.


ALIA may provide links to third-party websites. Links are provided for convenience only; ALIA does not vet or endorse the information contained in linked websites or guarantee its accuracy, timeliness or fitness for a particular purpose.


If you believe you have been targeted by potentially fraudulent activity, please contact ALIAlert.
Visit our Website
STAY CONNECTED 
Linkedin  

Alberta Lawyers Indemnity Association | 700, 333 - 11th Ave SW | Calgary, AB T2R 1L9 CA

Unsubscribe | Update Profile | Constant Contact Data Notice

Constant Contact