BEC Continues to Dominate...

 

As we enter a new year, we note the multitude of cyberattacks that occurred in 2023 across all industries. Huntress, a reputable cybersecurity platform for various companies, recently released a report on BEC (business email compromise) for small and medium-sized businesses. We know that BEC targets our industry, since we handle payments and wiring instructions.

 

In a typical BEC scenario, you have a target, a phishing email that contains phony links/attachments, and an objective that seeks the diversion of funds other than as intended by the parties to the transaction. BEC attacks had a noticeable surge in Q3 of 2023. In fact, 64% of threat actors’ attacks with BEC were identity-focused incidents that involved the malicious forwarding of emails. This is a common tactic used by threat actors to evade detection; once they are secretly in an email chain, they establish various mailbox rules to send legitimate incoming messages to other sub-folders or hidden folders. Another 24% of attacks will contain hits from unusual or suspicious locations. In other words, these “new” logins are obviously outside a company’s networks, but most importantly, they are likely from different countries.

 

In addition, threat actors are finding new ways around email defenses. In response, Microsoft 365 has implemented many measures to thwart phishing, BEC, and other types of attacks. Huntress observed that while these measures are good in theory, threat actors are starting to create their payloads as ZIP or ISO archive extensions. Payloads are the components of an attack that can cause large harm to a potential victim. This can be problematic, especially if these types of extensions are not blocked. Since 60% of ransomware incidents contained uncategorized or unknown strings, one can assume that their payloads could be embedded in one of these file types.

 

As always, Huntress advises extreme vigilance in our attempts to prevent these types of threats/attacks. Similar to what we have noted before, it is critical to question links/attachments; to call and confirm an email, using an independently verified phone number; and to carefully examine the message, particularly if the sender is using urgent tones or asking you to divulge confidential data. If you suspect abnormal activity, please check with your IT Department or outside consultant to have your systems evaluated, as well as your email rules assessed. Email rules are a target of threat actors, as they can create their own “rulebook” on where to divert incoming emails, so unsuspecting users will not notice.


Please contact CATICITSecurity@catic.com if you have any questions concerning this article.

Let's Have Some Fun!


In the past we have hosted events at the VT Lake Monsters and at Thunder Road. We are thinking about switching it up a bit but want to hear from you. Click here to rank the ideas we came up with (1 being your first choice) and/or use the blank space to add your own. Please keep in mind that the event will be for 100+ people.

1099-S Season Is Here. Here Are the Deadlines to Keep in Mind:

2/15/2024

Copy B or Substitute Form 1099-S to each transferor (if not given at the time of the closing)

2/28/2024

Paper Filings to the IRS (anyone with less than 10 filings)

4/1/2024

E-Filings to the IRS (anyone with10 or more filings)

Fraud Isn't Going Away


Wire Fraud: Authorities report that recovery of funds is more likely in the 24-48 hours following the initiation of a fraudulent wire, so the sooner the fraudulent activity is discovered and reported, the more likely it can be halted. While we have provided resources and tools, we thought we would share a few additional resources. Click here for more information. Tip: Keep this information saved in multiple locations. If your computer is compromised, how will you access this information in a timely manner?


Vacant Property Scams: Vacant land scams are continuing to hit our industry with significant impact at this time. We have been notified of many attempts here in VT and recently learned of a couple of attempts in NH.


Practice Tip: Although the risk extends to both sides of the transaction, sellers’ counsels will likely receive many requests in this process to verify the identity of the sellers.


Here are a couple of tools to help mitigate the risk of falling victim to this sort of scam:



Thank you for your continued cooperation and vigilance in defending against fraud in our industry!

Outstanding Policies - The Trouble Files That Never Go Away


We acknowledge that some files are easier than others and that you have been incredibly busy trying to keep deals together. We appreciate your hard work and dedication to CATIC. We need your help in getting all policies 60 days and older issued to the Insureds and remitted to our Rocky Hill office.

 

We are bound to meet or exceed the expectations of our insureds, regulators and rating agencies. The expectation for timely remittance is consistent with the American Land Title Association and standard practices in the industry.

 

Please know that we are here to help. Please contact our office and we will offer solutions to expedite remittance issues. Common problems include missing discharges and post-closing update problems.

Did You Miss a CATIC webinar?


Don't worry, we've got you covered! All CATIC webinars and supporting documents are available on CATIC Academy. All you need is a CATIC agent login. Click here to access CATIC Academy. Don't have a login? Click here to register.

Lau's Corner


Underwriting Question? 


To streamline underwriting, please email UnderwritingVT@catic.com which will automatically go right to Liz and Steve's inbox.


Career Network

 

We often hear of firms who are hiring. While we welcome phone calls or emails, we have added a career network post under News and Announcements (bottom right-hand corner) on the VATC website.

FOC_Footer2021.png