GetHOADocs
Back to blog
Title & Escrow

Wire Fraud in Real Estate Closings: How to Protect Your Transaction

David PineDecember 4, 20259 min read

The Scale of the Problem

In 2024, the FBI's Internet Crime Complaint Center reported over $145 million in losses from real estate wire fraud. The real number is higher. A lot of victims never report it.

Wire fraud works in real estate because closings move large amounts of money between multiple parties on tight deadlines. One fraudulent email with slightly different wire instructions can send hundreds of thousands of dollars straight into a criminal's account. Once that wire goes out, the money is usually gone within hours.

This isn't hypothetical. It's happening every day, in every market, to buyers and professionals who were sure it couldn't happen to them.

How the Scam Works

The typical real estate wire fraud follows a pattern, and it's depressingly predictable.

Step 1: Email compromise. Criminals get into the email account of someone involved in the transaction. Could be the agent, the title company, the lender, or the buyer. Usually happens through phishing emails or credential stuffing (using passwords stolen from other breaches).

Step 2: Monitoring. The criminal sits in that compromised inbox and reads everything. They learn the closing date, property address, buyer's name, dollar amounts, and who sends the wire instructions. They're patient. They'll wait weeks.

Step 3: The fake email. Days or hours before closing, the criminal sends an email that looks like it's from the title company or closing attorney. It includes wire instructions, but the account belongs to the criminal. The email is nearly identical to the real thing. Sometimes the sending domain is one letter off.

Step 4: The wire. The buyer or their bank sends the closing funds to the fraudulent account. By the time anyone figures out what happened, the money has bounced through multiple accounts and vanished.

Why Closings Are Such a Target

Real estate closings are practically designed to be exploited.

Large dollar amounts. A typical residential closing involves $200,000-$500,000 or more in wire transfers. That's a much bigger score than tricking someone into buying a $500 gift card.

Tight timelines. Closing dates create urgency. When a buyer gets wire instructions at 4:30 PM the day before closing, they're not going to slow down and triple-check everything. They just want to close.

Multiple parties. You've got the buyer, seller, two agents, a lender, and a title company. Every single one of them has email. Every single one of them is a potential way in.

Email dependence. The real estate industry still runs on email for almost everything. Wire instructions, closing disclosures, sensitive documents, all sent as attachments. In 2026. That's a problem nobody seems to want to fix.

Who's at Risk

Everyone in the transaction is exposed, but some get hit more than others.

Buyers. They're the ones wiring the money. For most of them, this is the biggest financial transaction they'll ever make. They're nervous, distracted, and completely focused on getting to the closing table. That makes them easy targets.

Title companies. Some schemes go after the title company's escrow account instead of the buyer's wire. If a criminal gets into the title company's email, they can redirect incoming wires or send fake disbursement instructions. I've seen it happen twice in the last year alone.

Agents. An agent's email account is often the first one compromised because it's the most exposed. It's on their website, their business cards, their yard signs, every public database you can think of.

Red Flags to Watch For

Train yourself to spot these.

  • Last-minute changes to wire instructions. This is the single biggest red flag. If you get updated wire instructions close to closing, verify by phone before you do anything. Full stop.
  • Email addresses that look slightly off. "closingteam@abctitle.com" vs. "closingteam@abctitIe.com" (that's a lowercase L swapped for a capital I). These differences are built to be invisible at a glance.
  • Urgency language. "Wire must be sent today" or "there's been a change in the closing account." Legitimate title companies don't change wire instructions at the last minute. They just don't.
  • Requests for secrecy. "Don't mention this change to the other parties." No legitimate professional would ever say that.
  • Email-only communication. If someone sends wire instructions but won't pick up the phone to verify them, walk away from that email.

How to Protect Yourself

Regardless of your role in the transaction, the core advice is the same: verify wire instructions through a separate channel before sending money. How you do that depends on where you sit.

Buyers should get wire instructions in person or by phone at the start of the transaction. Ask the title company how they'll deliver them. Picking them up at the title office or receiving them over a verified phone call is far safer than email. Before sending any wire, call the title company at a number you already have, not one from a suspicious email, and confirm the account number, routing number, and amount. If wire instructions change for any reason, stop and verify independently. Some buyers also send a small test wire of $100 first and call to confirm it arrived before wiring the full amount. Not every bank supports this, but it's worth asking.

Title companies need to stop sending wire instructions as plain email attachments. Secure portals that require authentication are much harder for criminals to intercept, and this should have been standard five years ago. Require phone verification for all incoming and outgoing wires, no exceptions. Every email account in the office needs multi-factor authentication, this one step prevents the majority of email compromises. And regular phishing simulations and wire fraud training should be mandatory, because human error is almost always the weak point.

Agents should warn their clients at the start of every transaction with something like: "We will never send you wire instructions by email. If you get an email with wire instructions, call us immediately before doing anything." On the security side, turn on multi-factor authentication, use strong unique passwords, and don't check email on public Wi-Fi without a VPN. And don't forward wire instructions, even if a client asks. Send them directly to the title company for all wire-related communication and keep yourself out of that chain.

What to Do If It Happens

If you think wire fraud has occurred, move fast.

  1. 1.Contact your bank immediately. If the wire went out within the last 24-72 hours, the bank may be able to start a recall. Every hour matters here.
  2. 2.File a complaint with the FBI's IC3 (ic3.gov). This creates an official record and may help with recovery.
  3. 3.Contact local law enforcement. File a police report.
  4. 4.Notify the title company and all parties. Everyone involved in the transaction needs to know right now.
  5. 5.Contact your insurance company. Some title insurance and E&O policies cover wire fraud losses. It's worth checking.
Recovery rates for wire fraud are low, somewhere around 20-30% of reported losses. Prevention is the only reliable strategy.

The Industry's Responsibility

Wire fraud isn't going away. But the real estate industry has been painfully slow to adopt basic security measures that banks and other financial institutions put in place years ago.

Multi-factor authentication, encrypted communication, and callback verification aren't exotic technologies. They're the bare minimum, and every title company, brokerage, and lending institution should already have them running.

Until that changes, the burden sits on individuals to protect themselves. Verify everything. Trust nothing that arrives only by email.

And when in doubt, pick up the phone.

← Previous

Why HOA Closing Delays Happen (and What You Can Do About Them)

Next →

Real Estate Agents: Your Quick Reference for HOA Document Types