Information Security and Wire Transfer Fraud are critical topics for the land title insurance and settlement industry. Wire Transfer Fraud is a threat to every title operation regardless of size, location or years in business. ALTA’s priority is helping you protect your systems, plan for a rapid response in case of an incident, and prepare your employees, clients and customers to be aware and vigilant.

Industry Standard Policies and Tools

Employee Training and Awareness

Resources for Your Clients and Consumers

    • Wire Fraud Tips Video: Share this 1-minute video with homebuyers so they know how to protect their money.
    • ALTA Wire Fraud Video: This 2-minute video provides four tips on how consumers can protect their money and offers advice on what to do if they have been targeted by a scam. Link to this video from your website, include in your email or share on social media.
    • ALTA Wire Fraud Infographic: ALTA has produced this Rack Card explaining Wire Fraud. ALTA Members can brand the infographic with their own information at the ALTAprints website.
    • ALTA Wire Fraud PowerPoint for Consumer Education: (Member-only content) Use this presentation to educate consumers about the dangers of phishing emails and wire transfer fraud. The presentation provides information on what to do if you’ve fallen victim to a scam and also highlights 10 tips to prevent wire fraud.

Get Information to Help Your Business and Your Customer Protect Closing Funds


Information Security Articles

Recent 2024 2023 2022 2021 2020 2019 2018 2017 2016 2015 2014

Important Yet Affordable Cybersecurity Defenses
March 27, 2024

ALTA is dedicated to helping members safeguard their operations from the constant threat of cyber attacks. Read on for a collection of helpful links to cybersecurity resources provided by ALTA’s Information Security Work Group and other trusted sources.

 The Three Rs to Cyber Defense and Response
March 13, 2024

Just as when you were in school, if you could read but not write, you might get by for a while, but eventually you will have issues getting ahead in life. The same holds true for a strong cybersecurity defense and response program. Read on as two members of ALTA's Information Security Work Group walk through the three Rs of cybersecurity.

Fresh Phish: Microsoft Authenticator
March 13, 2024

It's important for title and settlement professionals to be aware of the latest phishing schemes. To help with this, ALTA has developed an infographic that highlights different phishing emails, what the fraudsters are attempting to do and how to spot the bait. This "fresh phish" attempts to steal Office 365 credentials to sell them or gain access to your email account. It's important to never approve multi-factor authentication requests that you didn't initiate.

New Critical Microsoft Outlook RCE Bug is Trivial to Exploit
Bleeping Computer  |  February 23, 2024

An ALTA member could receive a phishing email with a specifically crafted hyperlink in the body of the email that utilizes and takes advantage of this Outlook vulnerability. Clicking on the malicious link bypasses Outlook’s existing security mechanisms and can lead to the leakage of local NTLM credentials (protocol used in networks that require user authentication) and the potential for arbitrary code execution. Microsoft recommends applying the recently released security updates as soon as possible to mitigate this critical vulnerability.

 Fresh Phish: Microsoft OneDrive Document
February 22, 2024

It's important for title and settlement professionals to be aware of the latest phishing schemes. To help with this, ALTA has developed an infographic that highlights different phishing emails, what the fraudsters are attempting to do and how to spot the bait. This "fresh phish" attempts to steal Office 365 credentials to sell them or gain access to your email account. It's important to never approve multi-factor authentication requests that you didn't initiate.

Google Cracking Down Against Spammers to Protect Gmail Users
Forbes  |  February 14, 2024

Starting in February, Google and Yahoo started requiring Domain-based Message Authentication, Reporting & Conformance (DMARC) policies to be enabled or they will start rejecting email. It's recommended ALTA members' IT managed service provider (MSP) or internal IT teams start checking their email domain policies to get a head of any potential Google or Yahoo email delivery issues.

Deepfake Video Conference Convinces Employee to Send $25M to Scammers
SC Media  |  February 14, 2024

A deepfake phishing scam cost a multinational company more than $25 million after an employee was fooled by digital imitations of his colleagues on a conference call.

Cybersecurity Advisory: Top 10 Cybersecurity Misconfigurations
February 6, 2024

The National Security Agency (NSA) and Cybersecurity and Infrastructure Security Agency (CISA) released a cybersecurity advisory that highlights the most common cybersecurity misconfigurations in large organizations, and details the tactics, techniques and procedures actors use to exploit these misconfigurations.

Phishing Guidance: Stopping the Attack Cycle at Phase One
February 6, 2024

Several federal agencies issued a guide outlining phishing techniques malicious actors commonly use and to provide guidance for both network defenders and software manufacturers. This will help to reduce the impact of phishing attacks in obtaining credentials and deploying malware. The guidance for network defenders is applicable to all organizations but may not be feasible for organizations with limited resources. Therefore, this guide includes a section of tailored recommendations for small-and medium-sized businesses that may not have the resources to hire IT staff dedicated to a constant defense against phishing threats.

Ivanti Warns of New Connect Secure Zero-day Exploited in Attacks
Bleeping Computer  |  February 2, 2024

Ivanti warned of two more vulnerabilities impacting Connect Secure, Policy Secure andZTA gateways, one of them a zero-day bug already under active exploitation. Some ALTA members may utilize Invanti’s Connect Secure VPN (also known as Pulse VPN) or these other products, opening them up to significant cyber risk if not resolved.

Survey: Title Companies Report Increase in Cyberattacks But Mitigation Efforts Help
February 1, 2024

More than 90% of title insurance companies reported the volume of cybercrime attempts increased or remained the same over the past year, according to a Cybercrime & Wire Fraud Study sponsored by the ALTA Land Title Institute. Read on for more results.

Hackers Target WordPress Database Plugin Active on 1 Million Sites
Bleeping Computer  |  January 31, 2024

Malicious activity targeting a critical severity flaw in the "Better Search Replace" WordPress plugin has been detected, with researchers observing thousands of attempts in the past 24 hours. There may be some ALTA members running this plugin on their public website and could be impacted. Users are strongly recommended to upgrade to 1.4.5 as soon as possible.

Critical Cisco Unified Communications RCE Bug Allows Root Access
Dark Reading  |  January 26, 2024

The vulnerability, tracked as CVE-2024-20253, makes enterprise communications infrastructure and customer service call centers sitting ducks for unauthenticated cyberattackers. Some ALTA members may use Cisco-based phone systems and could be impacted by this “critical” 9.9 out of 10 CVSS vulnerability, opening them up for possible cyberattacks.

CISA Issues Emergency Directive on Ivanti Vulnerabilities
January 24, 2024

CISA has issued Emergency Directive (ED) 24-01 Mitigate Ivanti Connect Secure and Ivanti Policy Secure Vulnerabilities in response to active vulnerabilities with Ivanti Connect Secure and Ivanti Policy Secure. Some ALTA members may use Invanti’s Connect Secure VPN (also known as Pulse VPN) and Ivanti Policy Secure opening them up to significant cyber risk if not resolved.

Apple Releases Security Updates for Multiple Products
Cybersecurity & Infrastructure Security Agency  |  January 24, 2024

Apple has released security updates for iOS and iPadOS, macOS, Safari, watchOS, and tvOS. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. How the scheme works: A criminal sends a text message or phishing email. If the URL link is opened on a iPhone, iPad or Mac, the person is sent to a website that has the vulnerability built into it. The individual’s Apple device then becomes compromised.

Regulators Say They Have the Tools to Address AI Risks
American Banker  |  January 22, 2024

Bank regulators said that while they are actively exploring the risks that could emerge from financial institutions' reliance on artificial intelligence, existing tools and laws are sufficient to prevent those risks from harming consumers or the financial system.

CISA Adds Three Known Exploited Vulnerabilities to Catalog
CISA  |  January 18, 2024

CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise.

Citrix Warns of New Netscaler Zero-days Exploited in Attacks
Bleeping Computer  |  January 17, 2024

The two zero-days (tracked as CVE-2023-6548 and CVE-2023-6549) impact the Netscaler management interface and expose unpatched Netscaler instances to remote code execution and denial-of-service attacks, respectively.

Cybersecurity Advisory from ALTA's Information Security Work Group
January 8, 2024

Considering the most recent cybersecurity incidents, ALTA's Information Security Work Group urges everyone to use extreme caution when opening emails containing links, attachments or requests for personal information, such as security credentials or authentication codes. Read on for additional guidance to improve cybersecurity protocols.