Information Security and Wire Transfer Fraud are critical topics for the land title insurance and settlement industry. Wire Transfer Fraud is a threat to every title operation regardless of size, location or years in business. ALTA’s priority is helping you protect your systems, plan for a rapid response in case of an incident, and prepare your employees, clients and customers to be aware and vigilant.

The ALTA Board has identified information security and wire transfer fraud as a Strategic Priority and staff are working to educate members on security threats to their businesses in both cyber and physical environments, collaborate with coalition partners to raise consumer awareness about information security and wire transfer fraud, and promote best practices for protecting personal funds and information and seek policy change that will protect consumers.

Do You . . .

  • work in the land title insurance industry?
  • use a computer, tablet or smartphone?
  • talk and email with vendors, clients, customers and consumers?

ALTA Helps You

Tools You Can Use

Get The Facts

  • FBI Public Service Announcement (I-050417-PSA). 10-minute read. The PSA, dated May 2017, describes Business Email Compromise (BEC) and Email Account Compromise (EAC) schemes and how they lead to wire fraud.
  • 2017 Internet Crime Report. Published by the FBI's Internet Crimes Complaint Center (IC3). Take 30 minutes to read this report and discover the trends in cyber crime, which impact more than 200,000 victims every year and result in losses topping $1 billion.

Establish and Maintain Operational Readiness

    • Federal Requirements. Gramm-Leach-Bliley Act (GLB): This regulation requires financial institutions—companies that offer consumers financial products or services like loans, financial or investment advice, or insurance—to explain their information-sharing practices to their customers and to safeguard sensitive data. These companies include title and settlement companies, as well as law firms.
    • State Requirements. Forty-seven states, the District of Columbia, Guam, Puerto Rico and the Virgin Islands have enacted legislation requiring private, governmental or educational entities to notify individuals of security breaches of information involving personally identifiable information.
    • ALTA Best Practices. The third pillar of ALTA’s “Title Insurance and Settlement Company Best Practices” provides procedures that should be taken to protect non-public personal information (NPI).
    • ALTA Rapid Response Plan for Wire Fraud Incidents: The standard ALTA Rapid Response Plan for Wire Fraud Incidents has been developed by the ALTA Information Security Committee. Download and customize:

Promote Employee Awareness and Preparation

Title and settlement professionals are on the front line in the battle against wire transfer fraud. Use these tools to help prepare your employees:

Be a Leader for Clients & Consumers

ALTA has developed tools to help you educate consumers about the dangers of wire fraud.

  • ALTA Wire Fraud Video: This 2-minute video provides four tips on how consumers can protect their money and offers advice on what to do if they have been targeted by a scam. Link to this video from your website, include in your email or share on social media.
  • ALTA Wire Fraud Infographic: ALTA has produced this Rack Card explaining Wire Fraud. ALTA Members can brand the infographic with their own information at the ALTAprints website.
  • ALTA Wire Fraud PowerPoint for Consumer Education: (Member-only content) Use this presentation to educate consumers about the dangers of phishing emails and wire transfer fraud. The presentation provides information on what to do if you’ve fallen victim to a scam and also highlights 10 tips to prevent wire fraud.

More Resources - Publications and Other Websites

ALTA Member-to-Member Free Resources

ALTA’s Information Security Committee

Federal Bureau of Investigation (FBI)

Federal Financial Institutions Examination Council (FFIEC)

Federal Trade Commission (FTC)

National Association of Insurance Commissioners (NAIC)

Resources

InfoSec Advisory Bulletin Archive
ALTA’s Information Security Committee produces the quarterly InfoSec Advisory Bulletin to inform membership on various cyber-related topics to enhance awareness, prevention, detection and response/recovery methods for the industry.

Information Security News from ALTA

Federal Trade Commission

Federal Financial Institutions Examination Council (FFIEC)

Federal Bureau of Investigation

National Association of Insurance Commissioners (NAIC)

Webinars


Information Security Articles

Recent 2019 2018 2017 2016 2015 2014

 Congress Passes Cybersecurity Legislation
December 11, 2014
The U.S. House of Representatives unanimously passed S. 2519, the National Cybersecurity Protection Act of 2014, which the Senate passed earlier this week.
 2015 Data Breach Forecast: Employees will be Biggest Threat
December 4, 2014
In its 2015 Second Annual Data Breach Industry Forecast, Experian predicted that companies’ biggest threat for cyber attacks will continue to come from employees, but will receive the least attention.
 Email Scam Gets You Free Malware, Not Free Pizza
November 20, 2014
An email going around says you can join in celebrating Pizza Hutt’s 55th anniversary by getting a free pizza at any of its restaurants. Just click on the “Get Free Pizza Coupon” button, the email encourages. Don’t do it. There’s no free pizza. Clicking on the coupon will just install malware on your computer, according to the Federal Trade Commission.
 FFIEC Conducts Cybersecurity Assessment of Financial Institutions
November 6, 2014
Rapidly evolving cybersecurity risks reinforce the need for all institutions and their critical technology service providers to have appropriate methods for obtaining, monitoring, sharing and responding to threat and vulnerability information, the Federal Financial Institutions Examination Council (FFIEC) reported in a cybersercurity assessment.
 Report: Identity Fraud Rises 9 Percent
October 7, 2014
While Interthinx reported that mortgage fraud remained unchanged from the previous quarter, instances of identity fraud increased 9 percent during the second quarter of 2014. The increase in this type of activity is important to title and settlement agents as lenders will often try to hold them liable for not detecting the fraud at the closing table.
 Top Cyber Threats and 10 Security Tips for Title Professionals
September 18, 2014
Social engineering, spearfishing, whaling and microphishing are some of the most common cyber threats today. Would your employees know if they received a spoofed email from one of your lender clients? Is your system protected against unauthorized access to confidential data? Title professionals must be vigilant with their cyber security by talking with their network security staff and legal team, to update software regularly, strengthen password integrity and comply with regulations.
 Strong Passwords: The First Line of Defense
September 11, 2014
It’s crucial to pick strong passwords that are different for each of your important accounts and it is good practice to update your passwords regularly. Read on for general recommendations on creating a strong and complex password.
 Email Encryption: Locking Down Data a Business Necessity
August 14, 2014
With regulatory requirements and cyber threats pushing title professionals to protect non-public personal information included in email, finding an easy-to-use solution is key to successful deployment. Read on for information on why email encryption is important, how it works and how to select the right option for your business needs.
 Federal Agency Launches Cybersecurity Web Page, Promotes Awareness of Cybersecurity Activities
July 10, 2014
The Federal Financial Institutions Examination Council's web page will serve as a central repository for current and future FFIEC-related materials on cybersecurity.
 FCC Net Neutrality Rules Could Create Fast, Slow Internet Lanes
July 8, 2014
While proposed net neutrality rules proposed by the Federal Communications Commission are meant to prevent Internet providers from knowingly slowing data, they would allow content providers to pay for a guaranteed fast lane of service. Some opponents of the plan argue that allowing some content to be sent along a fast lane would essentially create an unlevel playing field.
 Protect Your Escrow Funds: ‘Don’t Use QuickBooks’
July 3, 2014
Maintaining the integrity of the funding process is among lenders top concerns. In light of recent defalcations, lenders will require evidence that mortgage funds are being properly monitored, reconciled, secured and disbursed. Read on for advice on policies and procedures to protect funds held in escrow.
 Another View: Two Good Ways to Put Your Email at Risk
June 5, 2014
Last week, ALTA ran an article on email encryption titled “Tips on Sending Encrypted Email: Make It Simple” that said a technology called TLS or Opportunistic TLS makes the integration seamless. Today, we run another point of view that says utilizing TLS or opportunistic TLS could leave your company vulnerable to data breaches.
 Eight Cybersecurity Issues You Should be Concerned About
June 5, 2014
The cybersecurity programs of US organizations do not rival the persistence, tactical skills and technological prowess of their potential cyber adversaries, according to the 2014 US State of Cybercrime Survey. Read on for a list of eight items that companies should consider when developing a cybersecurity program.
 Tips on Sending Encrypted Email: Make It Simple
May 29, 2014
When sending encrypted email to protect non-public personal information, not only is it vital to make receiving messages simple for customers, the technology implemented should avoid disrupting staff workflow. Find out why title professionals should consider an auto-encrypt solution that eliminates the potential of an employee forgetting to protect an email with non-public personal information.
 IT Pays to Be Prepared: The Cost of Data Breaches
May 22, 2014
Title and settlement companies’ failure to properly guard non-public personal information may carry a hefty price tag regardless of whether an actual injury results from the breach. Now is the time to implement data security measures that will protect your company and your customers in the future.
 10 Cybersecurity Tips for Title Companies
May 8, 2014
The Internet and information technology are powerful tools in helping title companies reach new customers, and increase productivity and efficiency. However, businesses need a cybersecurity strategy to protect their own business, their customers and their data from growing cybersecurity threats. Read on for tips from the Federal Communications Commission on how to protect your company.
 Know What’s Considered Non-public Personal Information and Where It’s Located in Your Company
May 8, 2014
To be able to comply with this pillar of best practices, it’s important to understand what constitutes non-public personal information and where it can be found in a company, including how information is collected, acquired, stored, transmitted and disposed.
 User Names, Passwords Top Hacker Targets, Report Concludes
May 1, 2014
The use of stolen and/or misused credentials—such as user name/passwords—continues to be the top way for hackers to gain access to information, according to the 2014 Verizon Data Breach Investigations Report. The report also identified nine main threat patterns.
 Thieves Steal Earnest Money Through Email Fraud Scheme
May 1, 2014
Title agents should be aware of a new email fraud scheme where hackers are targeting consumers and stealing earnest money for upcoming transactions. Read on to learn how the scam is perpetrated.
 SEC Issues Cybersecurity Risk Alert
April 24, 2014
The alert outlines areas the SEC will assess in an upcoming examination of more than 50 registered investment advisers and broker-dealers.
 How to Shop for Cyber Insurance
April 24, 2014
Cyber insurance can be an extremely valuable asset in an organization’s strategy to address and mitigate cyber security, data privacy and other risks. However, selecting and negotiating the right insurance product can be a challenge because of the lack of standard language and issues with "off-the-shelf" policies. Read on for tips from Roberta Anderson, a member of K&L Gates’ firm’s global insurance coverage and cyber law and cybersecurity practice groups.
 Chase Plans Enhanced Cybersecurity Efforts
April 17, 2014
The nation’s largest financial institution expects to spend more than $250 million this year on cyberdefense, with 1,000 employees assigned to the task, Chairman and CEO Jamie Dimon wrote in a letter to shareholders. Chase also plans to build three cybersecurity operations centers at its regional headquarters.
 Title Company Finds Effective Email Encryption Solution
April 17, 2014
Email encryption is used to ensure that only the intended recipient is able to access the email and any attachments. Traditionally, deploying email encryption services has been complex and cumbersome. Read on to learn how Wisconsin Title Closing & Credit Services stumbled upon a solution that's worked rather seamlessly and helps the title company protect non-public personal information.
 Heartbleed Bug Exposes Internet Data
April 10, 2014
Earlier this week, a major new security vulnerability called Heartbleed was discovered that has exposed millions of passwords, credit card numbers and other non-public personal information to potential theft by computer hackers.
 Malicious Attack on Loan Origination Software Provider Stalls Closings
April 3, 2014
A malicious attack earlier this week on Ellie Mae’s loan origination software Encompass caused many closings to be delayed, forcing lenders to pay for rate lock extensions
 4 Employee Training Tips to Ensure Compliance With Company Security Program
April 3, 2014
Once a company has developed, formalized and implemented Best Practice policies and procedures, it’s important to effectively manage and train employees to ensure compliance.
 Escrow Accounts Vulnerable to Hidden Virus in Photos
April 3, 2014
A newly discovered version of a well-known computer virus disguises a configuration code in a digital photo that can steal online account information. An escrow account could be drained without a bank even knowing because the customer was properly authenticated into the system.
 Fraudulent Reinstatement of a Dissolved, Closed or 'Dead' Business
March 27, 2014
According to the Better Business Bureau, identity theft affects more than nine million people and costs more than $56 billion to the economy every year. Identity thieves also can take advantage of companies that are dissolved or no longer in business.
 Protecting Data: ‘Compliance Is a Journey’
March 20, 2014
A panel of industry experts showed attendees at ALTA’s 2014 Business Strategies Conference how easily criminals can access non-public personal information by sharing a “live-hacking” session during a general session on March 14. Read on to learn why title professionals must constantly be vigilant in protecting data.
 Tips to Prevent Mobile Cybercrime
March 13, 2014
With the recent uptick of in-store data-breaches, it's important to also remember the vulnerabilities associated with mobile devices and social media platforms. Read on for four simple tips from Agility Recovery on how to protect data.
 Wireless Routers Vulnerable to Virus Attacks
March 6, 2014
Updating computer anti-virus software is a familiar concept for most, but recent reports highlight that some home and small-office wireless routers may be vulnerable to attacks.
 Protect Your Company Against Fraudulent Change of Business Registration Information
February 27, 2014
For the cost of a filing or processing fee, thieves may attempt to file a fraudulent change of your business address, or file changes to your business’s officers, directors or registered agent. Read on to learn why this could be a danger and how companies can protect themselves.
 White House Launches Cybersecurity Plan
February 20, 2014
The framework can be used to complement any information security program policies ALTA members may have in place or need to implement.
 Bill to Prevent Cyber Attacks Approved by House Committee
February 6, 2014
The House Homeland Security Committee on Feb. 5unanimously passed HR 3696, the “National Cybersecurity and Critical Infrastructure Protection Act of 2013.” The third pillar of ALTA’s "Title Insurance and Settlement Company Best Practices” addresses network security to protect non-public personal information, management and training of employees to ensure compliance with a company’s information security program, as well as notification of security breaches to customers and law enforcement.
 FHA to Accept More Documents with E-signatures
February 4, 2014
The new policy allows e-signatures on origination, servicing and loss mitigation documents, as well as FHA insurance claims, REO sales contracts and related addenda. Initially, e-signatures will not be accepted on the mortgage note, but the FHA plans to begin accepting e-signatures on forward mortgage notes at the end of the year.
 Escrow Company Sues Bank to Recover $1.1M Lost in Cybercrime
January 16, 2014
The receiver for a California-based settlement company is suing the firm’s former bank to recover more than $1.1 million in escrow funds that were fraudulently transferred to China.
 Homeland Security Subcommittee Passes Cyber Attack Bill
January 16, 2014
On Jan. 15, the Homeland Security Subcommittee on Cybersecurity, Infrastructure Protection, and Security Technologies approved the National Cyber Security and Critical Infrastructure Protection Act of 2013. The third pillar of ALTA’s “Title Insurance and Settlement Company Best Practices" addresses network security to protect non-public personal information, management and training of employees to ensure compliance with a company’s information security program, as well as notification of security breaches to customers and law enforcement
 Cyber Insurance Can Limit Agent Losses Caused By Online Attacks
January 16, 2014
The risks title companies can be exposed to in this Internet era are limited only by the imagination of the would-be thieves, virus designers and hackers out there. Read on to learn where information could be vulnerable to an online attack.
 Senator Reintroduces Data Security Bill in Wake of Target Breach
January 9, 2014
In the wake of the massive security breach at Target Corp. that potentially exposed millions of consumers to identity theft, Senate Judiciary Committee Chairman Patrick Leahy (D-Vt.) is renewing efforts to pass data security legislation. The third pillar of ALTA’s “Title Insurance and Settlement Company Best Practices addresses policies and procedures to protect non-public personal information, including guidance on network security and notification of security breaches to customers and law enforcement.
 Financial Regulators Issue Final Guidance on Social Media
January 9, 2014
The The Federal Financial Institutions Examination Council's 19-page guidance is intended to help understand potential consumer compliance and legal risks, as well as related risks such as reputation and operational risks, associated with the use of social media, along with expectations for managing those risks.
 Cyber Threats Growing in Frequency, OCC Reports
January 9, 2014
Cyber threats are growing in sophistication and frequency, and require heightened awareness and appropriate resources to identify and mitigate the associated risks, the Office of Comptroller of the Currency reported in its Semiannual Risk Perspective for Fall 2013. ALTA created its "Title Insurance and Settlement Company Best Practices" to help lending institutions supplement their risk-management programs. Read on for information on how the Best Practices can help companies protect escrow/trust accounts from fraud, procedures to safeguard non-public personal information and actions to follow in case of a security breach.