What would you do if a million dollars disappeared?
A similar nightmare is unfolding for Florida real estate firm – Richards, Gilkey, Fite, Slaughter, Pratesi & Ward, P.A. – the target of a lawsuit by Cyber Fraud Recovery and Robert Brvenik.
The amended complaint, filed on Jan. 10, alleges that the firm employed inadequate cybersecurity on its computer systems, allowing the fraudulent transfer of $974,663.44 from an account belonging to Brvenik.
In the lawsuit, Brvenik is alleging negligence, breach of fiduciary duties, and legal malpractice by the law firm, and is seeking compensatory damages.
“I was relying on Richards Gilkey to be up-to-date on current security procedures, or at least pick up the phone and call me to verify the instructions, so as to conduct the closing without my being defrauded out of nearly a million dollars,” Brvenik said after filing the complaint.
The lawsuit alleges that, at the time of the real estate closing, the law firm was subject to a cyberattack in which a hacker compromised the firm’s email account and emailed a fraudulent wire transfer request to Brvenik.
The fraudulent wire transfer specified an outside bank account that was under the control of the hacker. The lawsuit contends that, if the firm had followed accepted security practices and standards, it would not have been hacked and the fraud could not have happened.
Well before the time of the fraudulent transfer, the FBI had issued a public service announcement warning law firms and real estate brokers of the high risk for cyber email hacking.
The FBI also recommended the need for these firms to have greater cyber security measures in place. The announcement warned of precisely this type of scenario, which targets all participants in real estate transactions including buyers, sellers, agents, and lawyers.
Despite the continued warnings by the FBI, Richards Gilkey was hacked.
Unfortunately, this type of hack and scam is well-known in the real estate industry and has been on the rise. The FBI Internet Crime Complaint Center (IC3) saw a 480 percent increase in the number of complaints in 2016 filed by title companies that were the primary target of Business E-mail Compromise (BEC)/ E-mail Account Compromise (EAC) scams. The BEC/EAC perpetrators have been able to monitor real estate proceedings and time their fraudulent requests for a change in payment type (frequently from check to wire transfer) or a change from one account to a different account under their control.