Category Archives: Fraud Alert

New Credit Protection Laws Including Other Tips to Avoid Being a Victim of Fraud

By Michael Selinfreund, President / General Counsel of Counsel of Cherry Creek Title Services, Inc.
This article is intended for educational purposes only and not as legal advice. You can view dozens of articles and educational videos of mine at, and the videos are also available on the Cherry Creek Title Services’ YouTube channel.

A credit freeze is a very effective and free tool to avoid being a victim of identity fraud.  It costs nothing; lasts for seven years, and you can release it temporarily or even just for the benefit of one prospective creditor. And, you don’t need to have been a prior victim of credit fraud and provide a police report to qualify for a freeze. You will need to add the freeze separately to the three major credit bureaus: Equifax, Transunion and Experian, and you must also release each freeze separately should the need arise. You’ll do so with a PIN you’ll receive. Parents and Guardians will be able to freeze the credit of a child under 16. To establish credit freezes with the 3 main bureaus, just go to the respective websites of Equifax, Transunion and Experian. Alternatively, you can call and write them as well. As of September 21, 2018, new federal legislation, the Economic Growth, Regulatory Relief and Consumer Protection Act, goes into effect requiring all three credit bureaus to freeze and unfreeze their credit reports free of charge. This legislation comes about after last fall’s breach at Equifax whereby the credit of 150 million Americans was compromised. The new law further requires each credit bureau to set up a credit freeze webpage and act on online and over the phone requests within one business day. If the request is received by mail, they will have three business days to freeze the credit report. If you unfreeze your credit online or by phone, the freeze must be lifted in an hour.

Another option is to put a fraud alert on your credit report by contacting any one of the three main bureaus. They have to share the fraud alert with the other two. Fraud alerts have always been free and lasted for 90 days; however, as of September 21, 2018, they will last one year (seven if you’ve been an actual victim of identify theft). And then of course, you can put another one for the subsequent year indefinitely. In the event any fraudster attempts to open new credit or extend existing credit in your name, a call is made to the phone number you provide when placing the freeze by one of the bureaus and many difficult questions off your credit file going back many years will be asked to confirm your identity. I prefer the fraud alert to the credit freeze. It’s easier to place it with 1 bureau forced to share it with all 3 rather than all 3 separately as the freeze requires. It doesn’t have to be unfrozen (and then frozen again at all 3 bureaus) when you need to allow a creditor or even a utility company, potential employer, licensing agency etc. to pull your credit. I’ve used the fraud alert for many years without a single fraudster attempting to commit identity fraud against me despite being the victim of several breaches besides the Equifax breach.

For your credit card and bank accounts, set-up your profile so you get text messages and/or emails every time a charge is placed on your account or an item or ACH is processing through your bank account. This way you’ll know immediately if your bank account or credit card has been compromised and can contact the bank and/or credit card company to freeze the account from any further fraud. You aren’t responsible for fraudulent charges, but it’s a lot easier to have just 1 or 2 that you instantly stop than wait until the end of a billing cycle and discover dozens of fraudulent charges. I log in to my bank, securities and credit card accounts daily to review the activity in addition to receiving alerts. By catching any fraud early, you minimize the number of fraudulent charges plus you’re giving the bank and/or credit card company/merchant services company immediate notice to stop any further fraud.

I recommend using soft or hard tokens for any of your financial accounts that offer them. A hard token is a small physical device that generates a random number which changes continually. Most change every 30-60 seconds. To access your brokerage account, bank account, etc., you must enter the number on the token in addition to your password. A soft token is a code sent to you via text message or through an app that you enter along with your password. Soft tokens appear to be the future. Tokens make it extremely difficult for a fraudster to gain access to your financial accounts. Get in the habit of looking daily at all of your financial accounts online. I recommend buying an inexpensive extra computer like a Chromebook that you never use for email nor to surf any sites on the internet other than just your known financial account sites. Malware typically infects your computer via email attachments and malicious websites. By having a separate “clean” computer that is NEVER used for email nor for searching the web, you eliminate the opportunity for malware to invade your computer and steal your financial information.

Regarding your personal checking account, use a computer-based program like Quicken and reconcile your bank account daily. It only takes a few minutes, and that will enable you to see any fraudulent checks or fraudulent ACH debits as they occur so you can take immediate action with your bank if any are fraudulent. FDIC covers you on your personal account. Buy secure checks for personal or business accounts that cannot be washed. I use Safechecks based in California, but other companies such as Intuit sell secure checks. Pay as many bills as possible through your credit card and via ACH payments minimizing your check activity.  For those that still hand write their checks, besides using secure checks, fill them out with a Uniball 207 pen.

A business account doesn’t have FDIC coverage so you should add positive pay or payee positive pay to your business accounts. It allows you to inform the bank manually or via an upload of an .xls or .csv file of the checks you write so that any items that you haven’t pre-authorized become exception items. You then have a certain amount of time to reject them from being paid or even set up your account so all exceptions automatically are returned unpaid. I don’t recommend the latter as exceptions are created for innocent reasons such as MICR line reading errors or forgetting to enter the item in positive pay, and it’s nice to still approve those items rather than having them automatically returned.  Your bank will tell you how long you have to approve or reject any exceptions if you go the route.  It will be by a certain time the following day after the item is presented to your account.  I prefer the option whereby items are paid by default unless I object. I review all exceptions very early every morning and act accordingly. On your business account, you’ll want to add ACH filters or blocks; wire blocks (at least an international one if you send wires), dual authentification; a soft or hard token to send and verify wires; and clean computers, as discussed above, dedicated solely to wires and financial matters that you lock up when not in use. Sit down with your banker at least once a year to discuss your account security features and new products and procedures your bank offers to keep your money secure. Lock up your checks and your financial computers since fraudsters often garner their information from people working on office cleaning crews. They switch keyboards so they can monitor keystrokes to procure your passwords; access your USB ports to install malware, steal checks, etc.

If you have an entity such as a corporation or LLC in Colorado (and many other states), for no cost, you can secure your entity by procuring password-only access from the Secretary of State. If your entity is based in another state, make sure it either already requires a password or see if you can add one. The password makes it far more difficult for a fraudster to file any documents regarding your entity. Business identity fraud exists, and that’s why the state offers the ability to secure your entity.

Cross-cut shred anything financial or with your name, social, account numbers etc. I read about fraud activity regularly, and much of it still originates with the theft of information procured from your trash or from your outgoing mail containing checks. They either wash the stolen checks or print up new checks in your name with the MICR line information (routing and account number) they steal off your check. So, again, try to set up as many payees as possible to accept credit card payments or ACH payment in lieu of writing checks. For the checks you mail, only send your mail through a secure mailbox. Most neighborhoods have mail stations with locked outgoing mailboxes as do most office buildings. If you have to, go to the post office.

On your non-secure computers, add an anti-malware program such as Malware Bytes and an anti-virus software program such as AVG. Image your computer once a month on a portable drive. I image mine weekly using Acronium. I back-up daily to the cloud, another computer and also to a portable drive. I run windows defender in windows 10. I back up my QuickBooks and Quicken files plus key spread sheets on a thumb drive daily. Open no email attachments unless you’re positive you know where it originated, and I recommend never answering your phone if you don’t know the caller. People still get duped all the time into providing confidential information or even making payments by fraudsters posing as the IRS or one of your financial accounts. The IRS and your bank will never call you seeking such information or payments. And always assume anything you’re asked to click on inside an email is a malicious link with the intent of corrupting your computer. I make sure I’m expecting the attachment and the sender is exactly who I expect it to be by carefully inspecting the sender line and often calling the sender on a known number to verify they sent it. I also often open attachments first on my phone to confirm their authenticity since I don’t keep anything confidential on my phone and such malware is not typically written to corrupt your mobile device. Besides, I won’t open anything until I’m 99.9% sure it’s legitimate even on my phone.

Regarding email accounts, for all your email activity that contains any confidential or non-public information, do not use a public email account such as Gmail.  I pay $55.00 per month for 10 email accounts hosted by a secure email server that filters out spam emails and emails containing malicious content. I send my personal email through Comcast and use Gmail accounts for those I don’t wish to have my primary personal email information.

Finally, if you find yourself sending a wire, absolutely assume you’ve been given fraudulent wiring instructions and go from there. Contact the receiving party directly on a confirmed legitimate phone number or go visit them and confirm the accuracy of the wiring instructions. Never trust any email you receive attempting to modify those instructions regardless of how authentic it appears. Immediately go back through the steps above and confirm everything with the receiving party after ensuring you really are communicating with the receiving party and not a fraudster. The amount of buyer funds to close real estate transactions that are being hijacked by fraudsters tricking the sender of the wire with phony emails is epidemic. In the alternative, shop for a title company that will accept a cashier’s check as many still do especially given the current risks associated with wires being irretrievably stolen.

I recommend storing your password and account information on a password protected spreadsheet, and of course, make them complex and change them regularly.

Fraudsters are continuing to come up with new ways to steal your money. Be extremely alert every time you’re sending money through any means, and make sure you have all possible protections added to your bank and credit accounts.

Visit to view numerous articles I’ve written primarily on Colorado real estate legal topics and many are available in video form at the Cherry Creek Title Services YouTube channel.

Don’t Be Spoofed!

You have read the warnings: “Don’t wire funds in response to an email without using call-back procedures!” Always call the party who appears to have sent the email for confirmation using a “safe” or know phone number. What happens if you receive a phone call from your intended funds recipient, asking that you wire funds? You check the number on your caller ID and see that it matches the know number you have.

Are you good to wire funds? NO!

Fraudsters and thieves are utilizing prepaid “burner” phones and applications that will “spoof” the caller ID of any phone number the caller chooses-even valid phone numbers of known businesses.

This fraud scheme is rampant – our industry is not the only target. These spoofing apps advertise themselves as a tool to “prank your friends” but  are used by criminals posing as entities such as taxing authorities or bank personnel in order to defraud companies and consumers into sending money or providing confidential information.

How does this affect the title insurance companies? Fraudsters have learned that responsible escrow officers have begun using call back procedures to validate and verify emails regarding wiring of funds. They are using spoof caller ID in order to circumvent security procedures.

DON’T GET SPOOFED! An incoming phone call never takes the place of an outgoing confirmatory call before wiring funds.


Reprinted with permission of the American Land Title Association.
First American Title Insurance Company makes no express or implied warranty respecting the information presented and assumes no responsibility for errors or omissions. First American, the eagle logo, First American Title, and are registered trademarks or trademarks of First American Financial Corporation and/or its affiliates.
AMD: 05/2017


Tips to Protect Your Information During Your Real Estate Transaction


Real Estate Transactions are a Prime Target for Fraudsters!

When you buy a home you will be required to submit personal information to your lender and/or escrow agent. At Cherry Creek Title Services, we go above and beyond the industry standards to secure your personal information during and after your transaction. Here are some important tips to remember:

Always carefully examine the email address from which you receive updates on your transaction from your escrow officer to ensure it is correct. If an email seems suspicious, contact your escrow officer immediately.

Call your escrow officer  immediately if you receive an email requesting to change the wiring instructions for your transactions. DO NOT use the contact information provided in the email.
Carefully review your personal information on your transaction paperwork to ensure it is correct.Communicate or confirm any changes to the transaction with your escrow officer over the phone or in person.

Do not provide information about yourself or your transaction to any unknown or unnecessary parties.

Contact your escrow officer  if you suspect your email address is being improperly used or if you do not receive funds in a timely fashion.

Reprinted with permission of the American Land Title Association.
First American Title Insurance Company makes no express or implied warranty respecting the information presented and assumes no responsibility for errors or omissions. First American, the eagle logo, First American Title, and are registered trademarks or trademarks of First American Financial Corporation and/or its affiliates.
AMD: 05/2017


Tips to Identify Valid and Suspicious Emails

click on envelopeThe most common signs of suspicious signs to look for before opening your emails and clicking on any link are:

  • Incorrect Grammar/Spelling/Text Body

Many phishing email contain misspellings. Some of
these messages have been poorly translated from other languages. Additionally, you will want to pay attention if the time or date appears in the message body of an email. If the email contains the date format of DD/MM/YY, 24-hour time or coordinated universal time (UTC,) it’s likely that the email’s point of origin generated outside of the United States.



  • Suspicious Attachments

High-risk attachments file types include: .exe, .scr, .zip,
.com and .bat. Spam filters will generally do a good job of quarantining those formats. Most companies commonly send and receive .zip, .doc, .docx, .xls, .xlsx, .ppt, .pptx and .pdf. However, a malicious sender can implant devious code in those formats as well. Once the attachment is opened, the computer is already compromised. Take caution if you have sent an email that has an attachment and the sender is questionable. You will want to verify the legitimacy of the email first. Next, you will want to examine the context of why the attachment is being sent.

  • Email Format/Absence of Logos/Plain Text Email

Most legitimate messages will be written with HTML. It should be a mix of text and images. A poorly constructed phishing email may show an absence of images. This includes the lack of the company’s logo. If the body of
an email is only an image as text, it’s possible that it is illegitimate. Outlook blocks showing images by default.
If the email is all plain text and looks different than what you’re used to seeing from a frequent sender, you may want to contact the sender directly in a new email or phone call.


  • Links in the Email

A common practice is to avoid blindly clicking on links
in an emails. Outlook allows you to hover over a link before clicking on it. If the link in the body of the email is different than what Outlook hovered preview reports, it
is not legitimate. Even if it seems legitimate, open a new browser window and type the URL directly into the address bar. If you’ve clicked on a link, a phishing website will look identical to the original. However, your system may already be compromised. If you’re work email is connected to your phone, you will want to take extra precaution.

  • Urgent Request for Personal Information

One tactic that is commonly used by hackers is to alert you that you must provide and/or update your personal information about an account (e.g., Social Security number, bank account details, account password). Phishers will use this tactic to drive urgency for someone to click on a malicious URL or download an attachment aiming to infect the user’s computer or steal their information.


  • Use Work Email for Work Purposes Only

Employees should avoid using their work email address for personal signups. These include social media websites or customer loyalty/ reward programs





Reprinted with permission of the American Land Title Association.
First American Title Insurance Company makes no express or implied warranty respecting the information presented and assumes no responsibility for errors or omissions. First American, the eagle logo, First American Title, and are registered trademarks or trademarks of First American Financial Corporation and/or its affiliates.
AMD: 05/2017


Protecting Your Funds From Wire Fraud During Real Estate Transactions

By Michael Selinfreund, Esq.,

President/General Counsel of Cherry Creek Title Services, Inc., Agent for Commonwealth/Fidelity and First American

Recently, the number of incidents of wire theft in real estate transactions has risen dramatically. Wires of buyer’s funds to close and seller’s proceeds are being hijacked all the time.

Here’s a typical scenario. The fraudsters hack into the real estate agent’s email and monitor the agent’s emails watching pending transactions.  Occasionally, they hack into the title company’s emails; however, it’s less common since it’s far easier to identify real estate agents that use public emails rather than private domain email accounts; lack sufficient firewalls; and are easier targets of malware than title companies.   However, title companies also fall victim to these scams. All it takes is the fraudster posing as the real estate agent and instructing the closer to change the wiring information for the seller or the closer opening an attachment with malware.

Sometimes the fraudster steals the buyer’s funds to close by hijacking the wire intended for the title company. The fraudster sends an email to the buyer (often that appears to originate from the title company) modifying the routing and account information for the buyer’s wire to the fraudster’s account. Since the fraudster knows when the transaction is closing by monitoring the email account they hacked, they know when to send such an email.  Many prefer to target the seller’s proceeds and wait until after the closing and then re-direct the seller proceeds immediately after the closing by posing as either the seller or the real estate agent for the seller.

These emails look legitimate since they either spoof the email address of the sender (looks like it came from a legitimate address) or they send t


he email from an account that is virtually identical to the sender’s by adding one character to the legitimate sender’s email and it goes unnoticed. That’s very easy to do when the sender uses public email accounts. That’s a common way title companies get duped. The closer receives an email from the fraudster that looks virtually identical to that of the agent, and instructs the agent to change the wiring instructions for the seller’s proceeds.  Some fraudsters go as far as sending a fake email from the intended recipient’s bank acknowledging receipt of the wire and that it was being credited to the defrauded party’s account. This gives the title company and defrauded party a false sense of security, and the goal is to delay them a day or two to confirm whether the wire was properly received. This gives the fraudster additional time to withdraw the stolen funds or wire them to another account from which they’re withdrawn before the funds can be frozen where they were initially diverted.

So, if you’re the buyer, here’s how to protect yourself. One way is to fund your deal with a cashier’s check instead of a wire.  If the title company has a wire only policy, tell them your concern about wire theft and offer to scan and send a copy of your cashier’s check in advance so the title company can call the issuing bank to verify its authenticity. That along with telling them you’ll close elsewhere if they will only accept a wire will likely change their position. If you cannot move the closing or choose to proceed and fund with a wire, make sure you call the title company closer at a phone number you independently verify belongs to them, and verify the wiring instructions directly with the closer. Many title commitments contain the wiring information where you send your funds necessary to close so be very wary if the closer gives you different information than what’s in the commitment.  No matter what emails or correspondence you receive ever attempting to modify that wiring information, you need to absolutely presume it’s an attempt to defraud you and divert your money to a criminal.  You’ll of course at a minimum want to call a phone number you procure independently (not off a potential fraudulent correspondence) and speak to the closer. I’ve never once seen the wiring instructions change in the middle of a transaction that wasn’t fraudulent so you need to be on high alert.

Protecting yourself as the seller from your proceeds wire being hijacked also requires a little diligence. You’ll want to insist that the title company signs a written document at the closing that confirms the correct wiring information for you and provides that the wiring information cannot be changed under any circumstances. Or you could choose to add a sentence that they can only be changed if the seller (you) returns to the title company; speaks directly to the closer that knows what you look like; you prove your identity again; and you sign a modified written document changing the wire destination. I’d prepare that document myself; send it in advance to the title company closer insisting that it be signed at the closing so it comes as no surprise, and if they refused to sign it, I’d go elsewhere. You have every right to make the party handling your money follow your strict instructions regarding the wiring instructions.

I also recommend notifying the title company prior to the closing that you want your wire sent immediately following the closing while you are still present, or make the title company get you a cashier’s check. Aggressive attorneys virtually 100% of the time successfully make the title company initiate the seller proceeds wire right after the closing, and the attorney waits in the lobby until a wire confirmation is received that the bank sends virtually immediately after a wire is sent. A thorough attorney verifies on the confirmation that it went to the proper account and takes a copy with them. A common issue that arises with getting a cashier’s check in lieu of a wire is that your bank may put a hold on it. If you’re turning around and purchasing another property or need immediate access to your funds for any reason, a cashier’s check might not work for you.

The sad reality is that once wires are stolen, they are rarely recovered. It’s a devastating loss to the victims, and their recourse at that point is to sue the real estate agent and/or title company for negligence.   Not only is litigation extremely expensive, you are forced to incur that cost right after losing a huge amount of money. And, getting a judgment means nothing unless you can collect. The parties responsible may lack the money to pay the judgment or may file for bankruptcy protection.  It’s far wiser to take appropriate precautions so you are never a victim of wire theft.

*This article is intended for educational purposes only and not as legal advice*

Visit our YouTube Channel for helpful tips and educational videos!Cherry Creek Title Services You Tube Channel

Protect Your Money From Wire Fraud When Buying a Home

Wire Fraud is Real – learn how to prevent wire fraud happening to you by watching this video presentation by First American Title