The rise of mortgage identity fraud and how to stop it in its tracks

Simon Lovell (pictured) is field compliance manager at TMA Club

Fraud is now unfortunately a common theme in day to day life. It has particularly made its presence known online, sophistically evolving, enabling it to reach what were once thought of as untouchable markets in both the consumer and financial sectors.

With more and more data stored online and in clouds, fraudsters and their methods have become increasingly advanced. And it seems that no company, however big or small is completely safe from being targeting by them.

Apple was recently targeted as part of an elaborate hack and the past few years has seen TalkTalk and Equifax amongst others hit by large scale data breaches. With the recent Apple breach, criminals were able to dupe customers into providing personal and financial information. The criminals then used the information supplied to hijack accounts, conduct fraudulent Apple store and credit card transactions in the customers’ name, and attempt to steal their identity.

This identity theft often starts with a small purchase, such as an album on iTunes, but the fraudsters know if that is successful, they can make their way up the pay scale to more expensive items. Whilst the majority of fraud cases have followed this somewhat familiar model, it is sadly increasingly common for criminals to target perhaps the biggest expense in anyone’s life – a mortgage. Hackers monitoring exchanges between buyers, solicitors and estate agents is, regrettably, becoming ever more common.

Sophisticated criminals and their techniques have meant that everyone involved in the house-buying process needs to be extra vigilant. In most cases of fraud, the house purchaser is sent a plausible email that claims to be from either their broker or solicitor. A fraudster hacks into the email communications between a client and a company, usually via an email attack. Highly developed malware is delivered via the attack into a computer which will lie dormant until it recognises specific keywords.

Most often, this is in the form of a request for funds, or a deposit payment. The malware is then activated, with an email sent from the hacker, but seemingly from the broker or lender, containing bank details to which the recipient is advised to send the deposit for the house purchase. The bank details are genuine but belong to the thief. Far from purchasing a home, the victim has just given away their deposit – a very considerable sum.

There are however, a number of steps that everyone involved in the process can do to minimise their fraud risk, including brokers. Whilst there is no 100% fool proof way to eradicate fraud, there are processes that can put in action to minimise the risk.

As part of your role, brokers will be fine-tuned to notice any anomalies to processes, different emails and requests for payment – while they may stand out for you, the house purchaser may miss these. Clients are understandably excited and keen to get into their new property as quickly as possible. It is therefore important to advise your clients around the risks and what to look out for, to reassure them that you are there to help them and to help make sure that they aren’t victims of fraud.

You should also make sure that your own data processes are up-to-date and all IT systems are updated regularly. The arrival of GDPR places even greater scrutiny on firms to meet data management and security guidelines. At TMA, we take the upmost care to protect our brokers and their clients from fraud, including our launch of a GDPR knowledge base and anti-money laundering checks through SmartSearch. These tools help to support the communications we distribute on fraud as well as workshops held on the topic.

There have been hugely positive advances in IT security over the past decade, but as this pace of change has increased, so have fraudsters sophistication methods. By liaising with other businesses and highlighting any concerns, the industry can help to flag any anomalies and stop fraud and ID theft in its tracks. It is not an easy challenge and one that will take time – but one that is necessary.

Sign up to our daily email