Skip to main content
日本語 한국어

Search

Articles in this section

Fraud Prevention

Avatar
Dean Kim
  • Updated

Table of Contents

Introduction

Protecting Your Business: Fraud Prevention Tools from HiCentral MLS

Case Studies:

Case Study #1: Rental Scams

Case Study #2: Vacant Land Scams

Case Study #3: Escrow Closing Impersonation Scams

Case Study #4: The Pig Butchering Scam

Helpful Links:

Hawaii News Now Article: https://www.hawaiinewsnow.com/2025/11/18/i-have-duty-public-title-theft-scheme-halted-by-suspicious-realtor/

 

Introduction

Cybercrime in real estate is the fastest growing criminal activity around the world today. With the ubiquity of internet and email accessibility for all consumers, criminals now can steal from anyone, anywhere around the world without the risk of exposure.

With the invention of AI, criminals now have the capacity to use this technology to identify, scrub, and execute crimes in an accelerated rate never seen before. As much good as AI provides for business and consumers, it equally has its dark side as it can aid criminals in perfecting and expediting crime.

Here are some statistics on cybercrime.

  • Cyberattacks occur more than 2,200x per day and someone falls victim every 39 seconds. (University of Maryland)
  • The average time to identify a breach is 194 days (over 6 months). (IBM)
  • The average lifecycle of a breach is 292 days from identification to containment. (IBM)
  • Cloud environment intrusions increased by 75% over the past year. (National University)
  • 88% of cybersecurity breaches are caused by human error. (Stanford)
  • 71% year-over-year increase in cyberattacks that used stolen or compromised credentials. (IBM)
  • 98% of web applications are vulnerable to attacks that can result in malware, redirection to malicious websites, and more. (PT Security)
  • In Q1 2024, North America was the region most impacted by ransomware attacks, accounting for 59% of nearly 1,000 published ransomware attacks. (CheckPoint)
  • *32% of cyber incidents involved data theft and leaks, indicating a shift toward stealing and selling data, rather than encrypting it for extortion. (IBM)

Financial Impact Cybercrime has

  • Data breaches cost businesses an average of $4.88 million in 2024.
  • ‍The average ransomware payout increased from under $200,000 in early 2023 to $1.5 million by mid-2024. (Duo)
  • The average cost of a single ransomware attack is $1.85 million. (NinjaOne)
  • Cybercrime is projected to cost the world $9.5 trillion annually in 2024, with expectations to reach $10.5 trillion by 2025. (Cybersecurity Ventures)

Protecting Your Business: Fraud Prevention Tools from HiCentral MLS

At HiCentral MLS, we are committed to equipping our members with the tools and knowledge needed to safeguard your business from fraudulent activities. In our latest effort to support you, we are excited to introduce a valuable new resource focused on fraud prevention.

Our latest addition includes a series of three comprehensive case studies that delve into prevalent fraudulent schemes affecting real estate transactions today:

1. Rentals and Airbnbs: Explore the risks associated with rental properties and Airbnb listings and discover strategies to mitigate these risks effectively.

2. Vacant Land Scams Learn how fraudsters target vacant land sales and the red flags to watch out for to avoid falling victim to these deceptive practices.

3. Escrow Impersonations: Understand the tactics used by scammers who impersonate legitimate escrow services, endangering your transactions and financial security.

As part of our ongoing commitment to education and support, we have launched a dedicated Fraud Prevention section in Matrix, accessible through the Links menu. This section offers a wealth of resources designed to empower you in identifying and preventing fraud. It includes links to: Informative Videos, Google Alerts & Photo Searches, and Local and National Law Enforcement Agencies.

We understand that safeguarding your business against fraud is paramount. By providing these resources, HiCentral MLS aims to strengthen your ability to protect your transactions confidently

 

Case Studies

Case Study #1: Rental Scams

Overview

The rental scam is a widespread scam that has impacted many agents/sellers/renters in our local market so much so that Hawaii ranks #2 Nationwide as the market with the most rental scams. With the accessibility of detailed MLS property information from a multitude of public sites, thieves can easily duplicate and propagate listing information through the Internet via rental websites and pose as the actual property owner.

How the Scam Works

The fraudster captures the listing information (for sale or rental) from online sites (MLS website or others public websites) including photos and the description of the property. They then post it on Craigslist/Facebook Marketplace, or any other rental site and set up a fake rental, either long term or short term (and because Hawaii is a premier vacation destination, bogus short term/vacation rentals are extremely prevalent). 

The listing looks legitimate except that the rental amount is usually too good to be true (much lower than market rate).  Potential tenants or renters send deposit money and/or sign agreements to rent. Once this money has been transmitted, which is often via electronic payment, the damage is done. The money is gone, and the scam has been completed.

There have even been cases whereby the victims who are often on vacation from the mainland or foreign countries, show up at the property expecting to be given keys or a code to enter the premise, only to find out that the owners are home, or, that the property is on the market. Recent cases even reported that these victims show up at the property with families in tow, only to have the neighbors intervene and confront them. It is usually at this time, that they discover that they have been scammed. Of course, payment was made a while back, and their funds have long been stolen by the scammer.

In addition, Fake Short-Term Rentals may cause problems with DPP who are trying to enforce STR violations. This occurs when the legitimate owners of the property may receive notices from the DPP citing violations of the short-term rental laws claiming that they are renting out their property illegally. Often times the DPP is “tipped” off by neighbors or others who report the incident, often unbeknownst to the owners (usually out of state residents or investors living elsewhere). The battle (sometimes legal) that ensues is nothing short of a nightmare, with the owners trying to extricate themselves from a scam that they had no idea was going on, and dealing with a DPP that is neither equipped to adequately deal with the problem, nor able to expediently help with a resolution.

Preventative Measures

Use Google Alerts-To help prevent this or catch it as soon as it happens, is to use the Google Alert for the property address as soon as you take a listing (for sale or rent). This is one of the links in Matrix under Section #4: Fraud Prevention. Follow the instructions as noted.

  1. Use Forewarn on any person posing as the owner.

Unfortunately, because this scam oftentimes targets victims from the consumer side of the equation, it is difficult for homeowners, and agents to prevent it. The cybercriminals target unsuspecting visitors and renters who want to come to the islands, using the power of the Internet.

 

Case Study #2: Vacant Land Scams

Overview

Vacant Land scams have been a widely used here in Hawaii’s real estate market. The fact that vacant land is rarely paid attention to and sits for a long period of time with no maintenance, often forgotten, makes it highly attractive to cybercriminals. Many times, the owners are off-island residents or elderly as well, making it even more appealing to criminals looking for a quick financial return.

Recently, vacant land scams have been reported to HBR/HiCentral MLS and seem to be on the rise. With the scarcity of developable land in our State, there doesn’t seem to be any reprieve any time soon.

Of the ones that are averted, many of them surprisingly make it far down the escrow road before being sniffed out. We are aware that some of them are caught at the last minute during the escrow process prior to funding by escrow or the agents. Some successfully close at the expense of all the victims involved (buyer/seller/agents/escrow & title).

How the Scam Works

Agent 1 was contacted by email from a total stranger to list and sell a vacant property in Manoa. To verify the Seller’s identity, Agent 1 requested a copy of his driver’s license, which included the Washington State tax record address on record.

The scammer didn’t want to communicate in person, and this reluctance to speak on the phone or via Zoom was some cause for concern for Agent 1, but despite this, the process moved forward.

On the day set to inspect the property, prior to listing the home, the Agent 1 was met by another Oahu REALTOR (Agent 2) who was placing a For Sale sign on the home. Agent 2 had listed the home several years before and shared that he had found a Buyer for his former listing and was placing the sign upon entering the listing back into MLS and opening escrow. The agents discussed the situation and Agent 1 contracted her broker.

Upon alerting Agent 1’s “client” that “his” home had been listed and was in escrow, the “client” said, “Someone is fraudulently attempting to be me. I have only been speaking with you”. Soon after, both agents met at the property along with Agent 2’s client, the real property owner.

In order to smoke the fraudster out, the final resolution was to alert Agent 1’s “client” that the only way to prevent the home from being sold was for the client to contract escrow, prove his identity and possibly hire an attorney to prevent the sale. It was at this point that this “client” was never heard from again.

Preventative Measures

In this case, the scam was fortunately averted. There are Matrix tools available for agents to use, to accomplish their due diligence prior to working with any unknown prospect.

  1. Use the Forewarn app to determine history or details about the phone number being used. A “no hit” or “no history” is a huge red flag almost always indicating a disposable or “burner” phone. Forewarn will also pull up past phone #s, criminal history, past homes addresses associated with this phone # and/or person’s name, liens/judgements (but no lawsuits), and any financial history.
  2. Use Google photo search on the person’s driver’s license. If they are bogus, it will often turn up numerous images of the same face used in fake drivers’ licenses in multiple states /other scams.
  3. Use Google Alerts to set up the property address to alert you on any potential scams. Used typically to match specified keywords or phrases on topics of interest on the web via email alerts when new results are found, it can also be used to notify you to stay on top of properties and addresses that may be propagated on the web by scammers. Google Alerts is a free service that sends email notifications when new content matching your specified keywords or phrases appears on the web.
  4. As a brokerage firm, it may be a good idea to set up a policy that requires face to face (in person or Zoom) meetings, and other identification steps for vacant land listings and other prospects who are unknow entities to the agent.

 

Case Study #3: Escrow Closing Impersonation Scams

Overview

These real estate scams are arguably the most damaging and financially devastating due to the amount of money that the victims are defrauded. Because it involves stealing funds at closing, damages typically range in the hundreds of thousands of dollars to potentially millions. Buyers’ life savings used to fund the close of escrow are stolen, never to be recovered and in addition, to never be compensated or reimbursed, leaving them in financial dire straits.

This particular type of scam is prevalent due to a few main factors which are;

  1. The sheer # of parties involved in a real estate transaction is numerous. There could be up to a dozen or so. It often includes buyer’s agent, buyer’s broker, seller’s agent, seller’s broker, transaction coordinators, brokerage staff, loan officer(s), escrow officers, title officers, attorneys, home inspectors, along with any other party involved in the real estate transaction. Any of these parties could serve as the entry point for cybercriminals to infiltrate via their email address.
  2. The inordinate number of emails that are generated on a transaction. Such volume makes it difficult to stay vigilant and lends itself to not pay attention to any slight changes in the email addresses of the various parties.
  3. The extremely high dollar volume being transacted is very lucrative for the cybercriminals looking to make a big score.
  4. Within the various email addresses involved, there will be opportunities and gaps in the individual’s and business’ cybersecurity and firewalls. The more parties involved; the more chances the criminal will find holes in their defenses guarding against cybercrime.

How the Scam Works

The cybercriminal will phish around trying to infiltrate one of the parties emails using the various tactics available to them. Once an email is compromised, the criminal will sit back, watch the correspondence flow throughout the transaction, and when the right time presents itself, jumps in to spring their trap. During this period, they will study how the emails are written, the style of formatting used, language/jargon used, as well as other subtleties to replicate a believable scam.

To initiate the crime, the criminal waits until the right moment, which is usually right before final funding. When all contingencies have been met, and the last step is to remit funds to escrow, the criminal will create a fake email to the buyer (all with the proper, official looking letterhead, instructional format, names, signatures, and seals/logos) and asks the buyer to remit funds to the provided bank routing # and to follow the funding instructions. The email address they will use will be very close to the email address coming from a legitimate source. For example, if the escrow officer’s email address is kekoa.kealoha@#1escrow.com. The criminal will set up his email address as kekoa.keal0ha@#1escrow.com (notice the difference between “o” and “0” (zero, not o). It is this subtle switch that will go unnoticed by the buyer, who will hit “Reply” and submit their funds via wire, to a bogus, counterfeit account. Once the “Send” button is pressed, the trap is sprung. The funds are immediately transferred and in the hands of the criminal, who then shuts everything down, packs up, and gets away, free and clear.

Preventative Measures

  1. Don’t click on any emails from anyone you don’t recognize.
  2. Immediately delete strange looking emails that come from someone you know but looks out of sorts or strange that seem odd coming from them (like your boss asking you for your cellphone # or to buy Apple cards.
  3. Hold Buyer’s Consultations to inform, educate, and communicate escrow fraud to your buyers (as well with sellers).
  4. Watch cybercrime preventative videos links under Matrix Links under 4: Fraud Prevention, particularly Corelogic’s Cybersecurity Videos.
  5. Inform the client that they need to contact you 1st, before responding to any transactional correspondence (don’t trust anyone).
  6. Read each email address carefully before sending or replying.
  7. Before sending any wiring or routing information regarding any type of funds, double/triple check each party to ensure they are who they say they are. Have face to face, phone, video contact and don’t do anything remotely.
  8. Use a reputable phishing email program or spam filter (at a minimum).

 

Case Study #4: The Pig Butchering Scam

Overview

A "pig butchering" scam in real estate, like in other investment contexts, is an online fraud where scammers build trust with a victim over time, then lure them into investing in a fake investment opportunity involving real estate, before disappearing with their money. The term refers to the agricultural practice of fattening pigs before slaughter, symbolizing how scammers “fatten” their victims with false attention before exploiting them financially.

How the Scam Works

Step 1: Build Trust

Scammers establish a connection with the victim, often through online dating apps, social media, or even real estate platforms, and gradually build a relationship. They may ask to take the conversation “offline” to a messaging platform like Whatsapp or WeChat. These messages may seem harmless, but they are designed to build ongoing communication. Scammers may spend weeks, or even months, in casual conversation before introducing the scam. They may show off a lavish lifestyle to appear successful, which often leads to conversations about investing.

Step 2: Introducing the Investment:

Once trust is established, the scammer introduces a lucrative real estate investment opportunity, often promising high returns and low risk. They may also offer to manage the victim's investment portfolio or provide insider tips on promising real estate deals. Scammers may use fake real estate listings, properties, or investment opportunities to lure victims.

Step 3: Fattening the Victim:

The scammer encourages the victim to invest more and more, often showing false profits and returns to make them believe they will make money. They may offer to train the victim on how to set up an account on an exchange to purchase the real estate assets. Then, guide them to convert their cash into crypto through a publicly known exchange, ATM, or digital wallet service and transfer it to a fraudulent platform. These crypto services are generally not in on the scam. They are just channels used by scammers to carry out their schemes (since crypto cannot be traced). To participate in the investment opportunity, scammers will provide a website or wallet address for the victim to transfer funds. The fake platform often promises huge returns in a short period of time.

These fraudulent platforms are designed to look and function like a real trading platform. They may be available on the Apple App or Google Play stores. They may even display artificial gains designed to keep victims engaged and possibly deposit more funds.

Step 4: Disappearing with the Money:

However, the victim is never able to withdraw their funds from the site. When the victim attempts to withdraw their investment, they encounter difficulties and the scammer disappears, leaving the victim with significant financial losses. Or they may be asked to transfer even more funds before anything can be withdrawn through a variety of excuses, such as service fees, IRS taxes, etc. This buys time for the scammer to make off with stolen funds and shut down the platform. The scam can involve transferring funds to shell companies or cryptocurrency exchanges, making it difficult to recover the stolen money. Difficulty Withdrawing Funds If you're unable to withdraw your funds or get in touch with the scammer when you try to, it's a strong indication of a scam.

Preventative Measures:

  • Watch out for Fake Investment Platforms: Scammers may use fake investment platforms that mimic real ones, often with fake real-time price charts and help desks to maintain the illusion of legitimacy.
  • Be wary of unsolicited messages or connections from strangers, especially if they promise high returns or offer easy investment opportunities.
  • Take Note of Intense Communication: If someone is overly persistent, affectionate, and eager to share personal information, it could be a sign of a scammer trying to build trust.
  • Don’t be Pressured to Invest: If you are pressured to invest quickly or offered unrealistic returns, be cautious. Don't feel pressured to invest quickly or blindly.
  • Watch for Lack of Transparency: If the scammer avoids providing details about the investment, their background, or the platform, it's a red flag.
  • Protect yourself: Verify Information, don't trust everything you see or hear online. Research the investment opportunity and the person promoting it before investing any money.
  • Avoid Sharing Personal Information: Be cautious about sharing personal information, especially with strangers.
  • Report Suspicious Activity: If you suspect you're being targeted by a scammer, report it to the appropriate authorities that are listed in our Links under “Fraud Prevention in Matrix” which is Section #3.

 

 

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request
Return to top

Related articles