After a yearlong search, Rana Robillard was elated to learn she’d beaten three other bidders for a house in the leafy California suburb of Orinda, just outside of San Francisco.
So when Robillard, who works at a software startup, received an email in late January from her mortgage broker with directions to wire a $398,359.58 down payment to a JPMorgan Chase account, she wasted no time sending the money.
After all, the email appeared to be a response to one Robillard had sent her broker asking about final steps before the closing, which was rapidly approaching.
But on Jan. 30, the day after she’d sent the wire, Robillard got what looked like a duplicate request for the down payment, and it dawned on her that she had fallen for a scam — one that would throw her life into turmoil for the next six months. To her horror, instead of sending a down payment for her future home to the title company, as she believed she had done, Robillard had been tricked into sending her life savings to a criminal.
“That’s when I went into a full panic,” Robillard, 55, told CNBC, which verified the details of her story with the four banks involved.
What happened to Robillard, a 25-year veteran of tech companies including cybersecurity firm HackerOne, speaks to the increasingly sophisticated nature of cybercrime. Fraudsters are able to penetrate the email systems of mortgage brokers, real estate agents, lawyers or other advisors, waiting for the perfect moment to strike by sending emails or phone calls that appear to be from trusted parties.
Real estate, with its large transaction sizes and frequent use of wire transfers, has proven to be an especially lucrative target for criminals. Wires are faster than other forms of payment, typically closing within 24 hours, can handle far larger sums and are often irreversible, making them ideal for fraud.
Scams involving fake emails in real estate deals have exploded over the last decade, rising from less than $9 million in losses in 2015 to $446.1 million by 2022, according to FBI data.
Once criminals have a victim’s money, they quickly shuffle it to other bank accounts before withdrawing it as cash, converting it into crypto or exploiting mules to launder the funds, according to Naftali Harris, CEO of anti-fraud startup SentiLink. That’s why recovering funds in wire fraud can be so difficult, he added.
“The faster the fraudster moves it out of that first account and the more institutions they move it to, the better for them, because it just gets murkier and harder to track,” Harris said.
That’s what initially happened to Robillard’s funds, which went from a JPMorgan Chase account to ones at Citigroup and Ally Bank, according to people with knowledge of her case who weren’t authorized to speak publicly.
Robillard had alerted her bank, Charles Schwab, of the fraud on Jan. 30; within days, an official working in the cyber branch of the San Francisco division of the FBI had this message:
“Funds have been located and are frozen,” the official said, according to a Feb. 2 email reviewed by CNBC. “That’s all I’m allowed to tell you.”
After that promising start, Robillard’s frustrations have only mounted.
Robillard says she was initially told that her funds would likely be released after 90 days. But as the weeks and months stretched on, there were few updates from JPMorgan, which has taken the lead on the case, she said.
The FBI told her that once the banks involved had frozen the funds, its role was over, she said. So Robillard became obsessed with advocating for herself, reaching out to elected officials and government agencies including the Federal Trade Commission and the Consumer Financial Protection Bureau.
“Nobody will give you any updates or information,” Robillard said. “I’ve been very assertive trying to get people to help; every week I’m following up with random people on LinkedIn from Chase, I’m filing to the California attorney general, the FTC, the CFPB, but it’s gotten me nowhere.”
In early July, Robillard told CNBC she had no idea whether she would ever see her money again.And while she’s been in financial limbo, the world has moved on. The home she had envisioned living in with her daughter — a newly renovated four bedroom on nearly half an acre of land — has been relisted by Opendoor for $1.63 million.
Robillard says she decided to publicize her story to boost awareness of real estate wire fraud, besides being a last-ditch attempt at getting her money back.
“This is not what I thought my public representation would look like, which is that I’ve lost all this money,” Robillard said. “If it helps other people, I’m happy to do it, even though it’s obviously not my proudest moment.”
Robillard acknowledges that she could’ve been more cautious before initiating the wire transfer. For one, she says she should’ve confirmed with OS National, the title company owned by Opendoor, that the wire request sent to her in January was an authentic one.
But Robillard also sees ample room for improvement in all the parties involved: Her real estate agent should’ve explained that wire directions would be coming directly from the title company; the banks should’ve verified that the receiving account was that of a genuine title company and not a fraudster; and her mortgage broker should’ve used a secure portal for document sharing.
In a chain of more than 20 emails seen by CNBC between Robillard and her mortgage processor, Kristy Aichinger of Compass Mortgage Advisors, just one was sent by the cybercriminal. It was indistinguishable from the rest.
While Martinez, California-based Compass Mortgage denies being hacked, it acknowledged that the email with wire directions wasn’t from them, according to Robillard.
When reached by phone last week, Aichinger declined to comment and referred a reporter to the company’s founder and president, Kent Donahue.
Donahue didn’t respond to several detailed messages about this story.
After more than five months in limbo, Robillard finally caught a break.
A few days after CNBC contacted the banks in early July about the Robillard case, she received a $150,000 wire from Chase, funds that had been bounced back from Ally. Then, on Thursday, Robillard got the balance of her down payment that had been at Citi, nearly $250,000.
A JPMorgan spokesman had the following comment:
“We are sorry to hear that Ms. Robillard was tricked into sending funds from her real estate transaction to an imposter,” the spokesman said. “Although she’s not our customer, we were able to recover all of her funds.”
Further, JPMorgan said that consumers should be wary of last-minute changes to payment instructions and to always verify wire recipients before sending money.
Robillard’s bank, Schwab, told CNBC that it urged customers to “remain vigilant in protecting their personal information, and stay skeptical when it comes to financial transactions.”
Robillard still doesn’t know who was behind the scam.
While overjoyed that she can finally begin a new home search, the tech executive struck a pessimistic note.
The real estate industry has gotten used to closing transactions electronically, which is efficient, but leaves buyers open to fraud, she said. Advances in artificial intelligence will give criminals more tools to impersonate those they trust to steal Americans’ money, she warned.
“The banks and real estate companies weren’t even prepared for the old world, how are they going to handle the new one?” Robillard said. “Nobody’s ready for what’s coming.”