A closing is set up to move money. A buyer’s funds, a lender’s draw, a seller’s proceeds, agent commissions — all timed, all wired, often within a 48-hour window. It’s exactly the workflow social engineers have learned to exploit.
The FBI’s Internet Crime Complaint Center now tracks real-estate-related wire fraud as one of its largest categories of business email compromise loss. Average loss per incident is in the mid-six figures. The mechanism is almost always the same: a forged email from a “title company” or “escrow officer” arrives at the buyer (or, increasingly, the buyer’s agent), directing the wire to a different account. The wire goes. The funds are gone within hours, frequently moved through international banks before anyone notices.
The most common follow-on question is: doesn’t insurance cover that?
The honest answer for most operators is: not the way you think.
Why standard crime doesn’t respond
A standard commercial crime policy covers loss from employee dishonesty, forgery, and computer fraud — i.e. losses caused by someone tampering with your systems or by your own employee stealing.
Wire fraud at closing is usually neither. The buyer received an email, the buyer authorised the wire, the bank executed it. No system was breached. No employee was dishonest. The buyer voluntarily directed the wrong wire — under false pretences — but voluntarily.
That’s social engineering. And on most policies it’s a sub-limited add-on (often capped at $50,000–$250,000) or excluded entirely.
What the right cover looks like
The cleanest setup is a cyber policy with primary social-engineering and funds-transfer fraud limits sized to the dollars actually moving through the operation, paired with a crime policy that handles internal theft and forgery. The two policies overlap deliberately, so a claim doesn’t fall in the gap between them.
For property managers and real-estate owners specifically:
- Social-engineering limit: $1M minimum for active closers and high-volume property managers; $500k for smaller operations
- Crime limit: sized to the operation; covers employee dishonesty and forgery
- Cyber: standard breach response, ransomware and BI
- Optional: fidelity bond for funds held in trust (sometimes required by lenders or grantors)
What we tell brokerage and title clients
A wire-fraud claim is the only loss in real estate we see where the broker — not the carrier — is sometimes the one being asked to make the client whole. That’s because the policy clearly excluded the scenario, the client wasn’t briefed, and the agency takes the reputational hit.
The fix is process, not just paper:
- Phone confirmation on every wire change. Email asking for a wire redirect = phone the verified number on file. Always. Period.
- Locked wire instructions. Final wire instructions sent only by encrypted channel, not email, and never changed by email.
- Insurance sized to the dollars. Sub-limited social engineering on a generic commercial policy isn’t real cover. Bind the right primary limit.
- Educate the buyer and the agent. The phishing email goes to them, not to you. They need to know the playbook.
Wire fraud is the loss that’s most likely to actually hit the bank account of a real-estate operator in 2026. The cover for it is buyable. The default cover isn’t enough.
