Our new office and mailing address is: 76 Pearl Street, Suite 203, Essex Junction, VT 05452.
Last Call for CLE – June 8, 2022
Location: Capitol Plaza, Montpelier
Cost: $45 per attendee. Non-refundable after May 26.
Our ever popular in-person June CLE is back!
**Vaccinations are required (honor system). Masks are optional.**
Click here to register.
8:30 to 9:00 | Registration and continental breakfast Note: Order of program subject to change. |
9:00 to 10:00 | Cyber Security Update – The Threat Continues Cybercriminals continue to target the real estate industry – us and our business operations. We all need to stay informed and work on ways to minimize the risks to our businesses. This presentation will provide an update on some key risks we all face, as well as provide an overview of matters to consider with your experts when discussing options regarding risk management. Presenter: Colleen Capossela, CATIC |
10:00 to 11:00 | Ethics Smorgasbord Presenter: Michael Kennedy, VT Bar Counsel |
11:15 to 12:15 | Current Developments Catch up on the latest legislation, new case law and other exciting events affecting your practice. Presenters: Andy Mikell & Liz Smith |
1:15 to 2:45 | Buying and Selling Wastewater Systems & Water Wells in Vermont A 101-level exploration of WW systems and WW permitting. When has a Permit expired? When is a Permit required? Got a question about Clean Slate or Seasonal Conversion? Get the answers to these questions and much, much more. Presenter: Cristin Ashmankas, Drinking & Groundwater Division, DEC/ANR |
3:00 to 4:30 | Web-Based Mapping for Real Estate Professionals A step-by-step guide to navigating on-line resources such as ANR’s Natural Resources Atlas. Learn the features including exporting a map as an image or creating your own resource map. Presenter: Kristine Stepenuck, Lake Champlain Sea Grant and UVM Extension |
June 16, 2021 CLE: Foreclosure: Is Title Marketable? Current Developments
May 12, 2021: VATC Lunch & Learn
Click here to print the Certificate of Attendance.
June 23, 2021 CLE: Part A: Fun and Important Things to Know About 1031 Like-Kind exchange; Part B: Clear and Present Danger in the Real Estate Industry: A Cyber Security Awareness Update.
Part A: Fun and Important Things to Know About 1031 Like-Kind exchanges.
Part B: Clear and Present Danger in the Real Estate Industry: A Cyber Security Awareness Update.
Webinar
PART A: PowerPoint Presentation
PART B: PowerPoint Presentation
If you watch each program in its entirety and don’t check your email (not even once), you’re entitled to 1.0 hour of CLE!
Certificate of Attendance
Can’t make the date for the program you really want to see? Don’t worry, all webinars will be recorded and available on our website within a day of the program. Questions: Call the VATC office @ 800.649.3366 and speak with Katie.
Mousetraps and Powers of Attorney
January Lunch & Learn with VATC – 1/12/2021
H. 837: Enhanced Life Estate Deed Act
Governor Scott signed H.837, the Enhanced Life Estate Deed Act, on July 13, 2020.
Enhanced Life Estate Deed Act, as passed
Statutory Enhanced Life Estate Deed (Word)
Statutory Enhanced Life Estate Deed (PDF)
VATC Webinars
Click here to view upcoming and previously recorded webinars.
VATC COVID Underwriting Guidelines – Effective 6/22/20
Click here for more information.
Restart VT: Phase I
Effective Monday, April 20 Governor Scott has authorized the limited opening of:
Services operating with a single worker (such as appraisers, realtors, municipal clerks, attorneys, property managers, pet care operators and others), may resume operations so long as no more than 2 persons (service provider and client) are present at one time. Click here for more information.
Report Real Estate CLE
VATC requires all agents and approved attorneys to complete a minimum of 6 Real Estate Specific CLE during the two year reporting cycle. These credits may be obtained through VATC-sponsored seminars, the VBA, another title insurer or any accredited CLE provider.
Click here for the reporting form.
Marketable Title Mayhem – April, 2020
Welcome to the fifth edition of MTM. We hope that perhaps this month’s quiz will afford you a few pleasant and quiet minutes away from the minute by minute stress of dealing with all that is happening around the world and in our local communities. From all of us at the VATC team to you, we appreciate all that you continually do to serve the needs of your clients. Your dedication and ingenuity in the face of obstacles are inspiring. We salute your hard work. Be safe, be well and good luck on this month’s quiz.
Rules
- There are no rules. You may use research, statutes, cases, Title Standards, etc.
- Firm/Team entries are welcome – just give it a name!
- Submit your answers from the web form on this page.
- We will post the answers in the Honor Roll with the next blog.
- Feel free to share this with friends and colleagues
This quiz is closed – see the answers in bold below. To view April’s winners please visit our Honor Roll page. Click here to view May’s quiz.
- Before conducting my first Remote Notarization, I should read and/or review the following:
- Emergency Administrative Rules for Notaries Public and Remote Notarization and Guidance on Emergency Rules promulgated by the Secretary of State
- VATC Remote Notarization – FAQ
- VATC Protocol For Remote Notarization
- All of the above
- The phrase “six-month super priority” applies in what context?
- Common Interest Community HOA Lien (see 27A VSA 3-116(c)
- Child Support Order
- Federal IRS Tax Lien
- None of the above
- Title search reveals a mortgage to ABC Bank with a discharge, recorded in 2018, from XYZ Bank, successor by merger to ABC Bank. The discharge contains the correct names of both the mortgagor and the mortgagee. Under “Date of Mortgage”, however, the preparer mistakenly typed in the date of recording instead. Additionally, the book and page references are not accurate. You found only one mortgage to ABC in the chain of title so you conclude:
- There is a missing Assignment, and you contact seller’s counsel to cure the defect
- The discharge is not valid, but it can be cured by an Affidavit pursuant to 27 V.S.A. Section 470
- The discharge is not defective under Title Standard 18.2
- The discharge is not defective under 27 V.S.A. Section 348
- A POA executed pursuant to 14 VSA §3502(d) which specifically identifies the property and contains a stated duration not to exceed 90 days require all of the following EXCEPT?
- Witness affirmation
- Agent acceptance
- Witness and notary must be two different people
- Statement of durability – (NOTE: The question was edited at the last minute and, as published, there is no correct answer. Therefore, every submission was deemed “correct”. Andy really apologizes for his editing error).
- Under Title 27A “The right or combination of rights to add real estate to a common interest community; create units, common elements or limited common elements within a common interest community; subdivide units or convert units into common elements; or withdraw real estate from a common interest community” is known as:
- Special Declarant Rights
- Development Rights (this is the statutory definition in 27A VSA 1-103(14).
- Association Powers
- Declarant Control
Remote Notarization FAQs & More
Guidance for remote notarization was promulgated by the SOS office March 30, 2020. Please click here for more information.
Vermont Municipal Office Closures
Please be sure to call before visiting municipal offices as many are closed. Click here to read a recent agent alert released by CATIC.
Technology Vendor List
Click here to view a vendor list courtesy of CATIC. Please feel free to contact the individuals at the bottom of the page should you have any questions.
Vermont Issues Emergency Rules Enabling Use of Remote Notarization
Click here for additional information.
SBA Emergency Loans Available To Vermont Businesses in Counties Adjoining New Hampshire, New York and Massachusetts
Click here to read the article.
COVID-19 Protocol and Resources
Click here to view our page.
Cyber Security Training 2020! Renew or Enroll Now
Greeting VATC members: Worried about falling prey to a phishing scheme? Want help recognizing bad websites? Need to learn more about how to keep your office, and your electronic devices, safer from cyber-attacks?
VATC can help. We negotiated a bulk discount rate with Wombat, a national provider of on-line cyber security training and, last year, we introduced a cyber security training program exclusive to VATC members. Several dozen offices, and nearly 150 individuals, signed up and took advantage of these informative, educational trainings (which are the same trainings CATIC has used for its employees the several years).
Accessing a training exercise once a month promotes cyber-security awareness front and center and may help keep the wolves outside your door (computer)!
What: 12 monthly cyber training sessions in 2020; typically each training is 5 to 10 minutes long. Note: There are new training modules this year.
Cost: $30 per employee but, new this year, a cap of $200 for firms with 7 to 9 participants or $250 for firms with 10 or more participants.
Want to re-enroll or be a new subscriber? Great – just email me and:
- Provide me with a list of employees to be enrolled AND their email addresses.
Note: For renewing firms, please do this even if there are NO changes to 2020. I want to ensure the correct administrative set-up (and my administrative skills are much better).
- Shoot a check to VATC at the address below for $30 times the number of employees being enrolled or, if applicable, use the per firm cap amounts above.
For more information about Wombat you can visit the Wombat site or call me at the VATC office. Yours in cyber security. Andy
Legislative Refresher – Day to Day Operations
Act 38 (H.526) Town Clerk Fees – July 1, 2019
- Land Records recording fee: $15.00 per page
- PTTR filing fee: $15.00 per return
- Mylar recording fee: $25.00 per mylar
- Land Record examination fee: $4.00 per hour
- Return postage can no longer be demanded by clerk
- Town Clerk required to index recording within 3 days of endorsement
Act 20 (S.154 Sec. 108) Current Use Liens – July 1, 2019
Effective 7/1, the recording of an application for enrollment in the Current Use program in the land records no longer results in a lien against the enrolled land. Instead, a recorded application is deemed to be a “contingent lien”. An actual lien is created only if the State subsequently files a “Notice of Development” in the land records. This statutory change is retroactive and applies to all recorded applications.
Upon belief, lenders will no longer require subordination from the State.
Act 71 (H.541 Sec. 16) – January 1, 2020
Sale of land held for less than six years is NOT subject to land gains tax, regardless of acreage, so long as seller DID NOT SUBDIVIDE the property. Under these circumstances, it is not necessary to file a LG return. (32 V.S.A. §10002)
VATC Times Newsletter – November 2019
Please click here to read our most recent newsletter.
Material – Claims Seminar
Please click here to view the material.
Night at the Ballpark
VATC’s Annual Night with the Lake Monsters is just around the corner! Join fellow VATC agents, their staff members, and family for a BBQ and an evening under the lights as the Lake Monsters take on the Brooklyn Cyclones (NY Mets affiliate). We’ll provide tickets to the game, BBQ dinner and $10 in ballpark spending money!
Date: Friday, July 26, 2019
Who: This event is free and it is open to the real estate departments of all VATC members and their families.
Time: Gates/BBQ open at 6:00 p.m.; first pitch at 7:05 p.m.
Where: Centennial Field (98 University Road, Burlington)
Very Important:
- We ask that you reserve spaces ONLY if you plan to attend the game. In the past we have experienced numbers of “no-shows” on game night. We realize that sometimes family plans change but since this event sells out every year (and we have to buy all of the tickets), we ask that you call us – with lead time, if possible – to let us know if you cannot get to the game.
- This event is targeted at the real estate personnel (attorneys, staff, paralegals) in the firm as well as their respective families. We ask that responses be limited accordingly.
- There is a limit of 10 people per firm or prior VATC approval.
Thank you for your courtesies.
CLE Reporting Form
VATC requires all agents and approved attorneys to complete a minimum of 6 Real Estate Specific CLE during the two year reporting cycle. These credits may be obtained through VATC-sponsored seminars, the VBA, another title insurer or any accredited CLE provider.
Please report your evidence of CLE credits for the reporting period ending June 30, 2021 by emailing Jayne () a copy of what was submitted to the Supreme Court.
Reporting Period: July 1, 2019 to June 30, 2021
Report Real Estate CLE
VATC requires all agents and approved attorneys to complete 6 credit hours of real estate CLE during the 2-year reporting cycle. Report online.
VATC’s Annual “Last Call for CLE”
VATC will host its popular Last Call for CLE Seminar on June 11, 2019 at Capitol Plaza in Montpelier. Agenda topics include: New WW/WS Rules & Seasonal Conversion Issues; Claims: Pay it or Deny It; e-Closings & Regulatory Challenges; Commercial Transactions Level 102; Current Developments & Title Teasers. Click here to view the current agenda (subject to change).
Registration and continental breakfast begin at 8:30 a.m.
6 Vermont CLE credits (No ethics credits so plan accordingly)
Cost: Price includes continental breakfast, lunch, and afternoon refreshments
- Members: $45.00 per attendee
- Non-Members: $250 per attendee ($225/attendee for 2 or more)
Register today!
WW/WS Rules
Revised Wastewater System and Potable Water Supply Rules became effective on Friday, April 12.
Yes, clean slate still exists – it even has its own section now! See §1-303 “Clean Slate” Permit Exemption.
Other changes include new definitions, new provisions related to existing systems and water supplies, and designated activities that are deemed to not increase design flow.
If you have questions in the meantime, please contact Liz Smith in the VATC office.
Payoff Fraud – Be Ever Vigilant
Payoff fraud is on the rise and it is taking on NEW forms! Also, yes it is happening here in Vermont! Click here to read an article published by ALTA entitled, “Tips to Protect Payoffs from Wire Fraud.” Be ever vigilant: protect your computer systems, train all staff, procure appropriate insurance.
VATC Times Newsletter – March 2019
It’s 1099 Season
The filing season for Form 1099-S is officially underway.
The Form 1099-S, along with the appropriate Form 1096 transmittal, must be submitted to the Internal Revenue Service no later than February 28, 2019, if filing on paper, or by April 1, 2019, if filing electronically.
Click here for more information.
Important Notary Act Info.
Click here to read important information in connection with the new Notary Act.
Exciting Educational and Training Opportunity
Click here to read about an online opportunity to prevent cyber security problems in your office!
2018/19 Town Clerk Directory – Printed Version – Available Now!
If you are not a VATC member, but have come to rely on our annual Town Clerk & Municipal Permit Directory, click here to place your order. If you are a VATC member, we will be delivering them soon!
2018 Legislative Session Report
Click here to view the 2018 Legislative Session Report.
Night at the Ballpark

Date: Friday, July 26, 2019
Who: This event is free and it is open to the real estate departments of all VATC members and their families.
Time: Gates/BBQ open at 6:00 p.m.; first pitch at 7:05 p.m.
Where: Centennial Field (98 University Road, Burlington)
County Seminar Series to Resume in the Fall
Our County seminar series will resume in the Fall. Stay tuned for dates, locations and topics.
2017 Holiday Party Pictures
Check out the photos from VATC’s Holiday Party and Jenn’s Farwell. Click here to view the photos.
VATC Donates $7,500 to Access to Justice Campaign
VATC is pleased to announce that its Board of Directors has once again approved a $7,500 contribution to the Access to Justice Poverty Law Fellowship. In addition, VATC will match, dollar-for-dollar, contributions by first-time contributors up to a maximum of $2,500.
VATC received recognition at the VBA’s mid-year meeting in March 2017 for reaching the $100,000 in contributions.
Register Now for Spring Seminars
Please click here for additional information.
Proud Sponsor of the NVBR 2017 REALTOR® of Distinction Awards Gala
VATC recently sponsored the 2017 REALTOR® of Distinctions Awards Gala held September 19 at the Echo in Burlington. We are grateful for the support the Realtor community gives to our title agents. Our member, Lisa Gale Peery of Gale & McAllister was a well-deserved recipient of the award. Congratulations, Lisa!
CPL/ICL Fee Beginning 10/1/17
For closings taking place October 1, 2017, a $25.00 CPL/ICL fee will be charged. If the lender maintains a blanket CPL/ICL, the fee also must be charged. Please contact the VATC office with any questions or concerns.
June 2017 VATC Newsletter
Click here to read the news from June 2017.
What does it mean to be a Bar-Related™ title insurer?
It means many things but one that we are very proud of is summarized in a letter that VATC sent on January 16 to Deborah Bailey, Executive Director of the Vermont Bar Foundation. Here are excerpts from Andy’s letter to the Bar Foundation:
Thank you VATC & CATIC members. Without your support, VATC could not be able to support valuable bar-related™ programs such as Access to Justice. A portion of every CATIC policy goes to such worthy causes.
Reminder – 1099-S Filing
The filing season for 1099-S forms is officially underway. The Form 1099-S, along with the appropriate Form 1096 transmittal, must be submitted to the Internal Revenue Service no later than February 28, 2017, if filing on paper, or by March 31, 2017, if filing electronically.
Internal Controls Over Fiduciary Funds
CATIC/VATC agents have a fiduciary responsibility for the processing, safeguarding, and accounting of all funds held for the benefit of others. This responsibility requires management to monitor and perform all procedures necessary to ensure the proper disposition of all balances held. The fiduciary responsibility does not end with the disbursement of funds at closing, but also includes appropriate follow-up and review of reconciliations, file balances and unpaid items.
CATIC’s Compliance Department would like to remind our agents of the policies and internal controls that should be in place over fiduciary funds.
CATIC to Implement New Audit Procedure
CATIC has revised its audit procedure to include a thorough analysis of trust accounts. Beginning in 2017, agents will begin receiving audit notifications from Angela Haddad, CATIC’s Agency Audit Manager. Agents will receive a six week notice prior to the anticipated audit date, and they will have the option of an onsite audit in their office or a “desktop” review. A desktop review would allow the agent to electronically submit requested documentation via encrypted email to Ms. Haddad. The goal is for a collaborative audit, much like the current random Supreme Court audits that already take place in law firms throughout Vermont.
Please feel free to contact Jenn Blomback with any questions or concerns.
Vermont Title Standards – 2016 Release
The Vermont Title Standards (2016 Release) is now live on our website. Printed copies of the Standards will be delivered to VATC members in the coming weeks.
New Fire & Safety Code Effective 10/10/16
Click here for the new Fire & Building Safety Code (which becomes effective 10/10/16). There is a matrix relative to the requirements for CO and Smoke Detectors required for various property types (see pages 34 and 35).
Cybersecurity – Why Should You Care?
Reprinted with permission from CentricPro.
All law firms are at risk of a cyberattack. Most law firms are concerned about the consequences of a cyberattack. Yet unfortunately there are still many law firms that are not focusing efforts, resources and financing towards mitigating the risk.
Why should you care? It was just reported in June in the 2016 Ponemon Cost of Data Breach Study1, that the average cost of a data breach is now $4 million; that is $158 per record, but in a highly regulated industry it can be as much as $355 per record. This is an increase of 29% since 2013. It continues to rise because 48% of the breaches are malicious attacks which cost more to remediate. Forensics, legal costs and regulatory requirements are identified as the majority of the cost, with the lack of an incident response plan being a significant cause as well. First-party losses from a data breach include loss of data, loss of business income/ business interruption, restoration, re-creation and remediation, notification and credit monitoring expenses to name a few. The costs of a cyberattack on your law firm could have a devastating financial impact.
In addition, there are liability considerations. Absent clearly defined rules, regulations, standards and best practices, it is said that a “reasonableness” standard comes into play in determining negligence and assigning liability. A business doing nothing to mitigate risks will not be acceptable. There are professional conduct rules to consider, and where federal and/or state rules and regulations govern your practice, there are more liabilities and penalties that could impact your operation. You even have some states reviewing their requirements in light of the increase in cyberattacks and enhancing requirements on notification and credit monitoring as well as now considering requiring businesses to implement certain safeguard measures. Some states are also expanding the definition of what information is required to be protected.
Further, you now have certain industries pushing for model cybersecurity laws. For example, the National Association of Insurance Commissioners (NAIC), along with state insurance regulators, is proposing its own state model cybersecurity law (Insurance Data Security Model). The concern here is that there may be different laws enacted for the various types of roles one may take on in one’s business, which laws may also conflict with existing state and federal data security laws making it difficult for a business to comply with all of them. Then you cannot forget about the contractual obligations you may have with third parties like your lenders and insurance companies. You may be obligated by them to employ reasonable or appropriate administrative and technical security measures to protect information.
And of course there is the loss of good will and the negative impact on your reputation in the event of a cyberattack, especially if you have not taken reasonable steps to mitigate risks that impact your clients and employees. Clients are inquiring more now than ever as to whether you are secure. They are becoming more educated on the matter and are looking for the law firms that represent them to confirm that their information and if applicable their funds are adequately protected and secure.
Unfortunately there is no guarantee that whatever you are doing is enough to keep you from ever experiencing a cyberattack, but doing nothing is not the answer and could lead to more exposure. Make sure you are focusing efforts on cybersecurity initiatives for your business.
1For the information reported in this paragraph and more see, Ponemon/IBM Security – 2016 Ponemon Cost of Data Br each Study; Also, www.cnbc.com, Cost of data breaches hits $4 million on average: IBM, by Berkeley Lovelace, Jr., 6/15/2016.
IOLTA Fraud Prevention
Reprinted with permission from CentricPro.
Though lenders are for the most part NOT advertising these services – most banks now offer at least one of the following fraud prevention devices: Positive Pay, Reverse Positive Pay, ACH wire blocks and/or International wire blocks. With the spate of cyber-attacks inflicting substantial losses on attorney IOLTA accounts around the region, it may behoove you to investigate whether your lender offers at least one of these services. So what are they?
Positive Pay:
The positive pay system typically works like this: you provide your lender with a list of checks written from your IOLTA account – for instance, every time you cut checks for a closing, you send that list/disbursement sheet/spreadsheet to your lender. As checks are presented for payment on your account, an employee of the bank will verify the details of each check against the list you provided them to make sure the information is identical. For any anomalies or for any checks presented for payment that do not appear on your list of checks, the lender will contact you.
International Wire Blocks:
Simply put, if you don’t do business internationally, then you have no reason to anticipate an international wire. Ask your bank to place an international wire block on your IOLTA account. Thus, no one will be able to wire money fraudulently into or more importantly, out, of your account.
ACH Fraud and ACH Wire Blocks:
ACH stands for Automated Clearing House and is an electronic funds transfer process between bank accounts. There are only two pieces of information required to commit ACH fraud: a checking account number and a bank routing number. And this information is available on every check you issue. If someone in the firm has been the target of a phishing email and tricked into running malicious keylogging software that records keystrokes, or if a check simply falls into the wrong hands, criminals can get the information they need, including bank account user names and passwords in order to perpetrate an ACH fraud1.
Back in 2009, the FBI reported that there had been approximately $100 million in losses due to ACH fraud with new victim complaints opened on a weekly basis2. Unfortunately with the frauds that continue to be reported today, this is not something that is going away.
Some of you may remember the movie “Catch Me If You Can” with Leonardo DiCaprio playing the role of Frank Abagnale, a counterfeiter who thwarted the FBI’s efforts at capture for years only to become an employee of that organization. The tips noted below are excerpted from an article written by Mr. Abagnale to help those who wish to avoid falling victim to ACH fraud.
1. Ask your bank to place ACH debt blocks on accounts that should not have ACH withdrawals. For example, a trust account or refund account should not have withdrawals via ACH. Such accounts should have ACH blocks. An ACH block rejects all ACH debits3.
2. Bank accounts should be structured so that authorized ACH debits occur in only a few designated accounts. Ask your bank to place an ACH filter on those accounts. An ACH filter allows debits only from companies that have been preauthorized, or in preauthorized dollar amounts. If your bank does not offer an ACH filter, open up a new account exclusively for authorized ACH debits, and restrict who has knowledge of that account number4.
3. Monitor all unblocked accounts daily to catch unauthorized activity. Companies have two business days to reject an unauthorized debit and recover their money. If an unauthorized debit is not questioned for more than two days, it will be much more difficult to recover lost funds. Because all fraudulent ACH transactions originate in real bank accounts, unwinding them is quite straightforward if caught in a timely fashion5.
We offer this information in order to help you stay on top of current trends in the marketplace and to help you evaluate the various tools available in order to better protect your accounts and your clients’ funds.
1Goodchild, Joan, “ACH Fraud: Why Criminals Love This Con.” CSO Online (2010), available at: http://www.csoonline.com/article/2125833/malware-cybercrime/ach-fraud–why-criminals-love-this-con.html
2Id.
3Abagnale, Frank, “How to Help your Clients Combat ACH Fraud.” Intuit Accountants News Central (July 14, 2014), available at: https://blog.accountants.intuit.com/from-the-experts/how-to-help-your-clients-combat-ach-fraud/
4 Id.
5 Id.
Be on Alert – Ransomware Concerns Increase
Republished with permission from CentricPro.
Ransomware is malicious software or malware that encrypts information or parts of your network, preventing access. A ransom is demanded in exchange for an encryption key to unlock the network. You are notified and given a short amount of time to pay the ransom or your data is lost forever. In addition or in the alternative, the criminals may add the element of extortion, and demand payment or else they will release information or use it against you.
In a recent article in LegalTech News titled New Ransomware Strains Can Cause Headaches for Unaware Attorneys, it was reported that 28 new strains of ransomware were discovered over the past few months. Some of the new strains are reported to be the result of copycat cyber criminals, but others are from more experienced professional criminals and harder to crack. They are using new techniques and approaches, as well as new ways to extort money from victims. One new attack is referred to as a “hybrid ransomware” where they not only lock the user’s files, but they lock the whole computer and use it to perpetrate further attacks within or outside the network. The article warned attorneys to expect more of it, with attacks estimated to double or triple compared to last year.
In addition to working with your IT specialists to assist in cyberattack prevention, you need to be sure you have excellent back up in place and be sure to educate and train your staff. Ransomware is most successful when you allow access by downloading what may appear to be an innocent program or file. Increase your cybersecurity training and enforcement of your cybersecurity policies internally to help mitigate the issue. In addition, be sure your law firm has proper cyber insurance coverage.
To learn more, contact ">Colleen M. Capossela, Esq., President of CentricPro Management Services, Inc.
Email Scams Continue To Lure Potential Victims
Reprinted with permission from CentricPro.
Email has become one of the most convenient and efficient ways of communicating. Unfortunately, it has now also become one of the most convenient and efficient ways for scammers to fool us, especially with regard to wire transfer schemes. Even the best-managed law firms could fall victim to scams that intentionally mislead unsuspecting employees into sending money or diverting payments to fraudsters who are impersonating clients, attorneys, lenders and Realtors.
These schemes are commonly referred to as social engineering scams where your employees are tricked with fake information received generally by email. The email appears to be legitimate, but it is not. It is a fraudster looking to get you to send money without realizing you are sending it to an imposter.
In the past week we were informed by a couple of CATIC Agents of fraudulent wire requests. One agent noted that as buyer’s counsel he received an email from seller’s attorney on a matter that would be closing soon requesting wiring of additional funds. References to the parties and the transaction appeared accurate, but there were some grammatical errors in the body of the email. In addition, in reviewing the email more closely the agent noticed that the email addresses of some of the parties were changed by one letter. This situation thankfully has a happy ending, with the attempted scam being prevented due to the vigilance of the attorney.
But unfortunately we are contacted by others and the results are devastating. Because the emails look so legitimate, at times the clues are not detected. At the CATIC Agent Forum, a representative of the FBI showed that it can come down to merely a change in an email address with the rest of the email appearing to be legitimate. It could simply be the changing of an “l” to a “1” in an email address which is very difficult to detect. Further, when responding you would not get an invalid email response back because the scammers are smart enough to pay the nominal cost for buying the scam domain name.
Lessons to be learned: Carefully examine all aspects of your emails. Do not automatically trust what you are receiving. Also set up email policies in your law firm and educate everyone on the dangers. In addition, make sure your law firm is properly covered by insurance in the event someone in your firm falls victim to a social engineering scam.
To learn more, contact ">Colleen M. Capossela, Esq., President of CentricPro Management Services, Inc.
Elizabeth Smith, Esq. Joins VATC
Vermont Attorneys Title is pleased to announce that Elizabeth Smith, Esq. has joined the company as Title Counsel on June 1, 2016. Liz will assist Andy Mikell with the underwriting needs of VATC members.
Liz graduated from Vermont Law School and Saint Michael’s College. She brings years of private practice real estate experience to VATC.
Underwriting Protocol for Property Enrolled In Vermont’s Current Use Program
As you may have heard, in response to the letter issued by the Vermont Department of Taxes on March 21, 2016, the Subordination Agreement form concerning Current Use liens has been modified. A copy of the both the letter and the new Agreement may be downloaded.
You will notice two changes to the new Agreement. First, it clarifies the State’s position that although the lien is subordinate to the mortgage, the lien is not extinguished in a foreclosure.
Second, the State has added a time of financing certification that there is no assessment (tax) due and owing on the property.
Underwriting Protocol
Effective immediately, lender and/or owner title insurance can be issued for property enrolled in the Current Use Program if:
1. A signed Subordination Agreement in the form attached is obtained and recorded in the land records; and
2. All title insurance commitments and final policies contain the following Schedule B, Exception (NB: inserted into the Addendum Page of a Short Form Loan Policy);
Land use change tax, if any, pursuant to enrollment of the Property in Vermont’s land use appraisal program (32 VSA Chapter 124), as evidenced by instrument recorded [date] in Book ___, Page ___ of the land records provided, however, that this policy affirmatively insures that at Date of Policy no land use change tax has been assessed or remains unpaid and subsequent assessments, if any, are not yet due and payable.
3. Note: the foregoing language does NOT get inserted into Schedule B, Part II (Matters that are Subordinate) of the final loan policy. It goes in Schedule B, Part I, Exceptions of the final policy.
If you have any questions, please contact the VATC office @ 800.876.6800 and speak with Andy Mikell.
Social Engineering Fraud/Email Related Frauds – What You Should Know
Reprinted with permission from CentricPro.
Social Engineering Fraud, to put it simply, is the ability of a fraudster to influence someone to disclose information and/or get them to act inappropriately…basically manipulating people to get information or gain access to systems. It could happen by way of a variety of media, whether email, the Internet, telephone, and at times face-to-face encounters. We have reported on a number of social engineering fraud schemes that have affected law firms locally, such as the false emails portraying a client and the false requests for wiring of funds to the fraudster. A number of businesses have reported that they have fallen victim to social engineering attacks and that losses have been in the thousands of dollars.
To mitigate the effects of social engineering attacks, law firms need to incorporate a plan as part of their cyber security initiatives. Most important in that plan should be the goal to educate and make the entire office aware of social engineering fraud strategies and what to watch out for in this area.
Different social engineering fraud strategies include:
• Impersonation: a fraudster using a believable reason to impersonate a person in authority, a fellow employee, boss or a client to gather confidential information or to request transfer of funds.
• Phishing: a fraudster attempting to acquire sensitive information, even money or transfer of funds, for malicious reasons, by masquerading as a trustworthy party in an electronic communication; it also includes a fraudster sending emails to the law firm that contain malware designed to compromise computer systems and capture confidential or sensitive information.
The fraudster may have any number of goals but more often than not the objective is simply financial gain. They have learned to leverage the human qualities of trust, helpfulness and fear to
manipulate their targets. They play on the inherent desire of most people to trust another. CHUBB reported that a former hacker turned security consultant Kevin Mitnick in his book The Art of
Deception-Controlling the Human Element of Security addressed this trust issue by noting:
“Why are social engineering attacks so successful? It isn’t because people are stupid or lack common sense. But we, as human beings, are all vulnerable to being deceived because people can misplace their trust if manipulated in certain ways….”
What firms must do is educate their staff and train them on what to look out for and what to do or not do to avoid being deceived. Some suggested measures include:
• Give people access only to what they truly need and what they are authorized to view.
• Be suspicious of unsolicited emails.
• Never release confidential or sensitive information to someone you do not know or whodoes not have a valid reason for having it – even if the person identifies himself or herself as a co-worker, superior or IT representative.
• Establish verification procedures for issuance of checks and wire transfers. A simple measure of calling your contact at the number you normally call to verify wire instructions and documenting this discussion is better than relying on what is emailed to you. Reduce reliance on emails for financial transactions.
• Do not allow use of unauthorized devices, like thumb/flash drives or unauthorized software on systems.
• Shred physical documentation when throwing out.
• Conduct penetration tests to assess your firm’s vulnerabilities.
Also, investigate proper insurance coverages. Most crime insurance policies and professional liability policies do not cover against these types of schemes. CentricPro in conjunction with Smith Brothers Insurance LLC has put together insurance programs that can assist in this matter. Have a gap analysis performed on your current policies to determine what additional coverages your firm needs for protection. At CentricPro we can assist in coordinating a free gap analysis. Please feel free to contact ">Colleen M. Capossela, President of CentricPro, to learn more.
¹Excerpts from CHUBB’s Guide To Preventing Social Engineering Fraud