The FBI’s 2025 Internet Crime Report dropped on April 13. The number that should be sitting on every working real estate agent’s desk this week: $275 million lost to real estate fraud in 2025, across 12,368 complaints — up from $173 million and 9,359 complaints in 2024. That’s a 59% jump in losses and a 32% jump in incidents in twelve months, and the Inman piece on April 21 plus the HousingWire follow-on April 23 made the diagnosis explicit: AI is the accelerant.
If you’re an agent reading this, the question isn’t whether to take the threat seriously. It’s what to do this week that’s tangibly defensive without buying a single new piece of software. That’s what this post is.
Block one Friday afternoon — sixty minutes, your laptop, your CRM, your last three closing files, your phone. By the end of it you’ll have rewritten your wire-instruction template, audited your email signature, set up a voice-callback protocol with your closing team, added a one-paragraph fraud-defense insert to your listing presentation, and posted a 60-second reel that teaches your sphere the same thing. Five moves, six minutes each. The audit isn’t theoretical. It’s the smallest amount of work that materially reduces your exposure on the next deal.
What the FBI Numbers Actually Mean for You
Two paragraphs of context first, because the headline number ($275M) hides the part that should make you sit up.
The FBI counts real estate fraud as a single category in its IC3 report. Inside that category, the fastest-growing slice is business email compromise (BEC) and AI-enabled wire fraud: a buyer or seller (or both) gets a spoofed email — increasingly, a spoofed voice call using a cloned voice — that redirects the closing wire to an attacker-controlled account. The money moves in minutes; recovery happens in roughly 4% of cases (per the FBI Recovery Asset Team’s published 2024 stats). When the wire goes, it goes.
The reason 2025 broke trend isn’t that more attackers entered the field. It’s that AI took two friction points out of the attack: voice cloning (you used to need to record someone for hours; you now need 30 seconds of audio) and email impersonation (you used to need to write convincingly; you now ask any LLM to write in your voice). Both pieces dropped to commodity tooling between 2024 and 2025, which is why the chart bent. The same call you used to recognize as suspicious because it sounded slightly off — that “tell” is gone now. That’s the actual change.
Three immediate implications:
- Email-only verification is now a known-bad pattern. If your closing-week protocol depends on confirming a wire instruction over email, you are running an unpatched protocol against an upgraded threat.
- Voice verification is now ambiguous. A phone call from “your closer” can be a deepfake. The defense is not “I called and they confirmed.” It’s “I called the number we both wrote down at our first in-person meeting.”
- The agent is the high-leverage defender. Title companies, lenders, and banks have all hardened their workflows. The weakest remaining link in the closing chain is the agent’s email + the agent’s relationship with the buyer/seller. That’s where the audit lives.
The 5-Step Friday Audit
You can do this at your own pace, but the whole point is that each step is small enough to ship in one sitting. Block 60 minutes. No software purchases. By 5pm you’re done.
Step 1 — Email Signature & Auto-Reply Audit (6 minutes)
Open your email signature and your auto-reply template. Two questions:
Does your signature confirm specific transactions in progress? “Currently working with the Hendersons on the 247 Maple closing” — anything like that needs to come out today. Attackers scrape it, then call your buyer pretending to be you. (If you have a “currently representing” line you use for marketing, move it to your bio page on your website. Not in your email footer.)
Does your auto-reply confirm that you’re out of office during a known closing window? “I’m at conference Wed-Fri, Jane will cover urgent items at jane@…” — that’s two pieces of attacker intel handed over. Replace with: “I’ll respond Monday. For time-sensitive transaction matters, please call me directly at [phone]; do not reply to this email.” No conference name, no covering agent’s email, no out-of-office window. The point is to leave attackers with no thread to pull on.
While you’re in there: turn on the “external sender” warning banner if your email provider supports it (Gmail Workspace, Outlook 365, most enterprise providers do — check Settings → Inbox or Settings → Anti-spam). The banner is ugly. Ugly is the point.
Step 2 — Wire Instruction Template Rewrite (10 minutes)
This is the highest-leverage move in the whole audit. Open your wire-instruction template (the email or PDF you send buyers ahead of closing). Two changes:
One — hard-code a “we never change this” line. At the very top, in bold:
“Wire instructions for this transaction will not change. We will NEVER email you new wire instructions, send you a ‘corrected’ wire link, or call you to redirect funds. If you receive an email or call that does any of those things — even from what looks like our office — assume it is fraud and call me at [phone] to verify before sending any money.”
That single paragraph kills roughly 80% of BEC playbooks, because the playbooks depend on the buyer not knowing the rule. State the rule. Now the buyer is your defender, not your liability.
Two — replace any “click to view secure wire instructions” link with the actual ABA routing and account number, plus a callback verification step. The “click to view” pattern looks professional but is exactly the surface attackers spoof. If your title company or escrow company insists on a portal link, write the portal’s full URL in plain text below the link, so the buyer can verify the link target manually before clicking.
Save the new template. Send it once to yourself. Read it as if you were a panicked first-time buyer at 4pm on a Tuesday. If anything in there sounds like an attacker could mimic it, rewrite it.
Step 3 — Voice Callback Protocol With Your Closing Team (12 minutes)
Pick up the phone and call your three most frequent closing partners — your usual title officer, your usual lender contact, your transaction coordinator if you use one. Tell each:
“I’m tightening fraud defense. Going forward, before I authorize any wire change or transfer, I need to call you back at the number we have on file. If I get an email or text from you about a wire, I will call this number to verify; if you don’t pick up, the change doesn’t happen until I reach you live. Please do the same with any wire request that looks like it’s coming from me.”
Then — this is the part most agents skip — write down those numbers in a specific place that’s not your email. Your phone contacts are fine. A laminated card in your closing-week folder is better. The point is that when an attacker spoofs an email or a text “from your title company” with a new callback number, you don’t have to think; you reach for the number you wrote down before the deal started.
Some agents add a passphrase: a non-obvious word or phrase you and your closing partners agreed on at the start of the relationship. Voice-cloning AI can sound like your title officer. It can’t know that you and she agreed on “Cardinal” as the wire-verify passphrase three months ago. If you want one belt-and-suspenders move beyond the callback, this is it.
Step 4 — Listing Presentation Fraud-Defense Paragraph (8 minutes)
Open your listing presentation deck and find the slide where you talk about how you protect the seller during the listing-and-closing process. Add a paragraph (or a slide if you’ve got room):
“AI-enabled fraud is the fastest-growing risk in residential real estate — the FBI logged $275 million in losses across 12,368 victims in 2025, up from $173 million the year before. Here’s what we do to keep your transaction safe: we never email new wire instructions, we use voice-callback verification with your closing team using a number we set up at the start, and we ask you to do the same. If anyone — including someone who sounds like me — calls or emails to redirect funds, you call my cell at [phone] to verify before any money moves.”
Three things this paragraph does at once. It demonstrates you’ve thought about it (sellers love that). It primes the seller to use the same defense pattern with their buyer, which protects your closing. And it’s a quiet differentiator vs. the agents who haven’t done this work yet — which, this Friday, is most of them.
Step 5 — 60-Second Sphere Reel (15 minutes)
Open your phone, set a 60-second timer, hit record. Script:
“Hey [neighborhood/sphere], real quick — the FBI just reported AI scams stole $275 million from real estate transactions last year. Most of them target buyers in the closing week. Here’s the rule: any email or call telling you wire instructions changed is a scam, even if it sounds exactly like me or your title officer. The instructions don’t change. If you get one of those emails or calls, call me directly. That’s it. Save my cell. Use it.”
That’s three sentences and a CTA. Post it once on Instagram, once on Facebook, once on LinkedIn if that’s your sphere. Pin it to your business profile. The reach you’ll get from this one reel will be among your highest-engagement posts of the month, because (a) it’s a real public-interest message, not a marketing pitch, (b) people who haven’t bought a home in five years still know someone who’s about to, and (c) the algorithm rewards public-safety framing with reach the way it doesn’t reward listings.
Total wall-clock time on the audit so far: 51 minutes. You have nine minutes left. Use them to text your three most active past clients — anyone you closed in the last 18 months — the same message in plain text. They will love you for it. They will also tell their networks who their agent is. This is what unlocks defensive marketing without you ever pitching anything.
The 4 AI Scams You’ll Recognize in Under 30 Seconds
Quick reference card. Not exhaustive — these are the four currently dominating agent reports.
1. Cloned-voice wire redirect. A “voice from your title officer” calls 3pm Friday with new wire instructions. The voice is genuinely close to the real one. Tell: it always involves urgency (closing tomorrow, funds need to move now) and always asks you to bypass the email-confirmation step. Defense: hang up and call back on the number you wrote down. If the new instructions are real, your title officer will pick up that number.
2. AI-generated rental listing fraud. A scammer copies your active listing photos, reposts on Facebook Marketplace or Craigslist with a “for rent” ask. AI generates the spoofed property description that’s just plausibly different from your listing language. Tell: rent priced 30-40% below market for the area; “owner traveling, send deposit via Zelle” framing. Defense: a single Google reverse-image search on each new listing photo before it goes public. The KRON4 reporter case from January 2026 shows even careful renters fall for this; your role is to teach your sphere to do the reverse-image check before they wire any deposit.
3. Synthetic-identity buyer pre-approval. AI generates a pre-approval letter on a real lender’s letterhead, but the buyer themselves doesn’t exist — or is a real identity stolen at the SSN level. Tell: pre-approval comes from a lender you don’t recognize; buyer’s contact info routes only to email and a Google Voice number; refuses video meetings. Defense: a 10-second phone call to the lender’s main switchboard (number from the lender’s actual website, not the letter) to verify the loan officer and the buyer.
4. Housefishing — AI-edited listing photos. A seller asks you to “AI-clean” listing photos to remove flaws (a tree, a stain, a dated kitchen). Sometimes innocuous, sometimes legally exposed. Tell: the seller’s request goes beyond exposure/color correction toward removing or changing physical features. Defense: a written disclosure in the listing description (“photos are AI-enhanced for color and lighting; no physical features have been added or removed”) and a clear conversation with the seller about what’s allowed under your state’s MLS rules. When in doubt, decline.
What This Means for You
If you’re a working agent reading this Friday afternoon: run the five steps in order. Don’t optimize, don’t customize for your specific tech stack, don’t wait until you have a quiet week. The point of the audit is that any ten-year-veteran agent and any second-year agent both ship the same five outputs by 5pm. We have a free 8-lesson AI for Real Estate Agents course that goes deeper on the defensive workflow plus the offensive (good) AI use cases for your business.
If you manage a brokerage: the highest-leverage version of this audit is to schedule it as a 60-minute team session next Friday. Run it together. Send the agents home with the same five outputs and a peer-review of each other’s wire templates. The agents who already audited will sharpen the agents who haven’t, and you ship a fully-defended brokerage in a single afternoon.
If you’re a title officer or closer: the Step 3 voice-callback protocol works because everyone in the chain agrees to it. If your agents aren’t doing this yet, send them the link to this post, then send them a 30-second video saying “here’s our verification protocol going forward” — formalizing on your end gives the agents permission to formalize on theirs.
If you’re a buyer or seller reading this because your agent shared it: this is what your agent should be doing for you. If they aren’t, ask them to. If they say “we don’t worry about that yet,” reconsider the relationship before you close. The wire is six figures. The agent’s fraud defense is the closest thing you have to insurance on it.
The Bottom Line
The 2025 FBI numbers said the quiet part out loud: AI is the accelerant in real estate fraud, and the fastest-growing attack surface is the agent’s email and the agent’s relationship with the closing team. None of those facts mean a working agent has to spend money or build a security operations center. They mean a working agent has to spend sixty minutes on a Friday rewriting templates and tightening protocols.
Run the audit. Send the reel. Save the callback numbers. By 5pm you’re not bulletproof — nothing is — but you’re materially harder to scam than 80% of the agents in your market, which is the part that matters when the next attack lands.
Sources:
- How AI Is Intensifying Real Estate Fraud — And What Agents Can Do Now — Inman (Apr 21)
- How fraud gets stopped in its tracks by real estate and title pros — HousingWire (Apr 23)
- FBI: Real estate fraud losses hit $275M in 2025 — HousingWire
- Online Real Estate Fraud Climbed to $275M in 2025, FBI Says — National Association of REALTORS
- FBI Report: Online Real Estate Fraud On The Rise To The Tune Of $275M — Inman (Apr 14)
- FBI Report: Real Estate Fraud Losses Total $275 Million-Plus in 2025 — RISMedia
- Latest FBI Cybercrime Report Shows Real Estate Fraud Losses Rising — ALTA
- Consumer Guide: Spotting Deepfake Scams in Real Estate — National Association of REALTORS
- AI, Deepfakes, and the New Face of Fraud — ALTA
- AI-Driven Fraud: The Hidden Threat in Real Estate — First American
- Losses from real estate fraud surge in 2025 — Scotsman Guide
