7 www.loubar.org October 2025 As a lawyer, a lot can rest on a decision. Coverage shouldn’t be one of them. Sure, there is a chance you’ll never need us. But why take that chance? Lawyers Mutual is dedicated to Kentucky lawyers and makes your work our priority. Call (502) 568-6100 or visit LMICK.com for more information on how you can cover and protect your practice. We want you to focus on what matters. lent developers, a greater threat than ever before. Phishing attacks, for example, are reported to have increased by an astonishing 4,151% since the public release of ChatGPT in late 2022, according to cyber security firm SlashNext in “The State of Phishing 2024.” Beyond the capabilities of AI, many transactions, large and small, no longer take place in the same room across a closing table. Instead, we exchange paper and electronic packages, often electronically signed and sometimes electronically notarized. Some of the ways to reduce exposure to the risks posed by digital forgeries include insistence on direct verification of key deal documentation with the applicable party or platform, and verification of entity formation and good standing directly through state records rather than reliance on PDF certificates. Electronically signed or notarized documents should be delivered or verified through the signing platform and the identity of parties to the transaction should be authenticated through enhanced due diligence, especially for off-market or fast-moving deals. Mortgage Fraud In residential transactions, fraud rings have been known to use blends of real and fab- ricated data to obtain mortgages across multiple states. On a smaller scale, individual borrowers may use fake income documentation sourced from gig economy platforms. Commercial borrowers and sometimes third-party “consultants” are submitting false or inflated documentation to obtain bridge financing, construction loans or mezzanine debt. This includes inflated budgets and appraisals, falsified lien waivers, contractor invoices and draw requests. Lenders often rely heavily on attorneys to certify lien positions, making law firms potential targets for fraud liability. To mitigate this risk, attorneys should require in- dependent third-party inspections before issuing opinion letters or certifying draws. Flag mismatches between borrower representations and publicly available data such as permits, zoning and GIS information. Avoid over-reliance on borrower-provided spreadsheets and payment information and be careful to review the representations and certifications that you are making in your form documents. Cyber Threats: Ransomware, Data Breaches and Third-Party Risks Real estate entities such as law firms, title companies and the clients and vendors with whom we often work closely face additional risks from ransomware and phishing. Bad actors gain unauthorized access and hold data hostage or access and retain client infor- mation. Hackers exploit vulnerabilities in emails as well as vendor systems, threatening data integrity and access and costing impacted companies billions of dollars annually. Massive leaks containing property-owner data can expose clients to identity theft and fraud, and there are many points of vulnerability to consider. In one well-known cyber security incident that occurred in December 2023, the Real Estate Wealth Network’s client data system was breached, leading to the exposure of more than 1.5 billion records of real estate ownership data. Beyond the vulnerability of client information and liability, impacted firms often lose access to their own systems at least on a temporary basis, and may have to pay to regain access. According to “The State of Ransomware 2024” report by cybersecurity firm Sophos, ransomware impacted 59% of respondents, and more than half now pay the ransom. Although there is no one permanent solution to avoid ransomware and phishing, train- ing employees, implementing appropriate agent and vendor cybersecurity protocols, conducting due diligence on all third-party vendors and partners, are critical. It is also important to educate clients on privacy safeguards and use additional caution with the storage and transmission of nonpublic and financial information. (Vishnevetsky, G. (2024, September 20). Cybersecurity Threats in the Real Estate Industry: Risks and Protective Measures. VLTA Examiner Magazine.) Conclusion Commercial real estate attorneys must operate with the mindset of both a dealmaker and a gatekeeper. In 2025, the sophistication of bad actors demands a more scientific approach to legal diligence. For attorneys, the challenge is not only to spot fraud, but also to adopt and enforce protocols that prevent it without sacrificing deal flow. Building in-house cyber capabilities and security training, updating fraud checklists, and maintaining awareness and skepticism are now essential elements of legal practice in commercial real estate. Abbey Fargen Riley is a member of Stoll Keenon Ogden PLLC practicing in its Bank Transactions/ Finance/ Real Estate practice group and is the Chair of the LBA’s Real Estate Section. She works in SKO’s Jeffersonville, IN (formerly Applegate Fifer Pulliam) and Louisville offices. n (Continued from previous page)
