Sometimes, they seem innocuous.
This one showed up in my email this morning:
"Good Morning, We are looking for a notary agent to handle our documentations. Kindly email me back if you’re interested.
CHIN L HUANG
CHICAGO TITLE AGENCY"
I immediately forwarded a copy of this email to a friend who works for Chicago Title Insurance Company (the real name of the actual firm); she is forwarding it to their fraud department.
For me, the first flag that this was not an actual valid communication was that it came through a personal email address: firstname.lastname@example.org. No title rep would ever communicate an assignment through personal email - they would use their encrypted company account. As soon as I opened the message (after first checking that it had no attachments, and yes - I ran an antivirus/malware scan immediately after reading it), I noted that the company name is not right - Chicago Title is Chicago Title Insurance Company, not Title Agency - no employee would sign off with an incorrect company name.
Not exactly sure what the end game was for this sender - probably if I responded, the next email would request my W-9 and bank info to sign me up - but I’m not playing.
Apparently these scammers are not aware that Notary Publics are experts in fraud prevention - it is, after all, at the core our age-old purpose.
Like you, I seem to get a plethora of these, such as:
Good Morning, We are looking for a notary agent to handle our documentations. Kindly email me back if you’re interested.
and another, ostensibly from a Matthew Levy…
i was actually searching for a notary on 123notary.com and i came across your profile as one of their agent, my wife and i are currently planning to buy our first house and we are in need of a reliable notary to help us handle the document part, as our agent said one will be needed.can you help with this? kindly get back to me if you’re interested so i can have some documents send to via secure mail.
…and like you, I looked for suspicious attachments - there are none. There doesn’t seem to be any kind of virus or malware associated with these emails. Tried replying, but never receive any response. They seem to always comes from a gmail account. And like you, I simply can’t comprehend what their end game is.
I won’t lie, I initially suspected these might be originating from Jeremy Belmont of 123notary.com; his way of checking up on “his” notaries to see if they’re responding to customer requests. It’s the kind of thing he would do (IMHO), but I just can’t believe he would time for this type of charade.
If you reply (like I did) you will get a second email with an attachment. The body of the email will tell you that the attachment contains the details of the closing, with name, address, phone number of the party who is trying to hire you. When you click on that you are directed to a website where they want you to log in using your gmail (or yahoo or other ) account with password…DON’T DO IT! The end game appears to be to get your password to your email account so that they can “hijack” loan documents that may be emailed to you. Or to hijack you email in general…who knows how the criminal mind works.
And no, I do not think they are coming from Jeremy. The one I received was from “Mary” and she and her husband were buying a home and needed a notary.
My first email from “Heather Myers”:
i was actually searching for a notary on 123notary.com and i came across your profile as one of their agent. my wife and i are currently planning to buy our first house and we are in need of a reliable notary to help us handle the document part, as our agent said one will be needed.can you help with this? Please advise.
And the second after I responded:
Thanks for getting back to me,i have attached a document to this email for you to review.kindly review this and get back to me if you’ll be needing anything else.both my office and cell phone number is in the doc (page 3) you can give me a call at your convenient time.
It was accompanied by a “scan100.pdf” which provided a OneDrive link to access with your user/password authentication.
First time I’ve seen this. I, too, doubt Jeremy is involved, but the scammers are definitely targeting his data base.