Impersonation Fraud in Real Estate: How Criminals Use False Identities to Exploit Operators and Renters

Real estate fraud takes many forms, but impersonation is the mechanism that runs through most of them. Fake listings, seller fraud, and wire fraud at closing all depend on the same core move: someone claims to be a person or organization they are not, and that false authority is enough to extract money, data, or access. Understanding how impersonation works in the residential real estate context is necessary if we want to prevent both consumers and operators from suffering consequences.

The FBI's Internet Crime Complaint Center logged 12,368 real estate fraud complaints in 2025, with $275.1M in reported losses, up from approximately $173M in 2024. That category includes rental fraud, wire fraud at closing, and title-related schemes.

Why Real Estate Impersonation Fraud Is Likely to Grow

Impersonation fraud requires the scammer to appear credible in order to pretend to be someone else: a landlord, a property manager, an attorney, a seller, etc. In the past, when communications and transactions were analog, it was harder for someone to pretend to be a person they were not. With technological tools, new cybersecurity challenges have emerged, along with more sophisticated impersonation techniques.

Nowadays, with AI assistance, fraudsters can create fake documents, photographs, and even videos that can make you believe that the person you're talking to is someone completely different.

And also, Impersonation frequently operates through direct communication channels where platform moderation plays no role: email, phone, text, and in-person contact at signings. This means it’s harder to catch before any damage is done.Three Forms of Impersonation in Residential Real Estate

Landlord and Property Manager Impersonation

In rental fraud, impersonation of landlords or property managers is the mechanism that converts a fake or hijacked listing into a completed transaction. The fraudster does not just post a deceptive ad — they respond to inquiries as the legitimate operator, conduct virtual or in-person showings, collect application fees or deposits, and issue fake lease agreements on what appear to be legitimate letterheads.

The harm lands on two parties simultaneously. Renters lose deposits and, in some cases, first and last month's rent to someone who has no authority over the property. Legitimate operators discover their brand, property images, and management identity were used to perpetrate fraud against members of the public — people who may later appear at the property expecting occupancy. That operational disruption, and its effect on prospective tenants who never entered a legitimate operator's CRM, is a direct consequence of a fraudster having enough publicly available brand information to impersonate a real company convincingly.

If property manager impersonation leads to a squatter, the financial losses can be significant. The total cost of eviction per squatter — including uncollected rent, legal costs, property damage, cleaning fees, and the opportunity cost of wasted time — is around $10,000. It also damages your brand as collateral: even though you had nothing to do with the scam, consumers associate you with the experience.

Seller Impersonation

Seller impersonation is a more structurally complex scheme, and its targets have shifted in recent years. Rather than impersonating a landlord to collect rent, the fraudster impersonates a property owner to sell or encumber a property the real owner does not know is being marketed.

The target profile is specific. According to a July 2024 study by ALTA (American Land Title Association), 85% of seller impersonation attempts targeted vacant land. Vacation properties and rental properties followed at 37% each, and agricultural land at 23%. Properties without mortgages, or with absentee ownership, reduce the number of parties who might catch an unauthorized transaction before it closes.

The same study found that 28% of U.S. title companies experienced at least one seller impersonation attempt in 2023, and 16% paid claims on transactions where it occurred. A separate ALTA survey from October 2023 found that 54% of real estate professionals had encountered at least one fraudulent seller impersonation attempt in the prior six months.

In April 2025, the FBI's Boston Division issued a public warning about a sharp rise in quitclaim deed fraud and seller impersonation targeting vacant and residential properties across New England. Local reporting on that warning cited FBI data showing 2,301 victims and more than $61.5 million in losses between 2019 and 2023 in Maine, Massachusetts, New Hampshire, and Rhode Island — a figure that trade and media sources have widely described as representing a dramatic multi-year increase in this specific fraud pattern.

In March 2026, the FBI executed 11 arrest warrants in Southern California as part of a federal investigation into a real estate loan fraud ring. Prosecutors alleged that, over a multi-year period, defendants stole the personal identifying information of elderly homeowners and used it to obtain approximately $17 million in fraudulent real estate loans secured by those homeowners' properties — with approximately $6 million in documented losses. The case illustrates how identity theft in a residential real estate context is not limited to rental transactions: it can reach into ownership records and financing structures that owners have no visibility into until the damage surfaces.

Wire Fraud

The third form of impersonation targets the transaction itself, not the property or landlord identity. Fraudsters intercept or monitor the communication chain around a real estate closing and impersonate the attorney, title company, or escrow agent responsible for providing wire instructions.

Some fraudsters use phishing techniques to compromise an employee's email account, then remain dormant while learning the user's behavior. When a transaction is close to final, they reappear and send fraudulent wire instructions. This process is often automated.

The FBI's 2025 IC3 report documents two representative cases. In March 2025, a Missouri homebuyer attempting to close on a property received a fraudulent email appearing to come from their title company, containing wire instructions for more than $1.3 million to a fraudulent bank account. In August 2025, buyers closing on a home received an email impersonating their attorneys and wired over $449,000 before the FBI's Recovery Asset Team was able to freeze the funds at the recipient bank.

Why Detection Is Structurally More Difficult

For operators managing residential portfolios, the challenge with impersonation is not just the individual incident. It is the absence of a platform-level signal.

A hijacked listing on Craigslist or Facebook Marketplace is, at least in principle, detectable through image matching, phone number cross-referencing, or automated monitoring across platforms. Property Shield's fraud detection platform does exactly this, scanning continuously across rental marketplaces, social platforms, and classified sites for unauthorized use of property data, images, and operator identity.

Impersonation at the communication layer, such as a spoofed email domain, fraudulent wire instructions sent directly to a buyer, or a fake lease issued over WhatsApp, does not leave a public footprint. It occurs in private channels where automated platform monitoring has no reach.

For operators, this asymmetry points to two practical responses. The first is reducing the public surface area of operational identity: monitoring where your brand, property images, and management information appear online, and detecting unauthorized use early. The second is establishing clear internal verification protocols for closing-related wire instructions, including independent confirmation through a known channel, separate from email, before any wire is initiated. The IC3 cases from 2025 both involved buyers who received wire instructions through email with no secondary confirmation step.

Where the Raw Material Comes From

Impersonation fraud in real estate requires access to the right information at the right time, and much of that information is publicly available by design.

Seller impersonation schemes typically begin with a search of county recorder records, property tax rolls, or assessor databases. These sources identify who owns a property, whether it carries a mortgage, whether it is vacant or absentee-owned, and where the owner's mailing address is. ALTA has documented that fraudsters use this publicly available ownership data to identify high-equity, unencumbered, or remotely managed properties as targets, then use the owner's name and address — sometimes combined with separately obtained identity documents — to present themselves convincingly at signing.

Landlord and property manager impersonation draws from a different layer: operational visibility. Signage on vacant properties, branded listing templates, management company names on public ads, agent license numbers in MLS data , these are the materials a fraudster assembles to build a credible impersonation of a real operator. The same data distribution infrastructure that makes legitimate listings visible across platforms also makes the identity of the operator visible to anyone looking to replicate it fraudulently.

AI tools and deepfakes are a growing threat in landlord and property manager impersonation, since fraudsters can imitate someone not only by copying their writing style, but also by creating fake photographs or videos.

Attorney and title impersonation at closing depends on a narrower window: knowing that a specific transaction is in progress and which parties are involved. Fraudsters obtain this through compromised email accounts, monitoring of correspondence, or information gathered earlier in the transaction process.

In each case, the common factor is that the information needed to impersonate someone in a real estate transaction is not hidden. It is structural. This is what makes impersonation a persistent risk rather than an opportunistic one , and why response strategies focused only on individual incidents tend to underperform against fraud that operates at a pattern level, as covered in Understanding Real Estate Fraud: From Isolated Scams to Portfolio-Level Risk.

What This Means for SFR, MFR, and MLS Operators

The fraud types covered in Types of Real Estate Fraud: What SFR, MFR, and MLS Operators Need to Be Preventing describe what the categories are. Impersonation is the thread that runs through several of them.

For SFR and MFR operators, the relevant exposure points are brand impersonation in rental fraud, seller impersonation targeting vacant or remotely managed properties, and the operational disruption that follows when a fraudster successfully impersonates your organization. The person who shows up at a property expecting occupancy under a fake lease creates a real incident — not just a digital one.

For MLS participants and associations, listing data and agent credentials are the raw material for multiple impersonation schemes. When MLS-sourced information is used to construct a seller impersonation, or when a licensed agent's identity is cloned to support a fraudulent transaction, the association's data infrastructure is part of the chain — even if the MLS itself has no direct liability.

Across all segments, impersonation fraud in real estate shares a common structural vulnerability: the trust mechanisms built into the transaction process — verified identities, licensed professionals, known contact information — are also the surfaces that fraudsters exploit. Protecting against this requires visibility at both the digital and physical layers of portfolio operations, before an incident has already completed.