By Bryan Johnson, IT Director at 星空传媒

Having a consistent, secure and reliable digital presence is a must for any business. Without it, you will be hard-pressed to convert new customers or maintain a competitive edge. Of course, this presents interesting challenges, especially for small businesses, as you鈥檒l need to decide on the best approach for your IT needs: make an in-house, full-time hire, partner with a managed service provider or outsource specific needs to a contractor.

Why is IT support necessary?
It can be tempting to skimp on IT resources. But in 2026, even small agencies rely on cloud apps, e-signature tools, remote access, email and file-sharing platforms that need to be managed safely. Cybersecurity concerns alone justify seeking IT support, from phishing and business email compromise to ransomware, wire fraud and tech-enabled scams. For industries like title insurance, the need for IT help has additional urgency, as agents routinely deal with sensitive consumer and transaction information.

Having an IT expert pays off in other ways as well. From staying up to date on the latest trends to keeping your systems properly updated, managing backups, access controls, user training and incident response planning, dedicated technology professionals can bring exceptional value to any title agency.

Contractor vs. employee
Let鈥檚 discuss some of the big differences between a contractor and an employee. While pay and taxes are critical ways in which they diverge, perhaps even more substantial is the issue of autonomy. Employees are hired with the understanding that the work they perform will be done per the direction of the company. Contractors, on the other hand, typically have far more control over when, where and how the work gets completed. In 2026, agencies may also consider a managed service provider, or MSP, which can offer ongoing monitoring, help desk support and cybersecurity services without requiring a full-time hire.

To hire or to contract? That is the question.

So, should you hire an IT expert or simply contract with a firm or individual? Ultimately, it depends on your agency鈥檚 needs. Contracting with a professional or working with an MSP can carry significant financial benefits, helping you save money on everything from health insurance to vacation time, but other questions are equally important to consider:

• How urgent are your IT needs?
  • Making a full-time hire often takes considerably more time than contracting a professional. Can your projects wait, or do you need to move immediately? Keep in mind that the market for qualified IT, cloud and cybersecurity talent remains competitive, and it can take time to find someone with the right mix of technical, security and title industry knowledge.
• Do you need continuous support or project-based assistance?
  • Do your systems and operations require continuous IT support, or does it make sense to hire on an 鈥渁s-needed鈥� basis as projects pop up? Quite often, businesses have one-off projects that require highly specialized skill sets, such as cloud migration, Microsoft 365 or Google Workspace administration, backup and recovery testing, security assessments or data engineering. In those cases, it may not make sense to hire someone full-time.
• Can you absorb the losses if you make a bad IT hire?
  • The cost of making a bad hire can be significant once you factor in recruiting, onboarding, disruption and lost productivity. Hiring a contractor or MSP lowers those stakes considerably, as these relationships are typically temporary or service-based.
• What are your concerns about regulation and liability?
  • Because title insurance is a heavily regulated industry, you must consider regulatory obligations, liability and vendor oversight when bringing in technology contractors. That includes how they protect customer information, manage access, document controls, support compliance obligations and respond if something goes wrong. You should also think about how long it will take a contractor to understand your workflows and get up to speed.
• Are your security basics covered?
  • At a minimum, your IT team should be able to help you with fundamentals like multi-factor authentication or passkeys, patching, endpoint protection, secure file sharing, tested backups, basic monitoring and clear policies for any AI tools your team uses.

No two businesses are the same

As with any other aspect of a business, no two companies are the same when it comes to IT. What is straightforward for one firm might be more complicated for another. What鈥檚 universal, however, is the need for high-quality technology professionals who can help agencies stay secure, efficient, compliant and profitable. By approaching the decision strategically and weighing all relevant considerations, agencies can find a solution that works for their business.

The post In-House Or Outsourced IT? appeared first on 星空传媒 星空传媒 Title Insurance Co..

By Bryan Johnson, IT Director, 星空传媒

Although the risks of our digital-first economy are becoming increasingly well known, many people still are not sharing information safely. Far too many businesses rely on email and PDF attachments when sending transaction information, despite the problems they can pose for organizational security and efficiency. Thankfully, there is a better way forward: portals, permissions, and link expirations. These can all go a long way toward tightening your agency鈥檚 information controls while improving workflows at the same time. Here鈥檚 what that can look like in practical terms for your team.

What counts as sensitive info?

First, let鈥檚 dig into what counts as sensitive information that should NEVER go into emails or attached PDFs. Some of the common examples include:

• Anything that could be construed as non-public personal information (NPI), like social security numbers (SSNs), dates of birth (DOB), bank information and more.
• All wire instructions, payoff information, or disbursement data.
• Any statements from lenders or closing documents.
• All information that could be leveraged to impersonate transaction stakeholders, like signatures, account numbers, or scanned copies of IDs.

A common rule of thumb is this: If it could possibly harm someone or derail your transaction, find a different way to share it.

Pursue a portal-centric approach

Rather than risk compromising your security or efficiency with PDF attachments, pursue implementing a document-sharing portal for your agency. These portals can be broken down into two buckets. There are industry-specific document-sharing portals offered by brands like Qualia and SoftPro. And there are general document-sharing portals such as ShareFile, Dropbox, Google Drive and Microsoft OneDrive.

The portal type you choose should come down to your businesses needs. If you are a high-volume agency with multiple offices and large coordination needs, you鈥檒l likely benefit the most from a more tailored solution. Custom platforms like these often excel at unifying document versions and creating a single source of truth to move transactions faster at scale.

On the other hand, if you are a small shop, a more generalized portal may be sufficient. Either approach involves tradeoffs, but you can benefit from looking inward and carefully assessing your team鈥檚 needs before pulling the trigger.

Implement best practices with your portal

After making your decision on a document-sharing portal, you should establish safeguards around permissions and links. Title agents are busy people, so implementing built-in guardrails is important.

Keep things simple: while employees can still use email to coordinate around closings, links鈥攏ot attachments鈥攕hould be how important or sensitive information is shared. The beautiful thing about links is that they are endlessly customizable with today鈥檚 modern tools. Consider establishing the following defaults for your links:

• Make each link 鈥淰iew only鈥� as its default setting. Avoid allowing downloads unless completely necessary.
• Refrain from setting a link鈥檚 permissions to 鈥渁nyone with the link.鈥� This is critical for sensitive information.
• If your platform allows it, prohibit resharing links and require recipients to be invited users.
• DO NOT leave links live indefinitely. Consider a 7-day limit for IDs and wires and 2-4 weeks for other documents.  

Taking these steps ensures you will be getting the most value out of your portal. And more importantly, it guarantees that you are using all available means to protect your customers鈥� transactions and guard your company鈥檚 reputation.

Become a more secure and reliable title partner

Amid the hustle and bustle of a transaction workflow, it can be tempting to attach important documents and send an email. But believe me when I say that you want to resist that impulse. While email and attachments are convenient, they can pose real risks to your agency鈥檚 security and long-term viability. Implementing and optimizing a modern document sharing platform with the right permissions and guardrails can help you work more safely and efficiently. Making this investment in your document sharing practices also demonstrates a real commitment to the security of your customers and partners. This will translate not only into satisfied customers but also solidify your reputation as a reliable title partner.

The post Stop Risking Your Sensitive Docs appeared first on 星空传媒 星空传媒 Title Insurance Co..

By Bryan Johnson, IT Director, 星空传媒

Keeping your agency鈥檚 data and digital assets safe these days can often feel like a never-ending battle. Unlike you and your team, fraudsters and other criminals never take a day off. They don鈥檛 go on vacation, and they never get sick. Because of this, your agency needs a cybersecurity policy that is also always-on. While this requires many moving pieces all working harmoniously together, today we are going to focus on just one important element: passkeys.

What are passkeys and why do they matter?

You may already be familiar with passkeys. If you have an iPhone, you may have seen prompts to save a passkey for a supported app or website. If you choose to do so, you often won鈥檛 need to enter your password again on that device. Instead, you approve the sign-in with Face ID, Touch ID, or your device passcode, and the passkey authenticates you to the app or site.

Passkeys use what is known as 鈥減ublic-key cryptography.鈥� In plain English, that means that passkeys create two linked digital keys鈥攁 public key, stored by the website or app, and a private key, which stays safely on your device. These keys work together upon sign-in to verify your access, all while never exposing a password that a hacker can pick off and weaponize.

This is obviously a nice thing for consumers from a convenience perspective, but passkeys also hold numerous security advantages. Traditional passwords are more vulnerable to thieves because users often reuse them across sites鈥攎aking them easier to guess. Passkeys, on the other hand, cannot be reused, rendering that security concern irrelevant.

In addition, passkeys are never 鈥渉oused鈥� in the systems of a website or app. They stay safe on your local machine. This means that even if a company experiences a data breach (an all-too-common occurrence these days) there will be no sensitive user information to steal.

Perhaps most importantly, passkeys greatly reduce the prospect of a user getting 鈥減hished鈥� by a criminal. Phishing is one of the most common cybersecurity concerns out there. It works so well because human error often happens online and hackers have gotten very, very good at tricking people into handing over their sensitive information.

Passkeys largely negate that concern. If a cybercriminal tricks someone into going to a fake website, for example, a user鈥檚 passkey will not work on it. Or to put it another way, with passkeys, users are not at risk of accidentally giving away a reusable asset that can be exploited. In fact, they are not giving away an asset at all, but half an asset that requires the other key to work.

Make passkeys central to your cybersecurity approach

Clearly, passkeys can be just as valuable to businesses as they are to individual users, especially businesses like title agencies that must routinely protect sensitive data and user information. There are multiple systems and touchpoints where deploying this technology would reinforce your overall security posture, such as employee email, escrow and transaction systems, document portals, and any client-facing accounts where closing information may be shared.

Once you鈥檝e made the decision to deploy passkeys, the best way to start is with the systems you are using every day. Many agencies, for example, use some variation of Microsoft 365 or Google Workspace to handle employee emails and other business applications. Within these platforms, you can turn on passkey support and then start testing internally to see how it works. Once you get the lay of the land, you can expand it throughout the rest of your team.

You can, of course, build your own system, but it is generally not recommended unless you have strong identity management experience on staff. Creating your own passkey server can be expensive and time-consuming, and unless you know exactly what you鈥檙e doing, it can lead to a critical security incident.

Taking the bait

Our digital-first world is an amazing place, but it can also be a fatiguing one. While people can and must take breaks, our security systems cannot afford to. The criminals and hucksters out there are always circling, looking for a weak point in your defenses. While passkeys can鈥檛 keep all these threats at bay on their own, they can do a lot of good. Passkeys eliminate some of the most common methods thieves utilize to attack your team, harm your agency and steal your data. They disrupt routine phishing methods. And they ensure that even if you wind up taking their bait once in a while, there is nothing worth reeling in.

The post Deploy Passkeys in 2026 for Better Security appeared first on 星空传媒 星空传媒 Title Insurance Co..

By: Elyce Schweitzer, 星空传媒 星空传媒 Regulatory Compliance Officer

Artificial intelligence has made fraud more convincing and more difficult to spot. As we explored in our earlier piece on deepfake-enabled fraud, today鈥檚 bad actors can impersonate real parties, voices, and documents with a level of sophistication that would have been unimaginable just a few years ago.

In response, lawmakers and regulators are strengthening the legal tools available to prosecutors, civil enforcers, and courts. These developments don鈥檛 rewrite core fraud principles, but they do change how those principles apply to real estate closings 鈥� and they reinforce the value of careful verification.

Understanding this evolving landscape helps explain why it鈥檚 so important to Verify, Then trust 鈥� every file, every party, every time.  

Fraud and Impersonation: Statutory Tools That Matter

States are updating their criminal and civil fraud statutes to make it clearer that impersonation using modern technology is not a technical loophole but a prosecutable offense.

For example, in Texas, (effective September 1, 2025) amended Chapter 32 of the Texas Penal Code by adding Sections 32.56 and 32.57. Section 32.56 makes it an offense, with intent to enter or remain on real property, to knowingly present to another person a false, fraudulent, or fictitious document purporting to be a lease agreement, deed, or other instrument conveying real property or an interest in real property. Section 32.57 makes it a first-degree felony to knowingly list, advertise, sell, rent, or lease residential real property without legal title or authority.

In practice, these sections clarify that impersonation involving falsified property documents constitutes fraud, even when the deception relies on digital or AI-assisted tools. Notably for title agents, when such cases are investigated or litigated, the analysis may extend beyond the fraudulent act itself to examine how the transaction progressed, including what steps were taken to confirm identity and authority before reliance occurred.

The Role of Notarization and Remote Online Notarization

Notarization has become a critical built-in safety mechanism for property transactions. States that authorize Remote Online Notarization (RON) typically require defined identity-verification procedures, which may include multi-factor authentication, recorded sessions, and retained audit logs.

These requirements do more than check a box. They create layers of verification that are observable after the fact. When fraud does occur, prosecutors, judges, and civil litigants may scrutinize whether these verification layers were followed.

In other words, notarization statutes don鈥檛 replace professional diligence 鈥� but they codify expectations for how identity and intent should be confirmed and documented.

Expanding Definitions of Deceptive Communication

Other states have updated their fraud laws to explicitly cover realistic representations made with advanced technologies. , effective April 2, 2025, defines 鈥渄eceptive audio or visual media鈥� as the use of highly realistic representations of speech, conduct, or writing where the subject did not actually engage in that conduct. The statute criminalizes generating, soliciting, disclosing, or using deceptive audio or visual media for the purpose of attempting or furthering the commission of a crime or offense, or with knowledge it will be used for that purpose.

takes a broader approach by recognizing that sophisticated communications techniques, including those enabled by technology, play a central role in modern fraud schemes. The statute consolidates fraud and organized fraud offenses, aligns state law with federal mail and wire fraud precedents, and includes enhanced penalties for certain first-degree felony offenses. It also provides civil remedies related to identity misuse and sets limitation periods and tolling rules that account for defendants who are absent from the state or lack an ascertainable address.

These statutory definitions reinforce something title professionals already know from experience: fraud is not defined by medium but by intent and effect. A voice message, video call, or carefully worded email can be just as fraudulent as a forged signature on paper. What matters is whether it induces action based on false representations.

Federal Reporting and Awareness Efforts

At the federal level, activity has focused on understanding and reporting on the risks associated with AI technologies. For example, legislation passed in connection with the 2021 星空传媒 Defense Authorization Act (NDAA) the Department of Homeland Security to produce annual reports on digital content forgery technology. 鈥� the core technology behind deepfakes.

For those of you who enjoy reading more technical material, the is available for your enjoyment.  A review of the report makes it clear that the technology and its potential for harm to our industry is complicated.

These federal efforts help catalog the risks and raise awareness across industries, but they do not change state criminal or civil liability in property transactions. Instead, they improve the information environment in which professionals and regulators operate.

What This Means for Title Professionals

When closings are reviewed after fraud occurs, the focus will likely shift to whether steps were taken to verify identity, authority, and intent, and whether those steps were reasonable under the circumstances. This reflects how fraud is often evaluated after the fact: technology may enable new methods of deception, but it does not change the underlying wisdom: Verify, Then Trust before acting.

The Bottom Line

Regulatory and statutory changes are not abstract developments. They reflect how lawmakers and enforcers are applying long-established fraud principles to modern threats.

Deepfakes and AI-enabled impersonation present real risks in real estate transactions. The truth is, when fraud is investigated or litigated, attention will likely shift beyond the technology itself to how the transaction unfolded, including whether identity and authority were meaningfully confirmed before reliance occurred.

For agents who incorporate verification as a routine part of their workflow, 鈥淰erify, Then Trust鈥� functions as a practical risk-management framework. It aligns with the way fraud is examined after the fact and supports defensible decision-making when transactions are questioned. Applied consistently, this approach helps protect the transaction, the parties involved, and the professionals responsible for bringing the deal to completion.

The post How New Fraud and Notarization Laws Affect Real Estate Closings appeared first on 星空传媒 星空传媒 Title Insurance Co..

By Bryan Johnson, IT Director, 星空传媒

Whenever you start a new initiative, few things feel worse than having to guess your return on investment (ROI). Planning, designing and launching a program can be costly, which makes it essential to have key performance indicators (KPIs) in place before you go live. That advice goes double when it comes to AI pilot programs. As an emerging technology, it can be difficult with AI to know what you should even be tracking. We鈥檒l cover both topics in this blog. That way, when you鈥檙e ready to launch your program, you can feel confident that it has been well worth the effort.

Before you define your metrics, define your program

Before you define your metrics, ensure your AI pilot program itself is on solid ground. Begin by running it through the SMART goal test. Is it Strategic, Measurable, Achievable, Relevant and Time-bound? If not, assessing ROI will be tough if not impossible. A strong AI pilot must:  

• Improve a specific workflow
• Address the needs of a specific business unit
• Align with your larger business objectives
• Improve upon a defined baseline
• Have a definite start and end date
• Stand up to measurement and scrutiny

If you can鈥檛 honestly check these boxes, head back to the drawing board. If you can, then you鈥檙e ready to measure what matters and decide if your AI pilot has paid off.  

Quality over quantity

Once you are confident in your program鈥檚 fundamentals, the most important thing is to resist overmeasuring. If you try to track a million metrics, you can quickly lose the plot. A far superior approach is to adopt the old adage of quality over quantity鈥攖hat is, track only what is essential to determine whether your program improved a workflow without adding new risks.

Score your program with a three-prong approach

The best way to do this is to put together a simple scorecard that looks at three things:

1. What were the outcomes?
   These are the top results related to your program鈥檚 goal, which could be if the program:
   1. Improved turnaround times
   1. Increased closed files per person per week
   1. Reduced file reworks or changes

• What were the risks?
  It is just as important to score for drawbacks, as any good title agent knows errors. Examine any of the following if they are relevant to your overarching goal:
  • Did the program increase error rates?
  • How often did issues escalate?
  • How many fixes were needed? 聽
    
    
• What was the adoption rate? 聽
  Finally, look at how widely folks inside your organization adopted the program and its associated AI tools. You don鈥檛 want to skip this step. Even the best AI program in the world will fail long-term if people resist using it. Review:
  • Weekly active users
  • Task completions
  • Edit rates, that is, how often did the AI tool trigger human intervention

Once again, you don鈥檛 need to tackle every one of the sub-bullets I have included here. The point is simply to put your AI program through these three main criteria. Once you do, you鈥檒l have a strong view of whether it is a net positive or net negative for your organization.

Onward to AI success!

In a recent article, ALTA鈥檚 CEO wrote that 鈥渕ore than 90% of title and escrow professionals have adopted generative AI in at least one form.鈥�[i] This is a stunning statistic that suggests where the industry is headed. But adoption alone does not tell us anything particularly useful about the ROI of an AI pilot. Getting a clearer picture of AI鈥檚 value within your agency requires a more holistic view. Pair your AI tool with clear goals and a definite baseline, and deploy a simple scorecard to track outcomes, risks, and adoption rates. That鈥檚 the ticket for separating real business wins from white noise. And once you do that, AI becomes more than a shiny new tool. It turns into a driver of sustained success.

[i]

The post What Makes an AI Pilot Program a Success? appeared first on 星空传媒 星空传媒 Title Insurance Co..

By Bryan Johnson, IT Director, 星空传媒

2026 is finally here, and with the new year comes the opportunity to try something different. And in my view, there is no better goal than launching an AI pilot program if you haven鈥檛 already. As you likely know, AI is quickly reshaping how people work today. To keep pace with your competitors, it is wise to give serious consideration to how you can begin automating your operations. Of course, like so many other things, this is easier said than done. After all, AI is complicated. What workflow to focus on? How to implement it? What are the safety considerations? These are all important questions to address well before you launch your program. In this blog, I will try to address each one so you can launch your pilot program swiftly and without undue worry.

Start with a few questions

AI doesn鈥檛 need to be used everywhere at your agency, but chances are it could be used somewhere. To begin identifying areas for optimization at your agency, ask yourself a few questions about how your team works. Consider the tasks that are 1.) high volume, 2.) include repeatable steps, 3.) are relatively low risk and 4.) are easily measurable.

Some examples of tasks that might meet these criteria are:

• Document intake and review 鈥� AI can help organize and summarize documents, so staff can then review faster. Treat this action as a first pass. A human must still confirm accuracy and make any final decisions.
• Customer communication and service – You can also deploy AI to draft responses to common questions and turn notes into updates, enabling your team to reply more consistently and quickly.
• Commitment and exception support – AI can assist with drafting commitments and exceptions from approved templates and standardized language. Your team, however, must still review and finalize all commitments and exceptions.

This list is not meant to be comprehensive, merely reflective of the type of routine, repeatable and measurable tasks that AI excels at taking on. By using the four criteria I鈥檝e outlined below, you鈥檒l find other workflows that could serve as the basis of your pilot program.

Select and design your use case

Now that you have a few possible business areas where you could apply AI the next step is to choose one and assign a single team to manage it. It is equally important to define in advance how you鈥檒l measure results. But to do that properly means you need to also be crystal clear as to what you鈥檙e trying to achieve. Is it cutting down on back-and-forth emails? Reducing the time it takes to review an order? Whatever you decide, just be sure you do it ahead of time to ensure that your AI program is adding value rather than creating new issues.

Establish your safety guardrails

With your team, goal and metrics established, the next step is to create clear guidelines around what the tool is and is not allowed to do. Remember that your AI program should act as a helper鈥攏ever as a decision maker.

Begin by defining what data goes into the tool. Sensitive customer information should rarely be fed into an AI program unless the program is highly secure and approved for business use. And even then, you should only input what is necessary for the task at hand. It鈥檚 also good practice to sanitize your data in advance of uploading. Consider removing data points like account numbers, names or other personal identifiers entirely.

Put human intelligence at the heart

Don鈥檛 forget to also develop your AI review and approval process, as human intelligence needs to be fully looped into your pilot program. Before launch, define what stage of the process should trigger human review. To be safe, you can likely allow AI to draft, summarize or suggest, but human staff must always verify accuracy, apply critical judgment, consider nuance and make any final calls.

That goes double with any practice that could have an impact on customer coverage, brand trust or regulatory compliance. To make things easier for your agency, consider putting together a 鈥渞eview checklist鈥� that can be applied every time you use AI. Verifying names and dates, cross-checking document accuracy and ensuring all legal requirements are met are all steps that deserve a spot on your checklist.

And as a rule of thumb, your most sensitive workflows should probably not be outsourced to AI, at least not at this current stage.

Define your red lines

As an added precaution, it is wise to define what your red lines are when it comes to AI鈥攅specially given the sensitive nature of title work. This list should go beyond your general data security practices outlined above, and they must be disseminated to your full staff to ensure that everyone is on the same page and to avoid costly, AI-related mistakes.

For instance, it is best practice to never allow AI to:

• Send messages directly to customers,
• Generate final title commitment language, or
• Touch anything related to wire transfers.

These red lines are intended not to create any unnecessary burdens or roadblocks to operational efficiency, but to protect you and your agency from blowback, data leaks and reputational harms.

Take the first step and enjoy the benefits In this still very new year, you are likely already thinking about how you can improve your agency鈥檚 operations and make headway on your business goals. AI can be an ally in this journey, and when thoughtfully applied, can enhance how you work and offer long-term competitive advantage. But as with any emerging technology, you never want to leap before you take a hard look at what you are trying to achieve and how you can accomplish your objectives safely. Launching a pilot program can be enormously helpful in this regard. And by leveraging the operational framework we鈥檝e outlined here, you鈥檒l be ready to maximize AI鈥檚 benefits, minimize potential harm, and create the conditions for lasting success.

The post Your AI Pilot Program Guide appeared first on 星空传媒 星空传媒 Title Insurance Co..

As fraud tactics evolve, so must the way the industry protects consumers and transactions. That鈥檚 why 星空传媒 星空传媒 has launched Verify, Then Trust鈥攁 new initiative designed to raise awareness and reinforce best practices that help stop fraud before it becomes a claim. Agents are urged to Verify, Then Trust on every file, every party, every time.

The Rise of Deepfake Fraud in Real Estate

Deepfake fraud has been making headlines in unexpected ways, and real estate is one of the latest industries to be hit. In the past two years, fraudsters have leveraged AI-powered deepfake technology to pose as property owners, financial executives, and even notary publics. Even experienced agents working with what they think are repeat or loyal customers have suffered devastating losses.

Take, for example, a case from 2023 where a scammer used a deepfake voice to impersonate a real estate attorney in communications with a client. The unsuspecting buyer believed he was speaking with his legitimate attorney and wired a six-figure down payment鈥攕traight into the scammer鈥檚 account.

Another shocking case involved a fraudster using a deepfake video to pose as a property owner looking to sell a luxury home. The scammer managed to fool not only the buyer, but also the title company, leading to the fraudulent sale of a multimillion-dollar estate.

Of course, there was also the fraudulent attempt to force a foreclosure sale of Graceland, Elvis Presley鈥檚 home, which made headlines in 2024. These fraudsters are bold and believe that increasingly large and high-profile targets can yield even bigger payouts.

How to Combat Deepfake Fraud in Real Estate

With deepfake technology becoming more advanced, spotting fraud with the naked eye is harder than ever. But that doesn鈥檛 mean we鈥檙e powerless. Here are some strategies to avoid falling victim:

Double-Verify Identities
Don鈥檛 rely solely on phone calls, video calls, or emails. Always confirm identities through multiple channels鈥攕uch as in-person meetings, official documentation, letters via 鈥渟nail mail,鈥� and voice confirmation through previously established phone numbers. This is even more critical in vacant land transactions or refinances involving free and clear properties.

Use Multi-Factor Authentication (MFA)
When transferring funds or signing critical documents, consider requiring multi-factor authentication (MFA). This adds an extra layer of security beyond visual or voice verification alone. It鈥檚 always important to treat funds with great care鈥攁s if the money were your own鈥攁nd take appropriate steps to protect them. If funds go missing, customers may seek reimbursement from the agent鈥檚 personal account.

Scrutinize Video Calls and Emails
If something feels off鈥攍ike unnatural blinking, delayed audio sync, or robotic speech patterns鈥攂e skeptical. Deepfake videos often have subtle imperfections that can give them away. Ask probing questions a deepfake would not be able to answer accurately. You may even want to establish a special passphrase with customers, provided to them only through a secure portal.

Conduct Due Diligence
If a new client or seller suddenly appears with urgent demands, do your due diligence. Check property records, verify business affiliations, and ensure everything aligns with known facts. As they saying goes: If it appears too good to be true, it probably is. Scammers also like to amp-up the pressure, so do not let a hurried closing or pushy customer cause you to shortcut your verification processes.

Leverage Fraud Detection Tools
Just as AI is being used to create deepfakes, it鈥檚 also being used to detect them. Some AI-driven tools analyze facial movements, voice anomalies, and inconsistencies in digital assets to help identify fraudulent activity. In the real estate space, tools such as CertifID add another layer of confidence to the process. 星空传媒 星空传媒 agents can now use CertifID with discounted pricing to protect deals by verifying identities, managing and ordering payoffs, and securing wire instructions. Verify, then Trust 鈥� every file, every party, every time.

The Bottom Line

Deepfake technology is no longer a futuristic concern鈥攊t鈥檚 here, and it鈥檚 changing the way fraudsters operate. By staying vigilant and implementing multi-layered verification methods, you can ensure that your next property transaction doesn鈥檛 turn into a deepfake disaster. Remember: Verify, Then Trust 鈥� every file, every party, every time.

See 星空传媒 星空传媒鈥檚 recent , which was inspired by a real-life attempt to commit wire fraud using deepfake technology.

The post Deepfake Dangers: How AI Trickery Is Targeting Real Estate Transactions appeared first on 星空传媒 星空传媒 Title Insurance Co..

By: Bryan Johnson, IT Director, 星空传媒

With the new year upon us, it鈥檚 time again for my annual roundup of tech trends to watch in the months ahead. After over 20 years in software development and IT, I can safely say that technology best practices are changing all the time鈥攐ften with blazing speed. It鈥檚 essential for businesses to stay aligned with the latest developments. By following these recommendations, you can do just that and ensure your technology stack fires on all cylinders in 2026.

Make 2026 the year you get AI right

While the constant stream of AI coverage has become overwhelming in the last few years, don鈥檛 tune it out. AI really can have a transformative effect on your business. Many have already recognized its potential, with three in four companies using AI to optimize at least one business function.[i] In 2026, this trend will only accelerate, with more businesses adopting AI agents to:

• Automate production workflows bysearching and summarizing documents, generating emails and tracking deadlines, all of which can accelerate closings.
• Boost security by flagging anomalies, verifying identities and maintaining communication, which enhances trust.
• Support compliance by using AI to check disclosures and maintain audit logs.

If you haven鈥檛 started using AI yet, you don鈥檛 need to be intimidated. To get started, just pick one or two high-volume, low-risk tasks where you can test out a pilot program. Assign a staff member to 鈥渙wn鈥� the program, choose your tool and define your metrics of success. After 30 days, if you like what you see, you can expand the program. If not, simply retool and try something else.

Zero trust = fewer security issues

I鈥檝e talked about zero trust a few times on this blog, but it remains a critical security protocol for agencies to adopt in 2026. For a while now, the cybersecurity field has basically adopted 鈥淢urphy鈥檚 law.鈥� We assume data breaches are a matter of when鈥攏ot if. This framework is smart because it prioritizes protecting identities and data when these inevitable breaches occur.

Agencies would be well advised to align with this security approach, as the data shows, breaches are becoming far more common. Sixty-five percent of organizations were, in fact, hit by a ransomware attack in 2024.[ii] If you are ever unlucky enough to be one of those statistics, you can mitigate the fallout if you have highly stringent security protocols in place, such as:  

• Universal MFA adoption for email, production software, escrow platforms, remote access and cloud tools. Collectively, this reduces the likelihood of a stolen password compromising your entire operation.
• A strong 鈥淶ero Trust鈥� mindset, which assumes every device, user and connection could be compromised, and that users should only be given the minimum access required to do their jobs.
• Thoughtful, cautious third-party controls that treat every IT vendor, platform and integration as a potential attack vector. To safeguard against potential vulnerabilities, agencies should ask vendors for security documentation, avoid shared logins, limit vendor access and make sure incident-response expectations are baked into any contracts.

Once you have security controls like these set up, you鈥檒l be in a strong position to prevent wire fraud and reduce downtime. You鈥檒l also demonstrate to stakeholders that your agency is taking cybersecurity seriously in 2026.

Go 鈥渄igital first鈥� in 2026

Perhaps the most substantive IT change over the past few years in the title industry has been the normalization of all-digital closings. Remote online notarization (RON) usage, for example, has dramatically surged, with one study showing an astounding 40% increase.[iii] Agencies that stay current with these shifting expectations will gain in 2026. Not only is it a great competitive differentiator, but digitizing your operations can also improve your operational efficiency, strengthen compliance and even expand your customer pool.

Just like with AI, digitizing your process doesn鈥檛 need to feel overwhelming. You can begin by tackling just one closing with one customer. Work with your IT team and/or provider to confirm what RON or e-signing tools you have at your disposal and how you can use them compliantly. Then, chart out your process and implement it.

Don鈥檛 forget to compile data on how digitalization impacted your turn times, what pain points you encountered and what feedback you received from your customers. That last part is arguably the most important, as you will need it to iterate for future improvement.

Be open to opportunity

The poet Edith Lovejoy Pierce once wrote, 鈥淲e will open the book. Its pages are blank. We are going to put words on them ourselves. The book is called 鈥極pportunity,鈥� and its first chapter is New Year鈥檚 Day.鈥� I think this is a good way to sum up what I鈥檝e been trying to convey with this blog. We鈥檝e covered just a few of the ways to improve your agency鈥檚 technology stack in 2026, and by extension, how you deliver for customers and grow your business. If you鈥檙e open to experimenting with new technologies and laying the groundwork for more secure systems, you can seize these opportunities as the holidays end and the new year begins. Rest assured, your customers will thank you for it.

[i]

[ii]

[iii]

The post Level Up Your IT Game In 2026 appeared first on 星空传媒 星空传媒 Title Insurance Co..

From AI and analytics systems to cybersecurity and compliance tools, there鈥檚 a lot to appreciate in our current tech landscape.

Like many folks, I always think about what I am thankful for around this time of year. It鈥檚 a long list, ranging from my health and family to my coworkers and the many agents we serve across the country. One other thing I deeply appreciate is the many tech innovations that have made it easier for us to pursue our industry鈥檚 priorities while also staying safe online. In honor of the approaching holidays, I thought I would share some of my favorite tech tools and applications that are helping agencies complete their essential work.

Cybersecurity advances

If you are a regular reader of mine, then you know I during October鈥檚 annual Cybersecurity Awareness Month. The subject is so important to those in title, however, that it merits mention here as well. There are several recent advances that deserve attention. AI-powered security tools are making it simpler to detect tampered deeds, altered IDs and forged income or asset documents. Secure portals, multi-factor authentication and powerful wire verification methods are also lowering risk. None of this replaces rock-solid procedures and training, of course. But thanks to technology, title professionals can spend more time serving customers and a little less time worrying about bad actors targeting their transactions.

AI applications

Although AI undoubtedly complicates the IT and security landscapes on one hand, it is also giving agencies important tools to streamline operations and protect critical systems and data. Whether you want to automate routine tasks or flag and respond to security incidents in real time, AI is quickly becoming indispensable in our field. I鈥檓 super grateful for how these emerging technologies are lightening the heavy loads of many of my peers and empowering agencies to focus more on service and relationship building.

Compliance technology

Similarly helpful are the advances we are seeing in compliance and RegTech. I don鈥檛 have to tell you that our industry carries some complex reporting and compliance requirements. FinCEN Geographic Targeting Orders. BOI-related workflows. TRID disclosures. Privacy laws. Simply put, there is a lot to keep in mind when trying to operate a compliant and successful agency. Yet technology innovation is gradually cutting the time and effort involved in satisfying these obligations. There are tools available now for automatically collecting required data during intake and pre-closing, before generating and storing compliant reporting. With the right tech tools, it has also become easier to run OFAC/sanctions checks and flag issues in real time. All in all, these technologies are streamlining workflows and eliminating clunky manual processes that slow transactions and stymie profitability.

CRMs

In addition to improving agency efficiency and security, technology is also making it far simpler to promote your business and engage with customers. Customer relationship management software (CRMs) is one such example. CRMs provide greater visibility into where your business comes from and offer features geared toward nurturing long-term customer relationships. With a solid CRM in place, you can integrate it with your title production system, automatically log files and initiate status updates. These systems reduce missed opportunities, create organized customer pipelines and unify the work of different departments by providing a single source of truth.

RON and eClosings

Even before the pandemic, customer expectations across industries had been moving decidedly in a digital-first direction. Our industry has slowly adapted to meet this evolving trend, with states across the country gradually moving to allow for remote online notarizations and eClosings. Customers and agencies alike have benefited from this cultural and legislative shift. With RON technology, stakeholders can sign documents via secure audio-video sessions, complete with credential checks. Agencies gain better and more auditable notary logs as a result and reduce the risk of fraud with high quality identity verification technology.

Thanks to technology and title agents like you

Title insurance can be challenging field, which is why I鈥檓 thankful for the technology advances on this list. Because of these innovations, it has become far easier for agencies to pursue their business goals and do more with less. Of course, technology is only as useful when implemented. So, I must also extend my gratitude to all the agencies investing in their operations and creating better and more secure experiences. Through your efforts, our industry is far better off, as are the customers and communities who rely on us.

The post The Tech Tools I Am Most Thankful For appeared first on 星空传媒 星空传媒 Title Insurance Co..

By Bryan Johnson, IT Director, 星空传媒

It鈥檚 that time of year again. Another summer has come and gone. The days are getting shorter. And soon, we will all be caught up in the hustle and bustle of the holiday season. That鈥檚 why it鈥檚 important to embrace Cybersecurity Awareness Month while we still can. For 20 years each October, Cybersecurity Awareness Month has served as an important moment for businesses to stop and assess their current cybersecurity setup. Follow along to see how you can use this moment to reduce your risk exposure. That way, you and your business can be on a better footing as we approach the new year. 

Building a cyber strong America

One of the best ways you can become more cyber secure this October is by checking out the U.S. government鈥檚 Cybersecurity and Infrastructure Security Agency (CISA). Each year during Cybersecurity Awareness Month, This year鈥檚 topic is 鈥淏uilding a cyber strong America.鈥� Although geared specifically toward businesses that deal with 鈥渃ritical infrastructure鈥� like telecommunications, energy, and transportation, the campaign is packed with helpful safety tips that are relevant for the title industry as well.

Don鈥檛 get phished

One of the first tips mentioned in CISA鈥檚 campaign is to avoid phishing. Data suggests that phishing email activity has grown by nearly 18% in 2025, with insurance being one of the primary industries targeted by scammers. Phishing attacks aren鈥檛 just growing in quantity. Their cost is similarly skyrocketing, coming in at the hefty average sum of $4.88 million. The silver lining to this gloomy picture is that there are tried and true methods for mitigating such risk. Given that 90% of attacks involve human error, educating your staff on the perils of phishing can go a long way toward keeping your business safe. 

Require MFA and strong passwords

It may seem simple, but one of the best ways to protect your organization still comes down to strong passwords. The CISA campaign rightfully points out that password best practices should always include multi-factor authentication as well. Other essential steps to follow include using long phrases, with the minimum being between 12-16 characters. No matter how annoying it is to remember multiple passwords, you should never reuse a password across sites. One breach could set off a chain reaction that leaves your entire system compromised.

In 2025, it鈥檚 also wise for title agencies to ditch password recovery questions altogether. Fraudsters have gotten really good at guessing common questions like 鈥淲hat is your mother鈥檚 maiden name?鈥� Such information is often readily available online.

You must also secure the password reset process. Use an authenticator or passkey instead of text messages. Also, add a dedicated recovery email and create backup codes to store in your password manager. Attackers, you see, often target resets, so protecting that path is just as important as the password itself.

Additional precautions

Once you鈥檝e mastered the basics, CISA outlines additional safeguards you can deploy to strengthen your cybersecurity position, such as:

• Encryption: For many industries, but particularly for data heavy fields like title insurance, encryption technologies are an essential tool for protecting customers and transactions. Ensure you have encryption deployed across your organization, and check out our piece on client-side encryption to learn how it can further reinforce your security.
  
  
• Data backups: A cornerstone of robust cybersecurity isefficient and consistent data backups, specifically the 3-2-1 backup rule. This data protection strategy recommends keeping three copies of your data: one original and two backups. These backups should be stored on two different types of media, with one copy kept offsite or in the cloud to protect against local disasters. Malware scanning and immutability should also be employed to reinforce your overall strategy.

All of this ensures you can minimize your organization鈥檚 downtime, prevent data loss and maintain customer trust. Thankfully, it has become easier than ever to automate your backups, which is great for peace of mind.

• System monitoring: To effectively monitor your systems, it is best practice to deploy a multi-level approach involving robust threat intelligence, detection and incident response. Putting up multiple layers of defense ensures that even today鈥檚 most insidious attackers will face an uphill battle to breach your systems.

Take action now for a cyber strong agency

By the time you read this, you will probably already be putting plans in place for your holiday season. Maybe those involve shopping or cooking. Maybe they involve booking a flight or two. But as important as those plans are, the cybersecurity of your agency is equally pertinent. Act now by following the advice detailed on CISA鈥檚 website and on this very blog. Then you can put your feet up during the holidays and congratulate yourself on a job well done.

The post Seize Upon Cybersecurity Awareness Month This October appeared first on 星空传媒 星空传媒 Title Insurance Co..