An independent cybersecurity review across many of Pennsylvania’s largest title companies reveals a wide range of results. With buyers wiring six-figure sums at closing, weak email authentication is a direct path to business email compromise (BEC) and wire fraud.
Using data from audit.emailmenow.com, we evaluated each company’s domain across SPF, DKIM, DMARC, transport security (MTA-STS/TLS), and website security headers.
Cybersecurity Scores of Major Pennsylvania Title Companies
Overall compliance scores from audit.emailmenow.com. Re-run any domain at the link to verify.
| Rank | Company | Domain | Overall Score | Performance Level |
|---|---|---|---|---|
| 1 | Fidelity National Financial | fnf.com | 84% | Strong |
| 2 | Stewart Title | stewart.com | 70% | Strong |
| 3 | First American Title | firstam.com | 60% | Above Average |
| 3 | Old Republic Title | oldrepublictitle.com | 60% | Above Average |
| 5 | Penn Land Transfer | pennlandtransfer.com | 44% | Weak |
| 6 | Conestoga Title | conestogatitle.com | 38% | Weakest |
What the Results Reveal
- The national underwriters operating in Pennsylvania top the list — Fidelity National Financial at 84%, Stewart at 70% — while the regional Pennsylvania agencies trail badly: Penn Land Transfer (44%) and Conestoga Title (38%).
- That gap matters: the local agencies that handle most Pennsylvania closings are the weakest performers, exactly where wire-fraud risk concentrates.
- Without an enforced DMARC policy, criminals can send “updated wiring instructions” that look exactly like the title company — and the buyer wires funds to a fraudulent account.
Why This Matters for Title Companies
Wire-transfer fraud almost always starts with a spoofed or look-alike email. The FTC Safeguards Rule applies, and an enforced DMARC policy is the single highest-impact fix for this sector.
Check any company’s posture at audit.emailmenow.com/?industry=title-companies.
See also — national audit
Recommendations
- Enforce DMARC (
p=reject), strict SPF (-all), and DKIM signing. - Add MTA-STS and website security headers.
- Adopt verified call-back procedures for any change to wiring instructions, and train every closer.
Stop wire fraud before it starts. Run a free Instant Cybersecurity Audit at audit.emailmenow.com/?industry=title-companies.
Contact EmailMeNow IT Consulting for help with securing your closing communications.
Source & methodology: Overall compliance scores from the free scan at audit.emailmenow.com — each domain checked for email authentication (SPF, DKIM, DMARC), transport security (MTA-STS/TLS), website security headers, and network security. Re-run any domain at the link to verify.