For title, escrow & high-stakes B2B payments
One forwarded email could wire your next six-figure payment to a scammer.
QATCH reads the thread and catches it.
Forward the wire-request email. Our AI reads the entire thread, checks every participant, and replies in seconds with a verdict you can act on. No new tools to log into. No checklist to remember.
17 title companies in the waitlist. Reinsurance partner secured. Pilot Q3 2026.
Wire fraud is now the #1 way title companies die.
- →FBI IC3 reported $446M in real-estate wire fraud losses in 2024.
- →1 in 4 title companies hit by attempted BEC in the last 12 months.
- →Average loss per incident: $112,000.
- →67% of small title companiesdon't carry adequate cyber insurance to cover it.
- →Scammers now use AI voice clonesof your buyer's lender to confirm fake bank details.
You don't need a better checklist. You need a better wire.
How QATCH works
Two ways to use us. Most customers add us to the conversation from the start; forwarding works too when something just feels off.
1
Loop us in
Add your QATCH address — your-org@inbound.qatch.ai — to the To: or CC: of the wire-request thread from the first message. We sit silently in the background and only speak up when we see something worth flagging. Already past that point? Forwarding a single email works too.
2
We read the thread
Our proprietary multi-signal engine analyzes the full conversation — participants, language patterns, vendor identity, instruction changes, and the broader history with this recipient. Every check returns a verdict in seconds.
3
You wire (or don't)
Cleared verdicts arrive in under 10 seconds — wire from your own bank with confidence. Risky ones land in /review where your team finishes the call, or you tap a QATCH expert callback. Blocked verdicts mean don't wire, period.
What we catch
The BEC playbook. All of it.
Our multi-signal engine is proprietary by design — we don't publish the specific tests so fraudsters can't reverse-engineer evasion. What we will tell you is the categories of attack we flag. Your verifiers see the full reasoning in-product.
Vendor impersonation
A near-clone domain joins a legitimate thread and quietly introduces new wire instructions. Classic typo-squat BEC — usually invisible to single-address verification tools.
Mid-thread instruction changes
Account numbers, routing details, or bank names that change partway through an existing email chain. The single biggest tell of a hijacked conversation.
Cold beneficiaries
Recipients with no history with your business — or known recipients showing up with unexpected new payment details.
Throwaway domains
Senders operating from domains that were registered last week, have no mail infrastructure, or serve parked pages. Real vendors don’t.
Invoice / wire mismatch
Wire instructions that don’t fully match the invoice across vendor name, amount, account, and routing. Even small mismatches are flagged.
BEC linguistic patterns
Urgency language, ‘do not call to confirm’, last-minute changes, AI voice-clone setup phrases — the behavioral fingerprint of social-engineering attacks.
We also independently verify the named recipient's identity against their stated bank account. Methodology kept proprietary.
Adaptive trust
Approve a sender once. We catch their imposters from then on.
When a verifier approves a wire that came from a forwarded email, we add that sender's domain to the beneficiary's allowlist. Future wires from the same domain clear faster. Any visual lookalike of an allowed domain — the classic BEC vendor-impersonation trick — is blocked outright, with the original spelling shown beside the fake.
Admins audit, add, or revoke trusted sender domains per beneficiary at any time. Every change is logged for examiners.
Acme Title · Stewart Vendor Inc · Trusted senders
12 wires · last used 3d ago
4 wires · last used 19d ago
lookalike of stewart-vendor.com
Already using CertifID?
Keep it. We catch what recipient-side verification can't see.
CertifID verifies the recipient at the point of sale — useful, but it can't see what happened inside the email thread before that. If a typo-squat domain joined mid-conversation and introduced new bank details, CertifID will still clear the recipient who happens to be the fraudster. QATCH reads the thread. The two layers are complementary; we're fine being your second line.
CertifID
Recipient-side identity check
Confirms the wire recipient's identity via KBA. Good against account-takeover at the recipient's bank. Doesn't see the email conversation that produced the wire instructions.
QATCH
Email-thread context check
Reads the whole forwarded thread. Catches typo-squat domains, mid-thread instruction changes, urgency language, and beneficiary-history anomalies. Fires before the recipient is even prompted.
Most of our pilots run QATCH alongside their existing CertifID subscription. We are not a replacement — we are the part of the defense that wasn't there.
Phase 2 — coming Q3 2026
Approved-wire insurance + escrow execution.
Today, QATCH gives you the verdict; you wire from your own bank. Phase 2 adds escrow execution and an approved-fraud guarantee. Below is what we're building toward — design partners ride along when it ships.
$2M per transaction
Approved-fraud guarantee up to $2,000,000 per verified transaction routed through QATCH escrow.
30-day payout
No subrogation fights. No carrier delays. Direct payout to your account within 30 days of confirmed loss.
No social-engineering exclusion
Covers BEC, vendor impersonation, AI voice-clone scams — the exact attacks your cyber policy excludes.
Phase 2 features are subject to regulatory approvals (state money-transmitter licensing, reinsurance partner agreements). Timelines are forward-looking targets, not commitments.
Waitlist
Not ready to commit? Get in line.
Drop your email and we'll notify you when general availability opens. No forms, no calls. Want faster access? Apply for the design-partner program instead — 14 days free, with expert callbacks included.
Apply for design partner
17 of 20 slots reserved. Pilot closes June 30, 2026. 14 days free with expert callbacks included. 30-minute onboarding. Help us build the wire-fraud platform you actually need.