Phishing and cyberfraud are prevalent more than ever before. We all know a friend, family member, or colleague who’s had their email hacked, a debit card compromised, and a virus on his/her computer. But if you ask a few people, most would say that they feel at most risk at home while using their personal email and computers. Most would probably say they feel safer at work or while using work-provided laptops. They may believe their company has the latest in anti-virus software and an excellent spam filter, so what could possibly happen?
Most don’t know that today’s digital age has given birth to some of the smartest scammers out there. These scammers have started targeting the real estate industry in particular, being very clever with their tactics. In this blog, we present a few common scenarios we’ve read about and discuss ways to help prevent phishing scams and cyberfraud.
Common REALTOR® Phishing Scenarios
Scenario 1: A hacker breaks into a real estate professional’s email account to obtain information about upcoming transactions. After monitoring the account to determine the likely timing of a close, the hacker will send an email to the buyer, posing either as the title company representative or as the licensee. The fraudulent email will contain new wiring instructions or routing information, and will request that the buyer send transaction-related funds accordingly. Unfortunately, some buyers have fallen for this scheme, and have lost money.
Scenario 2: A REALTOR® receives an email. The sender states he/she is a referral from a past client and that he/she is a first-time homebuyer. The person asks the REALTOR® for help in finding a home, and as proof, he/she attaches a pre-approval letter. The attachment is actually a virus, and unbeknownst to the REALTOR®, the REALTOR® opens the attachment.
Scenario 3 - An agent was corresponding with a prospective buyer via email after they inquired about a particular listing. The property was under contract, so the agent sent the buyer some other properties in the area that were similar. What followed was an email from the buyer saying that they were away on vacation, but they included a link to “…view the pictures of the kind of property I am interested in.” The agent clicked on the link and was taken to a blank webpage. The agent tried the link again and again the page was empty. That night, the agent received a text from a client asking why he had sent her property listings outside the area she had requested. The agent never sent that email.
Scenario 4: An agent receives an email from a client who is forwarding along a signed contract. The email appears to look like it’s coming from DocuSign, a well-known digital document service. The agent clicks on the link to open the document and it’s a virus.
Best Ways to Prevent Phishing Scams
Here are a few to help you avoid falling victim to scammers:
Click with caution.
Be wary of links and attachments in email if you suspect it’s not from a trusted source. Here are some signs that you’re being scammed.
- The sender does not address you by name.
- The sender does not say who exactly has referred them to you.
- The sender’s email domain is strange, and cannot be found by an online search.
- A reply to the email just bounces back as undelivered.
Make sure your Firewall is on!
More than likely if you working at a larger brokerage, you won’t need to worry about the firewall. If you’re on a personal computer or at a smaller firm, double check that you’re computer or other device’s firewall is on to prevent hackers from spreading viruses and malware. The firewall is the first line of defense.
Keep your password in check.
You might have started seeing secure mobile sites asking for passwords that meet 3-4 criteria in order to setup a login or profile. The days of having an easy password are over. The most secure passwords are 8-10 characters long, with uppercase and lowercase letters, numbers, and special characters. And be sure to change out passwords periodically.
Regularly backup files.
In the event of a virus consuming your computer, you don’t want lose your all of your files. Backup your files periodically on the cloud or on an external hard drive. You’ll save yourself some heartache should the unfortunate occur.
Run software updates.
Hackers often exploit weaknesses in software to obtain access to your computer or personal device. Software updates will help patch those weaknesses, so it’s vital not to ignore those notifications.
For a full list of internet best practices to avoid phishing, visit The National Association of REALTORS® website.