Consider the situation: Your clients are purchasing their dream home. As you are helping them prepare for the closing, they inform you that they’ve already wired the closing costs/down payment per the instructions you sent them via email. Your clients have been scammed and it’s likely because of malicious software that is on your computer because of a phishing scam.
Cybercriminals are targeting and attacking real estate professionals because of the amount of personal and confidential information that is stored and exchanged on their personal devices.
There are some simple steps that everyone in the real estate industry can take to prevent being a victim of these scams – educating your clients, using only secure access to email and devices (NO free wi-fi!), use secure cloud-based solutions – never send as personal information as an attachment or stored on devices, and avoid phishing attacks – do not click on anything suspicious.
The last step – avoid phishing attacks – may not be as easy as it seems.
Here are the top ways that cybercriminals have been attacking the real estate industry, and how to avoid them:
- Wire Fraud
Hackers will attempt to steal personal information from either the real estate agent, closing officer, or the clients. Avoid human error at all cost by being anticipatory and preventative and remain diligent always. Verify email addresses, do not share information such as wire instructions via email, pay attention to phone numbers and be focused on grammar. - Email Phishing Scams
Phishing is the attempt to obtain sensitive information such as usernames, passwords, and credit card details through spoofed emails that include links to fraudulent websites. These websites can download malicious software that will steal confidential information from your computer or mobile device. Be vigilant and always double check the spelling of popular website addresses and most importantly don’t give away personal information if you are unsure about the validity of the website. - Texting Scam
While this may not be a direct attack, this is an attempt of a hacker trying to gather personal information to prepare for a spear phishing attack, which is a more targeted phishing attack. Clicking on a link from a text scam could also download malicious software on your device. Prepare to be just as vigilant when viewing texts as when checking emails. Don’t click on links from an unverified source, don’t provide any personal information to an unverified individual. - Social Media Scam
Promoting your real estate business on social media seems like an efficient way to generate new clients. Unfortunately, hackers are using social media to target real estate professionals. This can be in the form of someone contacting you supposedly from your company to assist you with your social media efforts over the phone. This is an attempt to gain access to your computer and install malicious software. Be aware and don’t willingly grant anyone access to your computer unless they are a verified source.
The bottom line is awareness, education, and ongoing training. Consider Managed Security Awareness from Cybriant. We’ll educate and test your employees and agents on an ongoing basis. We’ll schedule simulated phishing attacks on your employees and provide reports to management of the most ‘phish-prone’ employees. Based on those reports, we’ll provide the world’s largest library of cybersecurity training including interactive modules, videos, games, posters, and newsletters.
Prevent attackers by securing your human firewall.