Phishing scams and internet fraud is nothing new. We’ve probably all seen the reports on the news about the more vulnerable members of our society being duped out of their hard earned money by international gangsters who have used the old lottery win line or have catfished poor lonely people only to get them to transfer away their life savings.
But, what you might not have realised is how clever these thieves are becoming, how this can turn into Real Estate Fraud and how you need to be aware on how to protect yourself.
One of our related offices recently avoided a significant financial loss due to a simple email fraud set up. How did it work?
1. the sales agent received a genuine looking inquiry on one of the properties he was selling that had a pdf file to some offer documents.
2. Sales agent opened the documents thinking nothing of it, and noticed nothing at the time when the document failed to work, contacted the owner of the email to resend but never got a response, not realizing the hacker was already in.
3. The hacker had gained access to the computer and the sales agents emails. Going through them, they found the information of a recent sale and proceeded to email the purchaser to change the bank details for the transfer of the remaining house deposit.
The sales agent, following strict office procedure, had contacted the purchaser as a matter of course to confirm the deposit prior to it being due and it was through this action, that the transfer to the hackers account was avoided! But had the sales agent not been providing the high contact service to the purchaser (As some do once the property is sold and contract unconditional), then the purchaser would have transferred the funds and they would have been lost!
Working in the world of property management, this is a little less common on our side of the real estate game but it’s not unheard of. There have been cases in the industry where owner’s emails have been hacked (like your home hotmail account) and emails have been sent to real estate agents requesting bank account changes for the rent to be paid into. That one is easily preventable by ensuring that such requests are double checked by direct contact with owners, but it just goes to show that you have to be careful at home as well as in business.
Ways to prevent potential fraud (direct from one of our awesome IT Boffins in the Eview group);
- Never open an email that is not authentic and if you do or are told it was infected and you opened it, immediately change all your security passwords from another clean device.
Use a reputable paid anti-virus solution to protect your system (Norton, Bitdefender, Kaspersky…). After all it is the lifeline of your business and you should not compromise on security.
Use a dedicated paid malware solution. I personal use Malwarebytes and find it to be the most successful in protecting against malware and cryptolocker
Backup! Backup! Backup!. The Cryptolocker attack will damage your cloud backup so it is importantr that you use a removable device to backup your most important data. Eg. USB flash drive or USB external Hard Disk drive. Not just one drive use multiple devices just in case it gets damaged or attacked if you leave it plugged in your computer during an attack. Don’t rely on cloud backup.
Remember you can have the best security in place, all the right backup procedures but the biggest risk of security is yourself, the user. Most attacks are because a user clicked on the wrong link, email, or went to a dodgy web site. So be vigilant and notify your IT support staff (or if it’s your personal email, contact a reputable it consultant in your area – if you need one, let me know and I can try to help) ASAP if you have clicked on something you shouldn’t have.