Real Estate Professionals are Increasing Targeted by Hackers
Real estate related cyber-crime is increased, according to cyber security experts. In many geographic markets, real estate inventory is slim, so purchasers want to move quickly so they don’t lose the deal. Buyer stress is frequently high. With prices high, large dollars are being moved among real estate transaction accounts. This is all leading to great opportunities for cyber criminals to try to steal money and confidential data.
The FBI has seen a significant increase of criminal use of email account compromise (EAC) tactics in the real estate settlement sector. Hackers are targeting all categories of participants in real estate transactions, such as builders, real estate attorneys, real estate agents and brokers, title companies, and buyers.
How EAC works
The hacker gains access to a real estate professional and/or buyer’s email account, through computer intrusion or by social engineering. The intrusion often occurs when a targeted professional opens a spam email which allows the hacker to plant malware in the computer system. The hacker can then later monitor email activity and ultimately fraudulently impersonate the professional and send bogus instructions to the buyer.
The buyer, in this scenario, won’t easily know that the email activity might be fraudulent. The savvy hacker monitors the hacked email account activity to learn the communications patterns and identified frequent email recipients’ contact information. The hacker copies the professional’s email style and behavior when sending fraudulent communications under the professional’s name.
The hacker sends last minute instructions to the buyer on where to send money. Funds that are intercepted are being rerouted to an expanded number of countries, including India, Turkey, South America, Mexico and China.
What you can do
If you are buying property:
· Talk with your agent/broker about what cybersecurity safeguards they use. Establish a way to verify key decisions such as how to handle last minute change in funds required or additional confidential documents.
· Don’t allow the others working with you on the transaction to rush you; take the time to be thoughtful and make sure actions and last minute changes make business sense. Ask questions if you are unclear on any request.
· Only use secure email account addresses with the agent and other parties; don’t send confidential information to a free, personal email account. Remember you are dealing with a large dollar financial and legal transaction.
· Verify and double check you truly know who you are communicating with, whether by email or phone.
If you are a real estate industry professional:
· Check out the California Realtors Association site for helpful tools. They have a great short PowerPoint document “Cyber Crime in the Real Estate Industry. They also have a brochure on cyber-crime plus a wire fraud advisory form for clients.
· Discuss cyber-crime risks with your clients.
· Talk with your insurance agent about cyber insurance options.
· Read the Public Service Announcement issued by the FBI regarding email account compromises and protection steps you can take.
· Use cyber safe measures in all your communications and transactions. Talk with a cyber security specialist if you have questions about what is safe or not.
About the Author - Carolyn Schrader is a seasoned cybersecurity professional and founder of the Cyber Security Group Inc., providing corporate cybersecurity services to high profile clients.