How Hackers Target Real Estate Transactions
Hackers have found far too many ways to wreak havoc on financial transactions in general, and more specifically in real estate transactions. Understanding what vulnerabilities these cybercriminals are exploiting to gain access to confidential information and to trick homebuyers into sending them large sums of money is the first step in protecting your clients from getting scammed.
The National Association of Realtors (NAR) issued an alert to its membership in 2015 to bring some highly successful scams, in an effort to raise awareness of vulnerabilities many didn’t know existed.
- Unsecured Email Communications – Using unsecured, unencrypted email to send any type of confidential information is taking a big risk. And though most business people know this, many of your clients may not. Be sure your clients know not to send you personal or financial information or any type of transaction documents through a “regular” email account. Providing a verified-access security shell provides much stronger protection for you, your clients, and the other parties in your transactions.
- Wire Fraud – Wire fraud scammers have had to get a bit more sophisticated, overall, in order to succeed, and yet many people still get scammed this way. There are many variants, but most center on scammers obtaining enough details about the transaction to write an email or make a phone call in which they generate a sense of urgency for the buyer to wire money to an “alternate” account from the legitimate escrow account. Let your clients know that no legitimate party in their transaction will make such a demand. Further, instruct all parties not to wire money without contacting the recipient by phone at their verified number immediately before making the transfer.
- Password Problems – Security experts nag and nag about the importance of changing our passwords frequently, and yet many of us still don’t. Even more of us use the same password for many different accounts, so if someone managed to get that password, they gain access to far too much of our private information. Ensure that everyone who accesses your system is required to change their password at least once a month. It’s also critical to deactivate access immediately for any terminated employees, and to require that your partner companies notify you immediately when one of their employees who had access to your system leaves.
- Phishing & Malware – We’re all aware that scammers are continually trying to access our private data by sending out fake emails and attachments with malware in them. Surprisingly, though, a MacAfee quiz among 19,000 members of the general public showed that only three percent of the respondents correctly identified all ten of the examples as either legitimate or scam emails, and overall, 80 percent of the respondents identified at least one phishing email as legitimate. Even in a work environment where people are trained not to open suspicious emails, a Verizon study found that 18 percent of users at work would risk compromising network security by clicking on a link included in a phishing email.
Closing The Cracks To Protect Your Clients
Most of the time, hackers gain access through the unwitting cooperation of someone who is directly involved with a real estate transaction. Train your staff members, educate your clients, and transact your business through a verified-access system that prevents people from accidentally giving access to scammers by eliminating opportunities to circumvent your security protocols. Legitimate parties to each transaction get access to the secured space in which their transaction is conducted, and no other space, and those parties can only gain entry by using verified credentials and devices. Tighter security for your transactions adds value for your clients and partners, and increases confidence in your firm’s conscientious approach to business.