Sophisticated Email Scams Targeting the Real Estate Industry
A sophisticated (and effective) wire-fraud scam targeting real estate (and other) transactions is on the rise, and mostly occurring in the United States.
Here’s a Wire Fraud Alert from Chicago Title explaining how the scam works.
The National Association of Realtors suggests following this guidance to avoid becoming a victim:
1. Immediately contact all parties to all of your upcoming transactions and inform them of the possibility of this fraud. Attorneys, escrow agents, buyers, sellers, real estate agents, and title agents have all been targeted in these scams. You can also download and distribute NAR’s online fraud prevention handout, accessible here.
2. If possible, do not send sensitive information via email. If you must use email to send sensitive information, use encrypted email.
3. Immediately prior to wiring any money, the person sending the money must call the intended recipient to verify the wiring instructions. Only use a verified telephone number to make this call.
4. Do not trust contact information in unverified emails. The hackers will recreate legitimate-looking signature blocks with their own telephone number. In addition, fraudsters will include links to fake websites to further convince victims of their legitimacy.
5. Never click on any links in an unverified email. In addition to leading you to fake websites, these links can contain viruses and other malicious spyware that can make your computer – and your transactions – vulnerable to attack.
6. Never conduct business over unsecured wifi.
7. Trust your instincts. Tell clients that if an e-mail or a telephone call ever seems suspicious or “off,” that they should refrain from taking any action until the communication has been independently verified as legitimate.
8. Clean out your e-mail account on a regular basis. Your e-mails may establish patterns in your business practice over time that hackers can use against you. In addition, a longstanding backlog of e-mails may contain sensitive information from months or years past. You can always save important e-mails in a secure location on your internal system or hard drive.
9. Change your usernames and passwords on a regular basis, and make sure your employees and licensees do the same.
10. Never use usernames or passwords that are easy to guess. Never, ever use the password “password.”
11. Make sure to implement the most up-to-date firewall and anti-virus technologies in your business.