Email Fraud Alert
The topic of wire fraud has been in the news over the years, and it’s again been on the minds of real estate professionals.
From this alert in January to this story just last week, real estate professionals and their clients are being targeted by fraudsters. Some are losing tens, if not hundreds, of thousands of dollars in the process.
This week, our team was hit by email fraud. Emails have been “spoofed” – a practice where the email is from a totally unknown address, but with the name of a team member associated with it. The content of the email is requesting money, or that a bill be paid. The bill is, of course, fake. If money were sent to cover this “bill,” it would disappear into a hacker’s account and be lost forever.
The most frustrating thing about this “spoofing” is that there’s virtually nothing a person – or company – can do to prevent it. Here, no hacking has taken place. No information has been compromised. It’s simply that a name was taken, probably from our public website, and used to create fake emails. It’s as easy as picking up the phone and pretending to be someone else.
“If you ever receive an email asking for money claiming to be from your realtor, title company, mortgage company, or anyone else involved in your home transaction, call and verify.”
Though our recent experience hasn’t resulted in damages, it’s a good time for us to review security and safety procedures. The National Association of Realtors issued a warning in December 2015 about wire fraud. In it, there were several outstanding tips for avoiding becoming a victim of potentially-devastating fraud. We’re sharing some of these tips below.
- Immediately prior to wiring any money, the person sending the money must call the intended recipient to verify the wiring instructions. Only use a verified telephone number to make this call.
- Do not trust contact information in unverified emails. The hackers will recreate legitimate-looking signature blocks with their own telephone number. In addition, fraudsters will include links to fake websites to further convince victims of their legitimacy.
- Never click on any links in an unverified email. In addition to leading you to fake websites, these links can contain viruses and other malicious spyware that can make your computer – and your transactions – vulnerable to attack.
- Never conduct business over unsecured wifi.
- Trust your instincts. If an e-mail or a telephone call ever seems suspicious or “off,” you should refrain from taking any action until the communication has been independently verified as legitimate.
- Clean out your e-mail account on a regular basis. Your e-mails may establish patterns in your business practice over time that hackers can use against you. In addition, a longstanding backlog of e-mails may contain sensitive information from months or years past. You can always save important e-mails in a secure location on your internal system or hard drive.
- Never use usernames or passwords that are easy to guess. Never, ever use the password “password.”
If you ever receive an email asking for money claiming to be from your realtor, title company, mortgage company, or anyone else involved in your home transaction, call and verify. Don’t call a phone number included in the email itself, because it may be falsified. Call the phone numbers you’ve been using all along. Don’t use wire transfer to make changes or additional payments. Perform your transactions in person whenever possible.
When we’re caught up in the buying and selling process, it’s easy to be caught up in things and respond reflexively to things that feel like emergencies. When in doubt, take a deep breath and contact your real estate professional. We’re here to help!