At any informal gathering of real estate professionals these days the discussion often turns to the same topic: cyber scams. Home sales are a lucrative target for fraudsters because large sums of money are involved and the financial transfers are not done in person. So it is well worth your time to protect your company in advance. Here are four tips for doing that.First, keep yourself informed about the latest scams out there. For example, hackers often pretend to be sellers, real estate agents, attorneys, and closers. Their goal is to divert money—like buyers’ deposits, closing funds, sellers’ proceeds, and agent commissions—into their off-shore accounts from which your money will never return. Scammers’ weapon of choice is usually some form of social engineering or computer intrusion. Through a phishing email or otherwise, they gain access to, for example, an agent’s emails and watch the flow. They learn when a transaction will close and then they pounce—by impersonating one of the parties to the sale or escrow.

Second, educate your employees, vendors, and other partners about the situation. Establish protocols with them about changes to wire transfers and agreed means of verifying changes. Requiring that changes be verified by phone can be effective, but only if you rely on an existing number and not one contained in a new email. Two-step encryption for you and the businesses you work with is also an effective tool. Unfortunately, that protection is not available through free email accounts, like with Yahoo or Google. So your money would be wisely spent by paying to have all your agents and employees registered to your own email domain run by a reputable company.

Third, when responding to emails, don’t use the reply button. Hackers know that people do that because it is easy. The problem is that hackers frequently use email addresses that appear very similar to ones you are familiar with, like sally.smith@realestate.com versus sally.smith@rea1estate.com, where the lower-case “L” in the first is swapped with a number one (1) in the second. Even the most vigilant among us will have a hard time noticing changes like that. Your replying to a fraudulent email is what the hacker wants. But if you use the forwarding button instead, and then type in the email you are actually familiar with, you will reduce the chances of corresponding with an imposter.

Fourth, invest in an intrusion detection system that flags suspicious emails. Those applications alert users to subtle variations that can indicate fraud, like emails from home-sales.com instead of from home_sales.com.

If, despite your efforts, you fall victim to a cyber scam, you must act fast to control the damage. Contact your bank immediately, tell them about the situation, and ask that they contact the institution to which the money was sent. If you are quick enough (within a day or two), your bank might be able to claw back the money and save you from financial disaster.

TweetLikeLinkedIn
Photo of Derek Diaz Derek Diaz

Derek E. Diaz, partner and co-chair of Hahn Loeser’s Appellate Group, is a trial lawyer with a national practice. His work focuses mainly on litigation in federal courts, including class actions, appeals, and bankruptcy disputes. He represents clients at all stages of litigation, from pre-suit planning through advocacy at the highest levels of appellate review. Read more