Tag Archives: Cyber Crimes

Compliance, Resources

Don’t Get Bit – Prevent Online Vampires from Sucking the Life from Your Meetings

cartoon comic vampire

One side effect of the COVID crisis has been an increase in the use of online based video chat services like Zoom. Unfortunately, this also has created a new type of online cyber-criminal… the ZOOMPIRE!

This “vampire” isn’t after your blood but, instead, specializes in sending fake zoom meetings to users to steal their personal data with specialized links used to fool the person into believing they’ve been invited to an online meeting.

Researchers at INKY say that these new attacks are even fooling some Secure Email Gateways (SEGs), making them harder to catch.

In addition, they can send a direct link, preventing your browser’s fraud prevention, as well. “If the hacker includes a fake attachment, it leads to a fake login page that’s locally hosted on the recipient’s computer, not the internet,” the researchers write.

The solution here may be a low tech one. By texting or calling to confirm any meetings you didn’t set up yourself, you can be sure you’re only joining meetings you’re supposed to join – and prevent the ZOOMPIRE!

 

Resources

5 Ways to Stay Safe Financially During the COVID-19 Pandemic

woman animation planning her financesWe’re all experiencing an unprecedented time in our history; most of the country and large parts of the world are under some type of stay-at-home orders. While our team members at FAN are working hard to make sure your transaction closes on time, unfortunately, there is an army of unscrupulous people that are using this time to attack you financially.

As the world has turned to online services for financial transactions, 22% of Americans have been the target of fraud attempts in the past few weeks. They hope that you’re too preoccupied with the immediate need of social distancing to notice that the threats of fraud are still quite high.

With that in mind, here are 5 ways to stay safe financially during the COVID-19 novel coronavirus pandemic:

  1. DOUBLE CHECK YOUR CLICK – At least half of all COVID-19 related websites that have registered during this time are suspected of malicious activity. Be wary of ANY coronavirus specific website and pay attention to your clicks on social media or the internet. Before your click, check that the link is going to the expected website – preferably one you know already and trust.
  2. BE AWARE OF FAKE NEWS – Scammers are creating fake news stories on contaminated websites in hopes that you’ll not only read them, but share them online – all to get you and your friends to visit their malicious websites. While some of these websites may look legitimate, they can hide spyware or be phishing for your data. Check all news stories to ensure they are from mainstream media sources.
  3. VERIFY THE SENDER – The FBI warns of a significant threat of phishing emails relating to economic stimulus payments, charitable and relief contributions, fake cures, vaccines, and testing kits. If you’re not sure, click on the sender’s EMAIL ADDRESS (but not any links in the email) to see if the email matches the sender. If you’re not 100% sure who the sender is and that you were the intended recipient, do not open or forward the email.
  4. CHANGE YOUR PASSWORDS – While you should always be cautious about your passwords, it’s good practice to change them during times of accelerated fraud activity. Some experts recommend using pass phrases instead of complicated passwords, which may be easier to remember. Also, it’s not OK to share passwords among websites and other places to prevent your passwords being stolen from one website and used on another.
  5. DON’T TEXT BACK – Have you heard of SMISHING? It’s a new form of information phishing that hackers are using to send you text messages that include links or will appear to be from legitimate sources. Remember the same tips from your emails and don’t trust anything unless you’re SURE who the sender is. Delete anything you’re not sure about. Also, no one will ask for your password via text messages, so if you get a text asking for ANY passwords, it’s delete-worthy!

Those are just a few ways to help you stay safe while we all are trying to keep our distance from one another. Remember, while you should always use caution when banking, communicating or shopping online, now is the time to be EXTRA vigilant.

 

Compliance, Real Estate Headline News

Who’s responsible for wire fraud?

We hear about it all the time, wire fraud, cyber security, secure networks and portals. We don’t think it can happen to us, until it does.

The way wire fraud cases are handled is changing. No one is exempt from wire fraud, and going forward, everyone in a transaction could be held responsible for the wire fraud.

As Thomas W. Cronkright II, Esq. and Lawrence Duthler, Esq. of CertifID LLC show in their recent report, all participants in a transaction are responsible for wire fraud loss. A recent Kansas Federal District Court decision ruling found a bank, title company, real estate agent, and real estate broker liable in a transaction hit with wire fraud. The cybercriminal hacked into the seller’s agent’s email and was able to reroute the buyer’s wire to a fraudulent bank account. The buyer lost $196,622.76 that day, none of which was recovered.

According to the report:

“The buyer argued that all defendants had a duty to protect them from the losses they incurred and that the failure of these defendants to live up to that duty led to the fraudulent loss of their funds. In response, the defendants responded by arguing that they owed no duty to the buyer because they did not serve in a formal representative or fiduciary capacity.”

While the bank and title company settled in mediation, it was the seller’s real estate agent and broker who were found liable for 85% of the losses during the transaction, since the fraudulent email came from the seller’s agent.

We don’t think it can happen to us, until it does. And if it does, all parties in the transaction may be held liable. Are you ready for it?

“All defendants had a duty to protect them from the losses.” We all have the duty to protect our clients. That’s why it’s so important to do business with a title company who can secure you and your clients. Agencies in the Florida Agency Network are among the Nation’s top 1% in security, compliance and innovative technology. We work hard behind the scenes to make sure everything runs smoothly, and your clients are protected.

For more information on how we can secure your closing, contact us at info@flagency.net or visit any of our offices.

Resources, Tech Tips

Are You Helping the Bad Guys?

photo-1461749280684-dccba630e2f6-small

You may not know it, but your email and web browsing habits may be inadvertently helping the “bad guys” take your personal information, or nonpublic private information (NPPI). Hackers are targeting the real estate industry by utilizing sophisticated techniques and technology to hack into existing email threads and redirect the communication, and far worse, the funds, elsewhere. For real estate agents and their clients, this could mean a big payday for hackers, as well as an enormous headache, and possibly legal action, for agents and their clients.

To protect you and your clients, Aaron M. Davis, CEO of Florida Agency Network (FAN), has compiled a list of actions agents should take to help prevent exposing themselves and their clients to a potential hacking situation.

  • Make sure your title agent only sends encrypted wire instructions directly to the buyer and does not copy the real estate agent. (Many like to include the agent as a means of notification, but this puts the transaction at risk.)
  • Advise your clients that they will only receive the wire instructions ONCE from your title company, and then call to confirm, at a phone number you know to be authentic, prior to sending a wire.
  • Hackers use keyword searches when seeking out fraudulent misdirection opportunities. Stay away from using words in the subject of your emails like “WIRE”, “FUNDS”, and “FUNDING”, as these terms are what hackers are looking for.
  • Change your email password(s) once per month.
  • If you click on a suspicious email link or document, immediately change your password.
  • Invest in antivirus software.
  • Make sure you update your computer patches. Antivirus patches and cell phone updates should be applied immediately upon release, as most are released to address security flaws.
  • Educate your clients on industry scams. Forward this link to clients for further information: https://www.ic3.gov/media/2016/160614.aspx

Hackers have infiltrated our industry and figured out how to create chaos. The most effective way to fight back is to educate yourself and partner with companies that monitor and secure their networks.

Through FAN’s partner, Premier Data Services, agencies within the Network stay up-to-date on compliance initiatives and policies. Each agency hosted by Premier Data Services is SOC 2 compliant, and is audited and verified by a third-party specialist organization, 360Advanced. FAN and its agencies gladly take on the responsibility of not only insuring the title to your home, but also in safeguarding your NPPI.

 

 

Have questions? Get answers, and get social with us. Follow us on Facebook and stay up-to-date with valuable resources and information.
Resources, Tech Tips

Word to the Wise: Has your email been compromised?

Smartphone

Recently, the real estate industry has seen a surge in email scams, cyber crime and hackers targeting real estate transactions in an attempt to defraud real estate brokers, lenders, title agencies and more. With each transaction containing sensitive, or nonpublic private information (NPPI), hackers are using technology and techniques to hack into emails and redirect the communication and funds elsewhere.

According to Chris Gianni of Premier Data Services, a network partner with The Florida Agency Network, there are some simple steps you can take to ensure you and your clients don’t become victims.

One of the easiest ways to avoid a hacker from taking funds is to simply pay attention. Checking and verifying email sources can take a few minutes, but it could save you and your client from getting into a messy situation.

Gianni says hackers will inject a new reply email address with a domain so similar to the original email, you might not even notice. For example, one of our embodying title agencies encountered a hacker who attempted to duplicate the original email domain, “____@XYZTITLE.com”, by using “____@XYZZTITLE.com”, with the signature line copied from the actual settlement agent’s information.  That hacker then attempted to send alternate wiring instructions to the buyer in order to redirect the funds to a fraudulent bank account. However, thanks to some quick thinking and a few minutes verifying the email source and information, the hacker was unsuccessful.

Also, Gianni advises keeping your work email separate from your personal email.

“If you’re working in a personal email, let’s say, one that you use to sign up for newsletters, online accounts or to download content, a hacker could easily get in and find out you’re a real estate agent. From there, he or she will most likely begin monitoring your emails, plan out a way to get a hold of sensitive information and get whatever they want. “

Securing your passwords in another security option Gianni suggest. Using at least 8 letters, including symbols, alternating between upper-case and lower-case letters, and changing passwords regularly is an effective way to secure you and your client’s privacy.

The most effective way to avoid being a victim of a cyber crime is to use a secure network or do business with companies that do the same. Embodying agencies within the Florida Agency Network stay up-to-date on compliance codes and policies. Through FAN’s network partner, Premier Data Services, each agency is SOC 1 & SOC 2 compliant and verified by third-party organization, 360Advanced. FAN and its agencies gladly take on the responsibility of not only insuring the title of your home but also safeguarding your NPPI.

 

Have questions? Get answers, and get social with us. Follow us on Facebook and stay up-to-date with valuable resources and information.