We wanted to let you know of an extremely dangerous fraud scheme that is going around in South Florida that targets Realtors and their clients. Please take a few minutes to read the scheme so you are aware of how it works because unlike most schemes we’ve seen in the past, these hackers are very sophisticated, know the real estate lingo, and are using Realtors’ email accounts to reach their customers in order to defraud them.
While it is very difficult to prevent all cyber-attacks, there are a few basic DO’s and DON’T’s that each one of you can do to protect yourselves and your customers from these attacks:
DO’S
– Be skeptical of any emails from strangers or even e-leads.
– Hover over links in your email with your mouse to see the true source of the link.
– If you have a Gmail account, register for the 2-step verification process that will alert you if someone accesses your account from anywhere except a trusted device. The link to register is: https://www.google.com/landing/2step/.
– Have a list of basic questions to ask a new e-lead or customer to make sure you’re dealing with a bona fide customer before you proceed to do a property search.
– Report suspicious emails to [email protected].
DON’T’s
– Open attachments from unidentified sources as these may contain phishing emails.
– Click on links from unidentified sources as these may contain phishing emails.
Attachments and links in unidentified emails basically hack into your accounts and track your email activity to see who you are communicating with and then begin communicating directly with your client and giving them false information.
This is a Fraud Scheme Alert that was distributed by the Greater Capital Area Association of Realtors (GCAAR) in Silver Spring, MD
Fraud Scheme Alert
We have recently become aware of a scheme plaguing REALTORS® and their clients. Fraudsters are hacking REALTORS’® email accounts to learn about current transactions. They then send an email, from what appears to be a REALTOR’S® email address, to the holder of the deposit which directs them to wire the deposit to an account controlled by the hackers.
Please read this important information.
The scheme usually works as follows:
1. The fraudster hacks a REALTOR’S® account, which are often Gmail or Hotmail.
2. They search and monitor the email account for information regarding upcoming closings. The hacker is looking for all details, including the amount of the deposit, the names of the parties and contact for the Deposit Holder.
3. Once they have all relevant information, the thief makes a move for the deposit.
4. The hacker opens a new email account and creates an address that appears in every way to be genuine from the REALTOR. It shows the agent as the sender, includes their normal signature and working links to the REALTOR’S company website or any other social media outlets. Often, the email will have attachments related to the transaction that were copied
from the REALTOR’S emails (i.e., escrow disclosure and agreement, purchase and sale contract, etc.).
5. This email criminally directs the Deposit Holder to wire the deposit to an entity that is owned by the fraudster. The name will appear to be a legitimate closing or title agency office.
6. Because everything appears to be correct, the Deposit Holder then wires the funds to the fraudulent account.
7. The deposit has now been stolen out of the Deposit Holder’s account and is GONE FOR GOOD.
What can you and your clients do to avoid becoming a victim of this scheme?
* ALWAYS verify emails dealing with transferring funds out of your accounts. Call other parties involved in the transaction. Use only numbers you have used before or can otherwise verify.
* Do not use any phone number provided in the email directing you to wire the deposit.
* Exercise extra caution when wiring instructions; reference a bank branch or entity that is located out of state.
* Advise everyone of this scheme and ask them to be on the lookout for responses to emails they have not sent. These may indicate that their email accounts have been hacked.
Be alert!