Real estate enterprises play a significant financial and Personal Protected Information (PPI) role in various transactions, including home sales, residential and commercial rents, and large-scale deals involving both buyers and sellers, tenants, investors, and other involved parties.
In the current scenario, where scams and cybercrime have reached unprecedented levels, safeguarding oneself is of utmost importance. Thus, it becomes increasingly crucial to enhance one’s knowledge and adopt measures to protect real estate businesses. We are here to shed light on some of the existing and emerging threats and offer valuable resources to fortify your real estate ventures.
- Phishing – email and SMS
Phishing stands as a prevalent tactic employed by cybercriminals who are primarily driven by financial gain. These deceptive schemes are crafted to elicit illicit emotional reactions from their targets, which could manifest as either positive or negative responses. The execution of such scams commonly occurs through various channels, including emails, phone calls, text messages, and even social media messaging platforms.
How to Recognize a Phishing Email or Text Message:
- Urgent Demands: Be cautious of messages pressuring you into immediate action, like claims of a suspended account from ABC Bank.
- Grammar and Spelling Errors: Watch out for poorly written content, as legitimate messages usually maintain proper language and grammar.
- Unfamiliar Greetings: Exercise caution when receiving messages with greetings or salutations that seem unusual or unfamiliar.
- Inconsistent Addresses and Links: Stay vigilant for email addresses, links, or domain names that don’t align with the sender’s claimed identity.
- Suspicious Attachments: Avoid opening attachments that appear suspicious or unexpected, as they may contain harmful content.
- Solicitation of Sensitive Information: Be wary of emails requesting sensitive data, login credentials, or payment information, as reputable organizations typically don’t ask for these via email.
- Offers Too Good to Be True: Exercise skepticism when encountering messages offering unrealistic rewards or prizes, like winning a contest you never entered.
Can you spot which is the fraudulent Login address?
A. [email protected] B. [email protected]
A. [email protected] B. [email protected]
*ANSWER is B for both, the number 0 was used instead of a letter o and the correct domain name was used for ato.
Main point: When you have suspicions about a scam, refrain from clicking and instead, directly visit a trustworthy source to verify the authenticity.
- Business email attack (BEC)
BEC, a form of targeted phishing, involves deceiving employees into transferring funds to a cybercriminal’s ‘new’ business bank account or divulging sensitive information under the guise of a senior executive. This scheme employs social engineering or hacking methods to infiltrate authentic email accounts or create fake emails that seem to originate from high-ranking employees, colleagues, or suppliers. The CEO and managing director roles are often impersonated, with the CFO and finance director as primary targets.
BEC attacks are commonly executed through two mechanisms:
- Email Spoofing: Utilizing emails that appear to be from trusted sources or colleagues.
- Account Compromise: Gaining access to the target’s email account through malware installation or tricking victims into revealing login credentials.
To protect against BEC attacks, it’s crucial to enable two-factor authentication, set up alerts for sensitive data changes, and consistently log out of applications when they are not in use or at the end of each day. Stay vigilant against suspicious emails and verify requests for fund transfers or sensitive information before taking any action.
- Ransomware
Ransomware, a prevalent and perilous form of malware, spreads primarily through phishing emails that deceive users into clicking on malicious links. Once activated, ransomware seizes or encrypts your files, effectively blocking access to them. The attackers then demand a ransom, often in cryptocurrency, to unlock the files and restore access.
Essential tip: Safeguard your accounts with robust passwords or passphrases, and make certain that ALL employees undergo comprehensive cybersecurity training and education. - Protecting yourself and business online
Maintain constant vigilance and recognize the potential interest of hackers in your business by following these essential guidelines:
STOP – Prioritize taking your time before divulging personal information or making any financial transactions.
THINK – Doubt the authenticity of messages or calls and question their legitimacy.
PROTECT– If anything seems amiss, act promptly to safeguard your interests. - Report cybercrimes & additional resources
If you have experienced a cybercrime, incident, or vulnerability, follow these steps:- Without delay, get in touch with your bank or card provider to report the scam and request them to halt any transactions.
- Report the cybercrime through the official channels: (Australia) gov.au/report or (New Zealand) https://www.cert.govt.nz/report-an-issue/
- Take the proactive measure of resetting ALL passwords for your banking and software applications.
For comprehensive information and valuable resources, explore the following:
- The Australian Cyber Security Centre offers a wide array of beneficial assets, such as the Small Business Cyber Security Guide, toolkits, alerts, and more. Check them out at cyber.gov.au.
- Additionally, Cert NZ provides essential resources like Top Cybersecurity Tips for Business. Discover these valuable insights at cert.gov.nz.
