Prevention Tips for Email Phishing Scams


The FBI has reported that email phishing accounts for 95 percent of cybersecurity threats. Legal and law enforcement experts at the Illinois Department of Financial and Professional Regulation’s Cybersecurity Conference in Chicago, which focused on threats to the real estate industry, said this is why client communications are a key component of “cyber hygiene.”

The common advice to use strong passwords and change them often isn’t enough to obstruct hackers, said FBI special agent Daniel Wierzbicki, who leads a team of cybercrime watchdogs at the agency’s Chicago field office. The email platform you choose to conduct business communications may actually you more vulnerable to cyberattacks.

“A lot of real estate professionals use private Gmail accounts or accounts with other email providers to do transactions with customers instead of using company accounts,” Wierzbicki said. “But a lot of company accounts have better systems in place to protect against hacking activity; Gmail does not.”

Email hacking has become so prevalent that cybercrime now ranks as the FBI’s third-highest priority after terrorism and counterintelligence, he said. And the real estate industry is a major target for criminals.

Last year, Wierzbicki’s office fielded 551 cybersecurity complaints from customers in real estate transactions and 328 complaints from title companies. Together, that accounted for 64 percent of the cybercrime victims the office responded to in 2016.

“No matter what your email system is, it’s not a great vehicle for sensitive information,” said Jessica Edgerton, associate council for the National Association of REALTORS®. She suggested using a third-party transaction management or document sharing platform rather than email when transferring private client information – but even that isn’t infallible. “Almost every company has experienced some level of data breach,” she said. “Know your third-party providers and how they have reacted to past security breaches.”

Edgerton recommended using a password management system to store passwords; then you can ensure each one meets security standards without worrying about forgetting them.

One low-tech way real estate professionals can combat this problem is to educate their contacts.

“People aren’t aware of what’s happening,” Edgerton said. “When it comes to a real estate transaction, you have so many different players, and all it takes is one person in that transaction who isn’t aware of the signs of fraud to make the whole thing implode. … As the initiators of a transaction, you can spread the word about these security problems to everyone in the transaction who needs to know about it.”