Apart via digging a hole in your back yard, throwing your computer in, dousing the item with gasoline, in addition to lighting the item on fire, there's no foolproof way to protect yourself via cyber crime, said National Association of REALTORS® Associate Counsel Jessica Edgerton.
Since few if any brokers in addition to agents would likely work without a computer or smartphone, industry pros need to address the threat head-on, Edgerton said, speaking at the Emerging Business Issues & Technology Forum at the REALTORS® Legislative Meetings in Washington, D.C. She offered warning signs in addition to practical strategies for warding off cyber criminals.
“Cyber crime is usually a global problem," Edgerton said, one of which's becoming more prevalent in addition to more urgent. According to Juniper Research, the annual cost of data breaches through cyber crime is usually supposed to reach $2.1 trillion globally by 2019. in addition to the item’s not just government agencies or large multinational corporations of which are targets. Smaller in addition to midsized real estate companies — where transactions involve multiple players in addition to large sums of money — are an ideal target for criminals, Edgerton said. Among tiny businesses victimized by a successful cyber-security breach, she said, 60 percent go out of business within six months.
The Problem: Email Attacks
Hackers can gain access to email accounts through simple schemes. the item took Edgerton a a few-minute Google search to learn how to hack an email herself. Hacking can come from the form of an infected attachment or link of which appears to come via a benign sender. “Clicking is usually something of which’s deadly dangerous,” Edgerton says. Her motto: “Think before you click.”
What Victims Should Do
If you’ve been hacked or victimized by cyber criminals, report the incident or get more information:
Opening a bad link or attachment can trigger a key logger, which is usually malware of which reads keystrokes to capture your passwords. the item can also open ransomware, a wicked malware of which will encrypt everything on your system the item can reach, including connected drives in addition to networks. Just from the past week, a global attack with ransomware known as WannaCry, hit dozens of entities.
“the item’s insidious in addition to powerful,” she said. You’ll see a pop-up window of which notifies you of which your files have been encrypted. To remove the encryption, you'll be asked to pay the ransom in bitcoin, a currency of which virtually untraceable. Generally, if you don’t pay, you’re not getting your computer back.
If you're hit that has a ransomware attack, disconnect your computer immediately. Talk to your the item people, report the hack to the FBI, in addition to decide if you want to pay the ransom.
Another way hackers gain entry is usually through brute force attack on your email password. If you use a simple password, hackers have software of which can usually crack the item in seconds. Hackers may also be stalking your online profiles in addition to social media accounts, looking for names in addition to dates of which are meaningful to you of which you may also be using in your passwords. “They’re exploiting you in addition to how you work online,” Edgerton said.
Once hackers capture your email password, they can search for messages related to real estate transactions, Edgerton said. They can then send a spoof email to a buyer of which looks virtually identical an email via your account providing “brand new wiring instructions" of which will divert funds to the hacker's account. If a buyer takes the bait, the funds are usually gone for Great.
- Keep your operating systems up to date. A simple way to protect your devices via hackers in addition to malware is usually by updating your operating system when you’re prompted to. “Don’t ignore those notifications just because you’re busy,” Edgerton said.
- Check your social media privacy settings. Don’t allow identifiable information such as your birth date be viewable by the public.
- Develop Great email hygiene. Use complex passwords, in addition to change your passwords on a regular basis. Consider using a password manager, such as 1password, in addition to two-step verification.
- Check your email settings. Hackers can put a rule in your settings of which will forward certain emails to their account.
- Avoid sending sensitive information via email when possible. Attaching forms, financials, in addition to confidential files to an email is usually an efficient way to communicate, in addition to criminals are taking advantage of of which, Edgerton said. Encrypted email is usually a Great practice, however of which generally means the item’s encrypted in transit only, a legal requirement in some states. Be aware of your state laws are, Edgerton said. She recommended using a secure document-sharing platforms.
- Warn clients. Educate your clients on the prevalence of wire fraud, in addition to advise them to pick up the phone in addition to verify information before they wire funds. Also, they should be careful about what number they're calling; scammers will sometimes spoof a signature box, replacing the phone number with their own. To ensure they're reaching the right person, buyers should contact you (in addition to additional real estate service providers) using numbers provided in advance.
- Don't hold on to personally identifiable information. Know your state’s definition of personally identifiable information (PII). Usually of which's first in addition to last name, Social Security number, state ID or driver’s license number, in addition to credit card information. Then, take stock of what client PII is usually kept in your office, on your computer, in your desk drawers, in addition to in your email. Don’t keep PII any longer than you need to. Create a document retention policy with specific instructions on how to store in addition to dispose of files.
- Don't use your email as a data repository. Once criminals are in, they can go back in addition to pull data via years ago. Don’t keep anything you don’t need. Do regular backups of your critical data in addition to keep the item in a separate, secure area. Brokers should consider hiring a third party to conduct an the item audit to figure out their company's cyber weaknesses.
- Don’t forget your phone in addition to tablet. Be aware of what you’re downloading in addition to what your kids are downloading. Be leery of text messages with links in them; phones are just as susceptible to ransomware as computers. Call your provider to find out if the item includes data encryption. If not, look into the item.
State law may require you to have a data protection policy. In addition, you may be required by law to notify clients if a breach of PII does occur. Currently, 22 states require you to notify the state attorney general of a breach. If you fail to take the appropriate steps under state law, Edgerton said, you can be fined in addition to may also lose your license.