Cyber Fraud and Cyber Security
The digital age has brought many great advances to how we do business, saving time and money. It has also exposed all of us to the nefarious deeds of those that do not have our best interest in mind. The real estate industry in general has become a prime target for unscrupulous actors. Below are some suggestions to protect the data and funds that are dealt with in our industry daily:
- Keep your operating systems up to date. A simple way to protect your devices from hackers and malware is by updating your operating system when you’re prompted to. Don’t ignore those notifications just because you’re busy.
- Develop good email hygiene. Use complex passwords, and change your passwords on a regular basis. Consider using a password manager, such as 1password, and two-step verification.
- Check your email settings. Hackers can put a rule in your settings that will forward certain emails to their account.
- Avoid sending sensitive information via email when possible. Attaching forms, financials, and confidential files to an email is an efficient way to communicate, and criminals are taking advantage of that. Encrypted email is a good practice, but that generally means it’s encrypted in transit only, a legal requirement in some states. Be aware of state laws and explore using a document sharing platform.
- Warn clients. Educate your clients on the prevalence of wire fraud, and advise them to pick up the phone and verify information before they wire funds. Also, they should be careful about what number they’re calling; scammers will sometimes spoof a signature box, replacing the phone number with their own. Verify, verify, verify!
- Don’t hold on to personally identifiable information. Know your state’s definition of personally identifiable information (PII). Usually that’s first and last name, Social Security number, state ID or driver’s license number, and credit card information. Then, take stock of what client PII is kept in your office, on your computer, in your desk drawers, and in your email. Don’t keep PII any longer than you need to. Create a document retention policy with specific instructions on how to store and dispose of files.
- Don’t use your email as a data repository. Once criminals are in, they can go back and pull data from years ago. Don’t keep anything you don’t need. Do regular backups of your critical data and keep it in a separate, secure area.
- Don’t forget your phone and tablet. Be aware of what you’re downloading and what your kids are downloading. Be leery of text messages with links in them; phones are just as susceptible to ransomware as computers. Call your provider to find out if it includes data encryption. If not, look into it.
- Know the difference between Cyber Theft Insurance and Cyber Security Insurance. If you are a professional in the real estate industry contact your professional insurance provider, review your E+O coverage, and inquire as to the best ways to protect you and your clients.