This week, the Austin Chamber of Commerce published a report on the High Tech Industry: https://www.austinchamber.com/blog/06-05-2018-high-tech-industry
• Nearly 6,500 employers in the Austin metro area are in high tech industries.
• Jobs in Austin’s tech industries total over 138,500, or 14.1% of all jobs, compared to 7.0% nationally.
• In 2017, jobs in Austin’s high tech industries grew by 4.3%, surpassing the metro’s 3.2% total job growth.
Annual average employment in high tech industries in the Austin MSA in 2017 was 138,544, up 4.3% from 2016. That’s a stronger gain than the 3.2% increase for employment across all industries. High tech jobs represent 14.1% of all Austin area jobs in 2017 and 18.5% of the year’s net new jobs. Nationally, high tech accounts for 7.0% of all jobs.
This is important to Austin and to the Real Estate community overall because of the quality of the these jobs. For all industries, the average annual salary in Austin is $59,742, up 4.3% from 2016, while the average salary for high tech jobs is $112,771, up 6.2%.
From Reuters article on Friday:
“The FBI urged people to reboot their devices to temporarily disrupt the malware and help identify infected devices. People should also consider disabling remote-management settings, changing passwords and upgrading to the latest firmware.”
This applies to routers at work and at home.
MAY 25, 2018 / 10:54 AM / UPDATED 3 HOURS AGO
FBI warns Russians hacked hundreds of thousands of routers
Joseph Menn, Sarah N. Lynch
(Reuters) – The FBI warned on Friday that Russian computer hackers had compromised hundreds of thousands of home and office routers and could collect user information or shut down network traffic.
The U.S. law enforcement agency urged the owners of many brands of routers to turn them off and on again and download updates from the manufacturer to protect themselves.
The warning followed a court order Wednesday that allowed the FBI to seize a website that the hackers planned to use to give instructions to the routers. Though that cut off malicious communications, it still left the routers infected, and Friday’s warning was aimed at cleaning up those machines.
Infections were detected in more than 50 countries, though the primary target for further actions was probably Ukraine, the site of many recent infections and a longtime cyberwarfare battleground.
In obtaining the court order, the Justice Department said the hackers involved were in a group called Sofacy that answered to the Russian government.
Sofacy, also known as APT28 and Fancy Bear, has been blamed for many of the most dramatic Russian hacks, including that of the Democratic National Committee during the 2016 U.S. presidential campaign.
Earlier, Cisco Systems Inc said the hacking campaign targeted devices from Belkin International’s Linksys, MikroTik, Netgear Inc, TP-Link and QNAP.
An FBI official told Reuters that the kinds of devices known to be affected by the hack were purchased by users at electronic stores or online. However, the FBI was not ruling out the possibility that routers provided to customers by internet service companies could also be affected, the official added.
Cisco shared the technical details of its investigation with the U.S. and Ukrainian governments. Western experts say Russia has conducted a series of attacks against companies in Ukraine for more than a year amid armed hostilities between the two countries, causing hundreds of millions of dollars in damages and at least one electricity blackout.
The Kremlin on Thursday denied the Ukrainian government’s accusation that Russia was planning a cyber attack on Ukrainian state bodies and private companies ahead of the Champions League soccer final in Kiev on Saturday.
“The size and scope of the infrastructure by VPNFilter malware is significant,” the FBI said, adding that it is capable of rendering peoples’ routers “inoperable.” It said the malware is hard to detect, due to encryption and other tactics.
The FBI urged people to reboot their devices to temporarily disrupt the malware and help identify infected devices.
People should also consider disabling remote-management settings, changing passwords and upgrading to the latest firmware.
Reporting by Sarah N. Lynch in Washington and Joseph Menn in San Francisco; Editing by David Gregorio
Our Standards:The Thomson Reuters Trust Principles.
Wire fraud has become rampant in our industry. The FBI has estimated that there are over 4,000 hack attempts per day nationwide. According to the Financial Crimes Enforcement Network (FinCEN) there have been 22,000 cases of reported wire fraud involving losses of over $3.1 billion dollars since 2013.
The real estate industry has been targeted by fraudsters because our business moves at a quick pace with a lot of funds on a regular basis. The criminals continue to strengthen their efforts to abscond with buyer, seller and REALTOR money. Below are some tips for how we can help educate our buyers and sellers about how important it is to be cautious in their transactions.
The biggest key to prevention is education of your customers. As a REALTOR you should be laser focused on educating the buyers and sellers about the growing risks of wire fraud. At every opportunity take the time to explain that wire fraud has become prevalent and explain how we, the title company, will deliver wiring instructions. Buyers and Sellers should understand that if they receive a phone call, fax or email regarding wiring of funds, they must call a previously validated phone number to verify the funding information. Always caution the client about contacting the title company from an email signature. Criminals have become sophisticated at sending fraudulent communications pretending to be the REALTOR, the title company and the lender. criminals send emails with identical looking signature blocks of one of the parties to the transaction but replace with phone numbers the criminal will answer if someone calls. A good tip is to ask your clients to program our phone number into their cell phones when they go under contract. This way they are only calling us on a trusted phone number and not from any other resource.
Buyers should be forewarned by their REALTOR that no one in the transaction should send them wiring instructions other than the title company. Even when the title company sends wiring instructions it should be only upon request from the customer and the customer should never initiate a wire without personally calling the title company from a verified phone number to verify the wiring instruction data.
A REALTOR should never take on the responsibility of sending wiring instructions to their clients. After having the conversation with your client to educate them on the red flags of wire fraud it is highly advisable that you have a disclosure signed by them confirming your conversation that includes a reminder to never send funds without contacting the title company first at a trusted number to confirm the instructions.
On the seller side of the transaction, you should counsel the clients to bring a physical copy of their wiring instructions to closing. The sellers should not email their account information out. Instead they should bring the instructions to closing. All sellers should be counselled to not respond to email inquiries requesting their account number or wiring information.
Also, make sure that we have your buyer or seller’s phone number. When we receipt the contract we will call your buyer and seller to talk to them about the transaction. We will reiterate the warnings that you are giving them and we will help remind them how important it is to follow our instructions.
Before you go under contract create a log of all approved parties’ phone numbers to give to your buyer or seller. Providing the clients with a verified phone number to use at the beginning of the transaction is a must. Programming the title company number into their phone should help minimize the possibility of a fraudster sending them a different phone number to use via email.
Many REALTORS today have a portion of the commission wired. If you fall into that group make sure you are available by phone to verify the wiring instructions. Criminals are hacking emails and sending in fake wiring instructions for commissions too!
You should implement Two-Factor Authentication. All parties to the transaction, especially real estate agents, should be encouraged to enable Two-Factor Authentication on the email service they utilize, especially real estate agents using public domain email systems such as Yahoo and Gmail. This site lists systems that implement Two-Factor Authentication: https://twofactorauth.org/. After you have turned on your Two-Factor Authentication make sure to change your password one time to clear out any prior access.
All email involving nonpublic, private and confidential client information should be sent utilizing secure email systems. Here is an article from the National Association of REALTORS (NAR) regarding NAR Best Practices https://www.nar.realtor/articles/internet-security-best-practices.
REALTORS should implement industry standard IT security and cyber protections of their email and computer systems including but not limited to: 1) utilizing strong antivirus software, 2) installing security patches for all operating systems and software applications, 3) logging out or locking their computer when leaving their computer unattended, 4) avoid clicking on suspicious links on websites or within emails and 5) avoid using free WIFI or free charging stations. Free WIFI pretending to be legitimate businesses is often operated by criminals and allows them to access everything being transmitted over WIFI.
When fraud happens. If you suspect a fraud is underway or has happened, act immediately! Contact as many people in your management team as well as at the time company. The bank and FBI need to be contacted immediately among other steps that must be taken. The Cybersecurity unit of the Department of Justice has published the following guidelines for reporting cyber incidents: https://www.justice.gov/sites/default/files/opa/speeches/attachments/2015/04/29/criminal_division_guidance_on_best_practices_for_victim_response_and_reporting_cyber_incidents2.pdf
ALTA Wire Fraud Resources:
ALTA notice about phishing emails: https://www.alta.org/news/news.cfm?20170801-Phishing-for-Wire-Transfers
ALTA Wire Fraud Red Flags: https://www.alta.org/news/news.cfm?20170725-Red-Flags-to-Protect-Your-Company-Against-Wire-Fraud
ALTA Sample Wire Fraud Warnings: https://www.alta.org/news/news.cfm?20170725-Sample-Wire-Fraud-Warnings-You-Can-Use
FBI’s Public Service Announcement regarding Business Email Compromise: https://www.ic3.gov/media/2017/170504.aspx
Our executive team at Texas National Title is committed to helping our clients talk to customers about preventing wire fraud. David Tandy (CEO) and Latra Szal (COO/Counsel) have been teaching many classes on the topic to local REALTOR groups. If you would like to schedule a class or conference for your office to discuss further please let me know and we will get something scheduled.
To receive more posts like this from Tandy on Real Estate updates direct to your inbox, please subscribe.
The domain you are visiting online, may not actually be the website you were thinking it was. According to The Register homograph attacks, although not new, are still an issue in modern-day web-browsing. This may not be on your radar, but it is definitely something to be aware of as we continue to live in our online world. Here is what you need to know about homograph attacks, and how to protect yourself.
What is a homograph attack?
According to Malwarebytes Labs, “A homograph attack is a method of deception wherein a threat actor leverages on the similarities of character scripts to create and register phony domains of existing ones to fool users and lure them into visiting. This attack has some known aliases: homoglyph attack, script spoofing, and homograph domain name spoofing.” An example of this is using the Latin alphabet to spoof the letters in a common English domain, e.g. bl00mberg.com or g00gle.com.
How does this affect me?
Cybercriminals are using non-English characters to mimic common English domains in order to trick users. Homograph attacks use a fake, yet believable website to lure you in. These sites are created for phishing, fraudulent purposes, or to introduce malware onto your system. The issue is that every browser builder, certificate authority and registrar have global customers – making their systems and you a potential target.
How can I protect myself?
Here are a few tips from Malwarebytes Labs to help protect yourself.
It boils down to being aware of what you click on, before you click on it. Always hover over a link before you proceed to click on the link.
To receive more posts like this from Tandy on Real Estate updates direct to your inbox, please subscribe.
We love the idea of public WIFI. It is everywhere. It is free. It is easy to connect to. It is convenient. But, is it too good to be true? According to Harvard Business Journal, “over half of the adults in the U.S. have their personal information exposed to hackers each year.” And, 89% of all cyber attacks involve financial or espionage motives according to Verizon’s annual Data Breach Investigation Report.
Hackers love free WIFI
Those same reasons why we love public WIFI are also why hackers love it too. With public WIFI, hackers can get unfettered access to unsecure networks full of personal information they can then use to hack into your life and business. They position themselves between you and your connection point. They then see everything you are sending to the hotspot and pass it on. In this position, they will see anything you transmit over the WIFI network, your email, username and passwords, credit card information, business network credentials… Once they have access to this information they can use it at their leisure and access your systems. Hackers also use unsecure networks to distribute malware which can infiltrate your computer.
One mistake people make using public WIFI
According to USA Today, “If I’ve said it once, I’ve said it a thousand times: Avoid doing anything you would not want anyone in the world to know on public WIFI. You may think you’re safe in that busy café or big-name hotel, but public WIFI is a major liability.” You never know when someone has spoofed a reputable brand’s WIFI network. USA Today’s Stephen Petrow was hacked on a plane, click here for his story. This could happen to anyone.
Jessica Edgerton, National Association of REALTORS Associate Counsel, warns REALTORS®, “Do not do business over free WIFI” in the NAR training “Wire fraud scams: how to protect your buyer clients”. There is just too much at risk in a real estate transaction to take a chance on an unsecure network.
Below are some steps to help safeguard yourself.
How to safeguard yourself and your business when using public WIFI
The vast majority of hackers are simply going after easy targets. Taking the following precautions should help to keep your information safe.
Now that you know that public WIFI is not secure – be cautious and remember that any device can be at risk. This includes your laptop, smartphone or tablet. Be suspicious of wireless networks, and refrain from connecting to unknown or unrecognized wireless access points.
Make sure to use your Virtual Private Network (VPN) that most businesses use for corporate email and Internet access through an unsecured connection, like public WIFI. This is your first line of defense when on public networks. If hackers do manage to get between you and your connection, the data will be heavily encrypted through the VPN and you will not be an easy target.
When you are web browsing make sure you enable to “Always use HTTPS” option on websites you use frequently or that require you to enter credentials. Hackers are smart and if they catch a username and password they will try all of the variations knowing that it will more than likely lead to a password to your online banking, corporate network, or other accounts. Remember, you never want to enter your usernames and passwords in an unencrypted manner. This opens the door for hackers.
When using the Internet on public WIFI, turn off your sharing in System Preferences or in your Control Panel. It is unlikely that you will want to share, so best to be safe. You can also let Windows do this for you by choosing the “Public” option when you first connect to the new network.
In the event that you do use public WIFI, avoid going to sites where a cybercriminal could capture your information, i.e. online banking, social media sites, online shopping… If you have to access one of these sites, then use your mobile phone network versus the public WIFI to help protect yourself.
Keep an Internet security solution running on your laptop to constantly scan for malware.
Secure your home wireless network
Having a home wireless network is awesome. You can work from anywhere in your home. It is easy, and becoming a standard in new smart homes. Make sure that you protect yourself at home too.
Make sure to change from the default password and use a complex password. Click here for tips for creating strong passwords.
This will keep your wireless device/network from announcing its presence to your neighbors and the world.
Change the default SSID name of your device. It is easy for hackers to guess your manufacturer’s default SSID name of your device. Make is harder by changing the default SSID name. And, remember to pick a name that is not easily identified.
In your connection settings, enable encryption. WPA encryption was the best, but even WPA2 was recently cracked. For the time being there is no safe public WIFI. To protect yourself, you must use a VPN service if you want to hide unencrypted traffic.
Make sure you have a great anti-malware product on all of your home computers and devices. When you set this up, remember to set it up to auto-renew so you do not go unprotected. Also, find a great IT resource to help you routinely review your computer and devices to ensure you are running optimally and that you do not have anything running in the background on your computer to compromise you or your network.
To receive more posts like this from Tandy on Real Estate direct to your inbox, please subscribe.
In a letter to the Consumer Financial Protection Bureau (CFPB), ALTA urged the bureau to issue an alert warning consumers about wire fraud schemes attempting to steal funds for real estate closings.
“Despite efforts by the title industry and others to educate consumers about the risk, homebuyers continue to be targeted,” said Michelle Korsmo, ALTA’s chief executive officer. “With the spring homebuying season underway, it’s vital to continue raising awareness about these schemes. The CFPB should take this opportunity to protect consumers from criminals looking to steal their money.”
The alert should provide tips on how consumers can protect themselves and questions to ask to help determine if real estate professionals have procedures in place to protect their money. ALTA has educated its members over the past few years about these wire fraud schemes, but the best defense is to inform consumers about the danger.
“Unfortunately, these criminals frequently target homebuyers prior to the title company getting involved in the transaction,” Korsmo said. “In many instances, they obtain access to unsecure email accounts used by consumers or real estate professionals. They use this access to find transaction patterns and details to make their fraudulent communications seem legitimate. The criminals will instruct the buyers to send the funds to a different account and the money vanishes in minutes.”
Today safety is something we all think about and often worry about. We have alarm systems for our cars, homes, video surveillance, video doorbells and many other safety features to keep our family and our homes safe. For REALTORS® safety is a part of their daily job and a growing concern. Their own personal safety, as well as the safety of their clients and the homes that they have been entrusted to market and sell. REALTORS meet new people every day. They interact with unknown agents, show homes to people they may have never met before, and staff Open Houses and events for the general public. And, this all to help you market your home. Due to this high exposure, REALTORS must take precaution and approach safety first. Check out this video by the National Association of REALTORS® on personal safety protocols and what to expect when working with a REALTOR. This video is a great resource to share with clients and homebuyers to learn about the potential safety protocols you may encounter when working with a REALTOR®.
For more information on safety, visit REALTOR Safety provided by the National Association of REALTORS.
To receive updates from Tandy on Real Estate direct to your inbox, please subscribe here.
As promised, I will be outlining the National Association of REALTORS® Best Practices from their NAR Data Security and Privacy Toolkit. The National Association of REALTORS Legal Affairs Department outline the following Best Practices on Email.
Unsecure email accounts are open doors to cyber criminals. Follow these guidelines to help keep that door securely shut and locked tight.
· Whenever possible, avoid sending sensitive information via email.
· If you must send sensitive information via email, make sure to use encrypted email.
· Never trust contact information in unverified emails.
· If an email looks even slightly suspicious, do not click on any links in it, and do not reply to it.
· Clean out your email account regularly. You can always store important emails on your hard drive.
· Do not use free wi-fi to transact business.
· Avoid using free email accounts for business.
· Use strong passwords.
· Change your password regularly.
These are quick and easy reminders of good email practices. I cannot emphasize enough the importance of secure email. We are in a very transaction heavy business full of NPPI (non-public personal information), and the information that we share should abide by privacy laws including Gramm-Leach-Bliley Act, should not include NPPI, and must be transmitted via secure, encrypted email. Here is a guide from the Federal Trade Commission on how to comply with the Privacy of Consumer Financial Information Rule. And, as a bonus, here is a webcast offered by the American Land Title Association on Best Practices: Protecting Non-public, Personal Information.
To receive updates from Tandy on Real Estate direct to your inbox, please subscribe here.
Last week I covered two cybersecurity topics Protecting your business and Protecting your cell phone. Today, I wanted to give you a quick tip on how to create strong passwords to help protect your accounts. Strong passwords help to prevent unauthorized users from using your computer, systems and applications. Check out the list of the worst passwords according to Forbes. Hopefully your passwords do not make the list. If they do, the tips below will help you to create a stronger password.
While not fool proof, creating a stronger passwords can help to reduce the chances of becoming a victim of a hacker according to a hacker himself in Advice from a Real Hacker.
Remember your strong passwords are only as good as where you store them, so make sure to keep your passwords secure. And, do not leave them by your computer. If you have a hard time remembering all of your passwords, you can always use a trusted password manager. Check out Consumer Reports for more info on password managers, and see PC Magazine for the Best Password Managers of 2017.
Another way to protect yourself is to set-up two-factor authentication.
I hope you find this helpful. To receive updates from Tandy on Real Estate direct to your inbox, please subscribe here.
Where would we be without our smart phones today? You can basically conduct your business via your cell phone. It is amazingly convenient, easy to access and backup, and a powerful efficiency tool. But, it is also not without its security issues.
Today cell phone usage blurs the lines between our personal and business lives. From our contacts, online banking, social media accounts, fitness apps, games to our emails and business applications, our phones house access to our life’s operating system. And, with this they store a mass of sensitive information. The National Association of REALTORS says that, “more sensitive data about you and your work (passwords, credit card numbers, contacts, messages, e-mail) is accessible from your mobile device than any other piece of technology you have. Inman News says that REALTORS are walking around with a bulls eye on their back for hackers.
Here are 6 tips to protect your smart phone from The National Association of REALTORS:
And, as a business owner RISMedia advises that you should also have the ability to remote track and wipe smart phones to protect your business.
I hope this is helpful to safeguard your smart phones. To receive updates from Tandy on Real Estate direct to your inbox, please subscribe here.