Tandy On Real Estate

Category

Technology

How industry professionals can avoid and respond to wire fraud

Wire fraud has become rampant in our industry. The FBI has estimated that there are over 4,000 hack attempts per day nationwide. According to the Financial Crimes Enforcement Network (FinCEN) there have been 22,000 cases of reported wire fraud involving losses of over $3.1 billion dollars since 2013.

The real estate industry has been targeted by fraudsters because our business moves at a quick pace with a lot of funds on a regular basis. The criminals continue to strengthen their efforts to abscond with buyer, seller and REALTOR money. Below are some tips for how we can help educate our buyers and sellers about how important it is to be cautious in their transactions.

1. Consumer education.

The biggest key to prevention is education of your customers. As a REALTOR you should be laser focused on educating the buyers and sellers about the growing risks of wire fraud. At every opportunity take the time to explain that wire fraud has become prevalent and explain how we, the title company, will deliver wiring instructions. Buyers and Sellers should understand that if they receive a phone call, fax or email regarding wiring of funds, they must call a previously validated phone number to verify the funding information. Always caution the client about contacting the title company from an email signature. Criminals have become sophisticated at sending fraudulent communications pretending to be the REALTOR, the title company and the lender. criminals send emails with identical looking signature blocks of one of the parties to the transaction but replace with phone numbers the criminal will answer if someone calls. A good tip is to ask your clients to program our phone number into their cell phones when they go under contract. This way they are only calling us on a trusted phone number and not from any other resource.

Buyers should be forewarned by their REALTOR that no one in the transaction should send them wiring instructions other than the title company. Even when the title company sends wiring instructions it should be only upon request from the customer and the customer should never initiate a wire without personally calling the title company from a verified phone number to verify the wiring instruction data.

A REALTOR should never take on the responsibility of sending wiring instructions to their clients. After having the conversation with your client to educate them on the red flags of wire fraud it is highly advisable that you have a disclosure signed by them confirming your conversation that includes a reminder to never send funds without contacting the title company first at a trusted number to confirm the instructions.

On the seller side of the transaction, you should counsel the clients to bring a physical copy of their wiring instructions to closing. The sellers should not email their account information out. Instead they should bring the instructions to closing. All sellers should be counselled to not respond to email inquiries requesting their account number or wiring information.

Also, make sure that we have your buyer or seller’s phone number. When we receipt the contract we will call your buyer and seller to talk to them about the transaction. We will reiterate the warnings that you are giving them and we will help remind them how important it is to follow our instructions.

2. Contacts Log.

Before you go under contract create a log of all approved parties’ phone numbers to give to your buyer or seller. Providing the clients with a verified phone number to use at the beginning of the transaction is a must. Programming the title company number into their phone should help minimize the possibility of a fraudster sending them a different phone number to use via email.

3. Confirmation of wire instructions for REALTORS.

Many REALTORS today have a portion of the commission wired. If you fall into that group make sure you are available by phone to verify the wiring instructions. Criminals are hacking emails and sending in fake wiring instructions for commissions too!

4. Two-Factor Authentication.

You should implement Two-Factor Authentication. All parties to the transaction, especially real estate agents, should be encouraged to enable Two-Factor Authentication on the email service they utilize, especially real estate agents using public domain email systems such as Yahoo and Gmail. This site lists systems that implement Two-Factor Authentication: https://twofactorauth.org/. After you have turned on your Two-Factor Authentication make sure to change your password one time to clear out any prior access.

5. Secure email.

All email involving nonpublic, private and confidential client information should be sent utilizing secure email systems. Here is an article from the National Association of REALTORS (NAR) regarding NAR Best Practices https://www.nar.realtor/articles/internet-security-best-practices.

6. Cyber protections.

REALTORS should implement industry standard IT security and cyber protections of their email and computer systems including but not limited to: 1) utilizing strong antivirus software, 2) installing security patches for all operating systems and software applications, 3) logging out or locking their computer when leaving their computer unattended, 4) avoid clicking on suspicious links on websites or within emails and 5) avoid using free WIFI or free charging stations. Free WIFI pretending to be legitimate businesses is often operated by criminals and allows them to access everything being transmitted over WIFI.

When fraud happens. If you suspect a fraud is underway or has happened, act immediately! Contact as many people in your management team as well as at the time company. The bank and FBI need to be contacted immediately among other steps that must be taken. The Cybersecurity unit of the Department of Justice has published the following guidelines for reporting cyber incidents: https://www.justice.gov/sites/default/files/opa/speeches/attachments/2015/04/29/criminal_division_guidance_on_best_practices_for_victim_response_and_reporting_cyber_incidents2.pdf

Sources:

ALTA Wire Fraud Resources:
http://www.tlta.com/TLTA/News_Articles/ALTA_Releases_Several_Resources_to_Help_Protect_Title_Companies_and_Customers_From_Wire_Fraud.aspx
ALTA notice about phishing emails: https://www.alta.org/news/news.cfm?20170801-Phishing-for-Wire-Transfers
ALTA Wire Fraud Red Flags: https://www.alta.org/news/news.cfm?20170725-Red-Flags-to-Protect-Your-Company-Against-Wire-Fraud
ALTA Sample Wire Fraud Warnings: https://www.alta.org/news/news.cfm?20170725-Sample-Wire-Fraud-Warnings-You-Can-Use
FBI’s Public Service Announcement regarding Business Email Compromise: https://www.ic3.gov/media/2017/170504.aspx

Our executive team at Texas National Title is committed to helping our clients talk to customers about preventing wire fraud. David Tandy (CEO) and Latra Szal (COO/Counsel) have been teaching many classes on the topic to local REALTOR groups. If you would like to schedule a class or conference for your office to discuss further please let me know and we will get something scheduled.

To receive more posts like this from Tandy on Real Estate updates direct to your inbox, please subscribe.

 

Cybersecurity: Homograph Attacks

The domain you are visiting online, may not actually be the website you were thinking it was. According to The Register homograph attacks, although not new, are still an issue in modern-day web-browsing. This may not be on your radar, but it is definitely something to be aware of as we continue to live in our online world. Here is what you need to know about homograph attacks, and how to protect yourself.

What is a homograph attack?

According to Malwarebytes Labs, “A homograph attack is a method of deception wherein a threat actor leverages on the similarities of character scripts to create and register phony domains of existing ones to fool users and lure them into visiting. This attack has some known aliases: homoglyph attack, script spoofing, and homograph domain name spoofing.” An example of this is using the Latin alphabet to spoof the letters in a common English domain, e.g. bl00mberg.com or g00gle.com.

How does this affect me?

Cybercriminals are using non-English characters to mimic common English domains in order to trick users. Homograph attacks use a fake, yet believable website to lure you in. These sites are created for phishing, fraudulent purposes, or to introduce malware onto your system. The issue is that every browser builder, certificate authority and registrar have global customers – making their systems and you a potential target.

How can I protect myself?

Here are a few tips from Malwarebytes Labs to help protect yourself.

  1. Regularly update your browser (They may be your first line of defense against homograph attacks)
  2. Confirming that the legitimate site you’re on has an Extended Validation Certificate (EVC).
  3. Avoid clicking links from emails, chat messages, and other publicly available content, most especially social media sites, without ensuring that the visible link is indeed the true destination.

It boils down to being aware of what you click on, before you click on it. Always hover over a link before you proceed to click on the link.

To receive more posts like this from Tandy on Real Estate updates direct to your inbox, please subscribe.

SOURCE:
https://www.theregister.co.uk/2017/04/18/homograph_attack_again/
https://blog.malwarebytes.com/101/2017/10/out-of-character-homograph-attacks-explained/
https://en.wikipedia.org/wiki/Extended_Validation_Certificate

 

Is public WIFI too good to be true?

We love the idea of public WIFI. It is everywhere. It is free. It is easy to connect to. It is convenient. But, is it too good to be true? According to Harvard Business Journal, “over half of the adults in the U.S. have their personal information exposed to hackers each year.” And, 89% of all cyber attacks involve financial or espionage motives according to Verizon’s annual Data Breach Investigation Report.

Hackers love free WIFI
Those same reasons why we love public WIFI are also why hackers love it too. With public WIFI, hackers can get unfettered access to unsecure networks full of personal information they can then use to hack into your life and business. They position themselves between you and your connection point. They then see everything you are sending to the hotspot and pass it on. In this position, they will see anything you transmit over the WIFI network, your email, username and passwords, credit card information, business network credentials… Once they have access to this information they can use it at their leisure and access your systems. Hackers also use unsecure networks to distribute malware which can infiltrate your computer.

One mistake people make using public WIFI

According to USA Today, “If I’ve said it once, I’ve said it a thousand times: Avoid doing anything you would not want anyone in the world to know on public WIFI. You may think you’re safe in that busy café or big-name hotel, but public WIFI is a major liability.” You never know when someone has spoofed a reputable brand’s WIFI network. USA Today’s Stephen Petrow was hacked on a plane, click here for his story. This could happen to anyone.

REALTORS® Beware

Jessica Edgerton, National Association of REALTORS Associate Counsel, warns REALTORS®, “Do not do business over free WIFI” in the NAR training “Wire fraud scams: how to protect your buyer clients”. There is just too much at risk in a real estate transaction to take a chance on an unsecure network.

Below are some steps to help safeguard yourself.

How to safeguard yourself and your business when using public WIFI
The vast majority of hackers are simply going after easy targets. Taking the following precautions should help to keep your information safe.

  1. Be aware

Now that you know that public WIFI is not secure – be cautious and remember that any device can be at risk. This includes your laptop, smartphone or tablet. Be suspicious of wireless networks, and refrain from connecting to unknown or unrecognized wireless access points.

  1. Use a VPN

Make sure to use your Virtual Private Network (VPN) that most businesses use for corporate email and Internet access through an unsecured connection, like public WIFI. This is your first line of defense when on public networks. If hackers do manage to get between you and your connection, the data will be heavily encrypted through the VPN and you will not be an easy target.

  1. Use SSL connections

When you are web browsing make sure you enable to “Always use HTTPS” option on websites you use frequently or that require you to enter credentials. Hackers are smart and if they catch a username and password they will try all of the variations knowing that it will more than likely lead to a password to your online banking, corporate network, or other accounts. Remember, you never want to enter your usernames and passwords in an unencrypted manner. This opens the door for hackers.

  1. Turn off sharing

When using the Internet on public WIFI, turn off your sharing in System Preferences or in your Control Panel. It is unlikely that you will want to share, so best to be safe. You can also let Windows do this for you by choosing the “Public” option when you first connect to the new network.

  1. Avoid using specific types of websites

In the event that you do use public WIFI, avoid going to sites where a cybercriminal could capture your information, i.e. online banking, social media sites, online shopping… If you have to access one of these sites, then use your mobile phone network versus the public WIFI to help protect yourself.

  1. Turn off WIFI when you are not using it
    Even if you are note actively connected to a network, the your WIFI hardware is still transmitting data between any network within range. To be safe, when you are not on the Internet, turn your WIFI off. Work offline until you need to connect. Another benefit to this is you can help to save your battery life too.
  2. Protect yourself

Keep an Internet security solution running on your laptop to constantly scan for malware.

Secure your home wireless network

Having a home wireless network is awesome. You can work from anywhere in your home. It is easy, and becoming a standard in new smart homes. Make sure that you protect yourself at home too.

  1. Don’t use the default password.

Make sure to change from the default password and use a complex password. Click here for tips for creating strong passwords.

  1. Turn off SSID (Service Set Identifier) broadcasting.

This will keep your wireless device/network from announcing its presence to your neighbors and the world.

  1. Change your device’s SSID name.

Change the default SSID name of your device. It is easy for hackers to guess your manufacturer’s default SSID name of your device. Make is harder by changing the default SSID name. And, remember to pick a name that is not easily identified.

  1. Use encryption.

In your connection settings, enable encryption. WPA encryption was the best, but even WPA2 was recently cracked. For the time being there is no safe public WIFI. To protect yourself, you must use a VPN service if you want to hide unencrypted traffic.

  1. Protect yourself.

Make sure you have a great anti-malware product on all of your home computers and devices. When you set this up, remember to set it up to auto-renew so you do not go unprotected. Also, find a great IT resource to help you routinely review your computer and devices to ensure you are running optimally and that you do not have anything running in the background on your computer to compromise you or your network.

To receive more posts like this from Tandy on Real Estate direct to your inbox, please subscribe.

SOURCE:
https://hbr.org/2017/05/why-you-really-need-to-stop-using-public-wi-fi
http://www.verizonenterprise.com/verizon-insights-lab/dbir/2017/
https://www.usatoday.com/story/tech/columnist/2017/08/18/one-mistake-people-make-using-public-wi-fi/577791001/
https://www.usatoday.com/story/tech/news/2016/02/24/public-wifi-gogo-steven-petrow-hack-airplane-email-columnist-vpn/80873010/
http://rebac.net/sites/default/files/Wire%20Fraud%20Scams%201.pdf
https://www.howtogeek.com/204697/wi-fi-security-should-you-use-wpa2-aes-wpa2-tkip-or-both/
http://tandyonrealestate.com/cybersecurity-creating-strong-passwords/
https://www.gizmodo.com.au/2017/10/wi-fis-most-popular-security-method-might-be-broken/

 

 

ALTA urges CFPB to warn consumers about wire fraud schemes

From the American Land Title Association Title News Online.

In a letter to the Consumer Financial Protection Bureau (CFPB), ALTA urged the bureau to issue an alert warning consumers about wire fraud schemes attempting to steal funds for real estate closings.

“Despite efforts by the title industry and others to educate consumers about the risk, homebuyers continue to be targeted,” said Michelle Korsmo, ALTA’s chief executive officer. “With the spring homebuying season underway, it’s vital to continue raising awareness about these schemes. The CFPB should take this opportunity to protect consumers from criminals looking to steal their money.”

The alert should provide tips on how consumers can protect themselves and questions to ask to help determine if real estate professionals have procedures in place to protect their money. ALTA has educated its members over the past few years about these wire fraud schemes, but the best defense is to inform consumers about the danger.

“Unfortunately, these criminals frequently target homebuyers prior to the title company getting involved in the transaction,” Korsmo said. “In many instances, they obtain access to unsecure email accounts used by consumers or real estate professionals. They use this access to find transaction patterns and details to make their fraudulent communications seem legitimate. The criminals will instruct the buyers to send the funds to a different account and the money vanishes in minutes.”

RESOURCE:
http://www.alta.org/news/news.cfm?20170406-ALTA-Urges-CFPB-to-Warn-Consumers-About-Wire-Fraud-Schemes

Keeping it safe

Today safety is something we all think about and often worry about. We have alarm systems for our cars, homes, video surveillance, video doorbells and many other safety features to keep our family and our homes safe. For REALTORS® safety is a part of their daily job and a growing concern. Their own personal safety, as well as the safety of their clients and the homes that they have been entrusted to market and sell. REALTORS meet new people every day. They interact with unknown agents, show homes to people they may have never met before, and staff Open Houses and events for the general public. And, this all to help you market your home. Due to this high exposure, REALTORS must take precaution and approach safety first. Check out this video by the National Association of REALTORS® on personal safety protocols and what to expect when working with a REALTOR. This video is a great resource to share with clients and homebuyers to learn about the potential safety protocols you may encounter when working with a REALTOR®.

For more information on safety, visit REALTOR Safety provided by the National Association of REALTORS.

To receive updates from Tandy on Real Estate direct to your inbox, please subscribe here.

RESOURCES:
https://www.nar.realtor/topics/realtor-safety/articles

Cybersecurity: NAR Email Best Practices

As promised, I will be outlining the National Association of REALTORS® Best Practices from their NAR Data Security and Privacy Toolkit.  The National Association of REALTORS Legal Affairs Department outline the following Best Practices on Email.

Unsecure email accounts are open doors to cyber criminals.  Follow these guidelines to help keep that door securely shut and locked tight.

·        Whenever possible, avoid sending sensitive information via email.

·        If you must send sensitive information via email, make sure to use encrypted email.

·        Never trust contact information in unverified emails.

·        If an email looks even slightly suspicious, do not click on any links in it, and do not reply to it.

·        Clean out your email account regularly.  You can always store important emails on your hard drive.

·        Do not use free wi-fi to transact business.

·        Avoid using free email accounts for business.

·        Use strong passwords.

·        Change your password regularly.

These are quick and easy reminders of good email practices. I cannot emphasize enough the importance of secure email. We are in a very transaction heavy business full of NPPI (non-public personal information), and the information that we share should abide by privacy laws including Gramm-Leach-Bliley Act, should not include NPPI, and must be transmitted via secure, encrypted email. Here is a guide from the Federal Trade Commission on how to comply with the Privacy of Consumer Financial Information Rule. And, as a bonus, here is a webcast offered by the American Land Title Association on Best Practices: Protecting Non-public, Personal Information.

To receive updates from Tandy on Real Estate direct to your inbox, please subscribe here.

RESOURCES:
https://www.nar.realtor/sites/default/files/handouts-and-brochures/2015/protecting-from-cyberfraud-handout-2015-11-24.pdf
http://www.realtor.org/law-and-ethics/nars-data-security-and-privacy-toolkit
https://www.ftc.gov/system/files/documents/plain-language/bus67-how-comply-privacy-consumer-financial-information-rule-gramm-leach-bliley-act.pdf

Cybersecurity: Creating strong passwords

Last week I covered two cybersecurity topics Protecting your business and Protecting your cell phone. Today, I wanted to give you a quick tip on how to create strong passwords to help protect your accounts. Strong passwords help to prevent unauthorized users from using your computer, systems and applications. Check out the list of the worst passwords according to Forbes. Hopefully your passwords do not make the list. If they do, the tips below will help you to create a stronger password.

While not fool proof, creating a stronger passwords can help to reduce the chances of becoming a victim of a hacker according to a hacker himself in Advice from a Real Hacker.

  1. Choose a random set of characters that are the maximum that your system will accept. The longer the password, the harder it is to hack.
  2. Use at least 8 characters.
  3. Do not use a dictionary word. Dictionary words are easy to crack.
  4. Do not use your username or name in your password.
  5. Does not use a complete word.
  6. Use at least one of every character type in your password, i.e. uppercase, lowercase, a number and a special character.
  7. Never just use numbers. Don’t use a password made completely of numbers with not uppercase or lower case letter. The 10-digit number key pad do not provide many options for your password, and can be easily broken into.
  8. Use different passwords for different accounts. Using the same password across all of your account is just plain risky. Try varying your passwords, and using a system that works for you.
  9. Create a passphrase for your password where the character limits allow the space.

Remember your strong passwords are only as good as where you store them, so make sure to keep your passwords secure. And, do not leave them by your computer. If you have a hard time remembering all of your passwords, you can always use a trusted password manager. Check out Consumer Reports for more info on password managers, and see PC Magazine for the Best Password Managers of 2017.

Another way to protect yourself is to set-up two-factor authentication.

I hope you find this helpful. To receive updates from Tandy on Real Estate direct to your inbox, please subscribe here.

RESOURCES:
http://www.inman.com/2015/03/19/awa-access-without-authorization-hacking-and-what-it-means-to-real-estate/
https://null-byte.wonderhowto.com/how-to/advice-from-real-hacker-protect-yourself-from-being-hacked-0157218/
https://null-byte.wonderhowto.com/how-to/advice-from-real-hacker-create-stronger-passwords-0156907/
https://support.microsoft.com/en-us/instantanswers/9bd5223b-efbe-aa95-b15a-2fb37bef637d/create-a-strong-password
https://en.wikipedia.org/wiki/Passphrase
https://www.forbes.com/sites/ygrauer/2017/01/23/2016s-worst-passwords-are-just-as-bad-as-2015s-so-please-tell-me-yours-is-not-on-the-list/#2f0da6f33879
http://www.pcmag.com/article2/0,2817,2456400,00.asp
http://www.consumerreports.org/digital-security/everything-you-need-to-know-about-password-managers/
http://www.pcmag.com/article2/0,2817,2407168,00.asp

Cybersecurity: Protecting your cell phone

Where would we be without our smart phones today? You can basically conduct your business via your cell phone. It is amazingly convenient, easy to access and backup, and a powerful efficiency tool. But, it is also not without its security issues.

Today cell phone usage blurs the lines between our personal and business lives. From our contacts, online banking, social media accounts, fitness apps, games to our emails and business applications, our phones house access to our life’s operating system. And, with this they store a mass of sensitive information. The National Association of REALTORS says that, “more sensitive data about you and your work (passwords, credit card numbers, contacts, messages, e-mail) is accessible from your mobile device than any other piece of technology you have. Inman News says that REALTORS are walking around with a bulls eye on their back for hackers.

Here are 6 tips to protect your smart phone from The National Association of REALTORS:

  1. Enable your device’s screen lock and change the PIN regularly.
  2. Experts advise against saving passwords at individual sites, such as Amazon or Chase, because they can become saved deep in your phone’s memory. Instead, use an app designed specifically for saving passwords. Click here to learn about password managers.
  3. Update all your apps regularly. Updates provide needed security patches.
  4. Know and regularly review your phone’s security and permission settings. Have you given Facebook permission to access your e-mail contacts?
  5. Use public Wi-Fi with caution. When you’re on a café’s public Wi-Fi, for example, the café has access to everything you transmit, from text messages to data.
  6. Only download apps from a known app store to avoid apps filled with dangerous pieces of malware that could steal your sensitive data.

And, as a business owner RISMedia advises that you should also have the ability to remote track and wipe smart phones to protect your business.

I hope this is helpful to safeguard your smart phones. To receive updates from Tandy on Real Estate direct to your inbox, please subscribe here.

SOURCES:
https://www.nar.realtor/articles/legal-you-re-the-ideal-target-for-cybercrime
http://www.inman.com/2015/03/19/awa-access-without-authorization-hacking-and-what-it-means-to-real-estate/
http://rismedia.com/2014/08/07/3-cybersecurity-tips-that-can-pay-off-for-your-business/#close
https://en.wikipedia.org/wiki/Password_manager

Cybersecurity: Protecting your business

REALTORS beware – you are the perfect target for cybercrime
According to The National Association of REALTORS (NAR), “big-name breaches make good headlines, but smaller businesses make easy targets for online criminals. This is partly because many small-business owners believe they are “below the radar” for cybercrime and thus fail to implement safety measures to protect themselves from attack.” There are more than 12 cybercrimes per second. Per NAR, “by 2019, cybercrime will cost businesses an estimated $2 trillion annually.” This post is to help you and your clients to avoid being the next victim.

The dangers of the World Wide Web and specifically, wire fraud
This sounds like a scary headline from 2000 when businesses first started going online. But, now in 2017, the dangers are oh so real. At the REALTORS® Legislative Meetings & Trade Expo in Washington, D.C.  in May NAR General Counsel Katie Johnson identified wire fraud as a “sophisticated scam causing consumers to lose millions of dollars each year.” This according to “The Threat of Wire Fraud is Real” by Erica Christoffer and Graham Wood of REALTOR Magazine. When she asked the audience of real estate professionals if they knew of someone who had been a victim of wire fraud, 1/3 of the audience raised their hand. She then detailed the following:

“Hackers are gaining access to e-mail accounts through captured passwords, and they’ll search inboxes for messages related to real estate transactions, Johnson said. Once they find a victim who’s in the process of buying a home, they’ll send a spoof e-mail that looks like it’s from their agent, title representative, or attorney, and it will say there are “new” wiring instructions, which includes a fraudulent account. The home buyer will then unwittingly wire funds directly into the hacker’s account. Once they send it, the money is gone. Millions of dollars are lost on this.”

MortgageFraudBlog.com gives point in case to Johnson’s scam where fraudulent emails were used to conduct wire fraud and bank fraud from escrow deposits in June 2016 involving three companies and hurting 6 victims with the scam.

How to protect your business
Here are some tips to make sure you take the proper precautions online.

  1. Maintain a data security policy. See samples of policies here.
  2. Maintain a document retention and destruction policy. Identify how long to keep documents and how to destroy the information safely. Be sure to work with your legal counsel to create this.
  3. Notify affected parties of a security breach. Remember immediacy and transparency are key in your communications. In the event of a data breach reference the Federal Trade Commission’s Data Breach Response: A Guide for Business.
  4. Use tech to safeguard personally identifiable information. Implement certain technology-based protections, such as maintaining appropriate firewalls and password controls.
  5. Use strong passwords. Here is how to create a strong password.
  6. Establish procedures for wire transfers and communicate with your clients what to expect in the transaction and what communications they will receive from you. Here are some tips from Clareity Consulting on “Reducing the Risk of Real Estate Wire Fraud”.
  7. And, finally, FOLLOW YOUR POLICIES and educate your associates.

The dangers of free wi-fi
According to KnowBe4, “you should always watch what Wi-Fi hotspots you connect to, and use a VPN to help keep your sensitive information out of the hands of hackers.” If you connect to free wi-fi that is unprotected, the provider could have access to what you transmit over their network. For example, at the Republican National Convention, attendees were hacked by a fake wi-fi network. Here’s what happened per Stu Sjouwerman,

“The PR people at Avast decided to have some fun and created a series of fake Wi-Fi networks at various locations around the Republican National Congress in Cleveland. Avast’s team set up several networks, using names such as “Trump free Wifi” or “Google Starbucks,” which were designed to look as though they were set up for convention attendees. Upon connecting, trusting a random and unprotected network they found in a public setting, the users unwittingly gave Avast access to spy on their devices. Over the course of a day, Avast found over a thousand attendees that were completely negligent in their device’s security. Over 60 percent of the users who connected had their identity completely exposed, and slightly less than half of them checked their email or used messenger apps.”

This is scary business, literally. Lesson learned – Remember to always use a secure network with a username and password, and use a VPN when conducting business. Say to yourself now, “No more free wi-fi – it is NOT worth the risk.”

I hope this is helpful as you work to strengthen your cybersecurity practices. I urge you to download Protecting Your Business and Your Clients from Cyberfraud from The National Association of REALTORS to make sure you have your cybersecurity bases covered. This includes Best Business Practices, Best Email Practices, Best Transaction Practices and Best Damage Control Practices. I will cover these Best Practices in future blog posts, so stay tuned.

To receive updates from Tandy on Real Estate direct to your inbox, please subscribe here.

RESOURCES:
https://www.nar.realtor/articles/legal-you-re-the-ideal-target-for-cybercrime
http://www.csoonline.com/article/3019126/security/security-policy-samples-templates-and-tools.html
https://www.nar.realtor/law-and-ethics/protecting-your-business-and-your-clients-from-cyberfraud
https://blog.knowbe4.com/scam-of-the-week-rnc-attendees-get-hacked-through-fake-wi-fi-networks
https://www.ftc.gov/tips-advice/business-center/guidance/data-breach-response-guide-business
http://realtormag.realtor.org/for-brokers/network/article/2016/05/threat-wire-fraud-real
https://clareity.com/wp-content/uploads/2016/08/Reducing-the-Risk-of-Real-Estate-Wire-Fraud.pdf
https://www.rt.com/news/cybercrime-victims-number-grow-427/
https://null-byte.wonderhowto.com/how-to/advice-from-real-hacker-create-stronger-passwords-0156907/
http://www.mortgagefraudblog.com/exclusive-criminal-complaint-concerning-fraudulent-emails-diverting-escrow-deposits/

 

Cybersecurity: Protecting your children online

As a technologist, I am fascinated by bringing our businesses online to create efficiencies and with this, our obligation to provide cybersecurity. In my first blog post on cyber security, I talked about cyber breaches. In my second blog post today on cybersecurity, I would like to talk about our jobs as parents to protect our children in a changing social world. In future posts, I will be covering how you can protect both yourself and your business. Stay tuned to Tandy on Real Estate for these.

According to Shakespeare, “the world is our oyster”, or so it seems now that pretty much anything and everything is available online – whether it is a fact, or as we hear so much of now, an “alternative fact”. What we should remember is, in our world of immediate access, we still need to protect ourselves, and most importantly, our children.

The first thing to remember when approaching cybersecurity is that anything placed online CANNOT be permanently deleted. It will always be online. The “International Information Systems Security Certification Consortium” (ISC2) states that, “anything posted or sent through the Internet is impossible to fully remove.” It is our duty as parents to communicate this to our children, and to help them to build healthy online habits that will protect them as they grow up in their social world.

Here are few tips for child safety from ISC2 and the social networks themselves:

1.       Get to know the social networks. Research these social networks, and remember to include your children in the research process.

a.       Facebook – Facebook’s Parent’s Portal on Safety@Facebook

b.       Instagram – Instagram’s Tips for Parents

c.       Twitter – Twitter Tips for Families

d.       Vine – Tech Guide for Parents on Vine

e.       SnapChat – Snapchat Safety Center

2.       Realize there are age requirements to most social networks and respect these rules- they are in place for a reason.

3.       Make parental approval of social groups or networks part of your house rules.

4.       Talk about what is an acceptable and respectable post.

5.       “Friend” or “follow” your kids so you can check in on their social media activity. You don’t have to participate, just take a look as often as possible.

6.       Data provided to a social network is stored and, most of the time, it is shared by default. Ensure your child’s profile is set to Private. Go into settings and help them adjust the default controls.

These are just a few tips for parents. The biggest part is to start the conversation with your children about social networks, their privacy and how they can participate in the online conversation safely.

Here are a few tips on getting the conversation started 

To receive more Tandy on Real Estate updates direct to your inbox, please subscribe.

SOURCE:
https://safeandsecureonline.org/parents-guardians/
https://safeandsecureonline.org/wp-content/uploads/2016/04/Social-Media.pdf
https://www.facebook.com/safety/parents
https://www.facebook.com/safety
https://www.facebook.com/safety/parents/tips
https://help.instagram.com/154475974694511/
https://about.twitter.com/safety/families
http://www.techguide4parents.com/what-is-the-vine/
https://www.snapchat.com/safety/
https://iamcybersafe.org/

 

 

© 2017 Tandy On Real Estate — Powered by WordPress

Theme by Anders NorenUp ↑