Tandy On Real Estate

Tag

VPN

Is public WIFI too good to be true?

We love the idea of public WIFI. It is everywhere. It is free. It is easy to connect to. It is convenient. But, is it too good to be true? According to Harvard Business Journal, “over half of the adults in the U.S. have their personal information exposed to hackers each year.” And, 89% of all cyber attacks involve financial or espionage motives according to Verizon’s annual Data Breach Investigation Report.

Hackers love free WIFI
Those same reasons why we love public WIFI are also why hackers love it too. With public WIFI, hackers can get unfettered access to unsecure networks full of personal information they can then use to hack into your life and business. They position themselves between you and your connection point. They then see everything you are sending to the hotspot and pass it on. In this position, they will see anything you transmit over the WIFI network, your email, username and passwords, credit card information, business network credentials… Once they have access to this information they can use it at their leisure and access your systems. Hackers also use unsecure networks to distribute malware which can infiltrate your computer.

One mistake people make using public WIFI

According to USA Today, “If I’ve said it once, I’ve said it a thousand times: Avoid doing anything you would not want anyone in the world to know on public WIFI. You may think you’re safe in that busy café or big-name hotel, but public WIFI is a major liability.” You never know when someone has spoofed a reputable brand’s WIFI network. USA Today’s Stephen Petrow was hacked on a plane, click here for his story. This could happen to anyone.

REALTORS® Beware

Jessica Edgerton, National Association of REALTORS Associate Counsel, warns REALTORS®, “Do not do business over free WIFI” in the NAR training “Wire fraud scams: how to protect your buyer clients”. There is just too much at risk in a real estate transaction to take a chance on an unsecure network.

Below are some steps to help safeguard yourself.

How to safeguard yourself and your business when using public WIFI
The vast majority of hackers are simply going after easy targets. Taking the following precautions should help to keep your information safe.

  1. Be aware

Now that you know that public WIFI is not secure – be cautious and remember that any device can be at risk. This includes your laptop, smartphone or tablet. Be suspicious of wireless networks, and refrain from connecting to unknown or unrecognized wireless access points.

  1. Use a VPN

Make sure to use your Virtual Private Network (VPN) that most businesses use for corporate email and Internet access through an unsecured connection, like public WIFI. This is your first line of defense when on public networks. If hackers do manage to get between you and your connection, the data will be heavily encrypted through the VPN and you will not be an easy target.

  1. Use SSL connections

When you are web browsing make sure you enable to “Always use HTTPS” option on websites you use frequently or that require you to enter credentials. Hackers are smart and if they catch a username and password they will try all of the variations knowing that it will more than likely lead to a password to your online banking, corporate network, or other accounts. Remember, you never want to enter your usernames and passwords in an unencrypted manner. This opens the door for hackers.

  1. Turn off sharing

When using the Internet on public WIFI, turn off your sharing in System Preferences or in your Control Panel. It is unlikely that you will want to share, so best to be safe. You can also let Windows do this for you by choosing the “Public” option when you first connect to the new network.

  1. Avoid using specific types of websites

In the event that you do use public WIFI, avoid going to sites where a cybercriminal could capture your information, i.e. online banking, social media sites, online shopping… If you have to access one of these sites, then use your mobile phone network versus the public WIFI to help protect yourself.

  1. Turn off WIFI when you are not using it
    Even if you are note actively connected to a network, the your WIFI hardware is still transmitting data between any network within range. To be safe, when you are not on the Internet, turn your WIFI off. Work offline until you need to connect. Another benefit to this is you can help to save your battery life too.
  2. Protect yourself

Keep an Internet security solution running on your laptop to constantly scan for malware.

Secure your home wireless network

Having a home wireless network is awesome. You can work from anywhere in your home. It is easy, and becoming a standard in new smart homes. Make sure that you protect yourself at home too.

  1. Don’t use the default password.

Make sure to change from the default password and use a complex password. Click here for tips for creating strong passwords.

  1. Turn off SSID (Service Set Identifier) broadcasting.

This will keep your wireless device/network from announcing its presence to your neighbors and the world.

  1. Change your device’s SSID name.

Change the default SSID name of your device. It is easy for hackers to guess your manufacturer’s default SSID name of your device. Make is harder by changing the default SSID name. And, remember to pick a name that is not easily identified.

  1. Use encryption.

In your connection settings, enable encryption. WPA encryption was the best, but even WPA2 was recently cracked. For the time being there is no safe public WIFI. To protect yourself, you must use a VPN service if you want to hide unencrypted traffic.

  1. Protect yourself.

Make sure you have a great anti-malware product on all of your home computers and devices. When you set this up, remember to set it up to auto-renew so you do not go unprotected. Also, find a great IT resource to help you routinely review your computer and devices to ensure you are running optimally and that you do not have anything running in the background on your computer to compromise you or your network.

To receive more posts like this from Tandy on Real Estate direct to your inbox, please subscribe.

SOURCE:
https://hbr.org/2017/05/why-you-really-need-to-stop-using-public-wi-fi
http://www.verizonenterprise.com/verizon-insights-lab/dbir/2017/
https://www.usatoday.com/story/tech/columnist/2017/08/18/one-mistake-people-make-using-public-wi-fi/577791001/
https://www.usatoday.com/story/tech/news/2016/02/24/public-wifi-gogo-steven-petrow-hack-airplane-email-columnist-vpn/80873010/
http://rebac.net/sites/default/files/Wire%20Fraud%20Scams%201.pdf
https://www.howtogeek.com/204697/wi-fi-security-should-you-use-wpa2-aes-wpa2-tkip-or-both/
http://tandyonrealestate.com/cybersecurity-creating-strong-passwords/
https://www.gizmodo.com.au/2017/10/wi-fis-most-popular-security-method-might-be-broken/

 

 

Cybersecurity: Protecting your business

REALTORS beware – you are the perfect target for cybercrime
According to The National Association of REALTORS (NAR), “big-name breaches make good headlines, but smaller businesses make easy targets for online criminals. This is partly because many small-business owners believe they are “below the radar” for cybercrime and thus fail to implement safety measures to protect themselves from attack.” There are more than 12 cybercrimes per second. Per NAR, “by 2019, cybercrime will cost businesses an estimated $2 trillion annually.” This post is to help you and your clients to avoid being the next victim.

The dangers of the World Wide Web and specifically, wire fraud
This sounds like a scary headline from 2000 when businesses first started going online. But, now in 2017, the dangers are oh so real. At the REALTORS® Legislative Meetings & Trade Expo in Washington, D.C.  in May NAR General Counsel Katie Johnson identified wire fraud as a “sophisticated scam causing consumers to lose millions of dollars each year.” This according to “The Threat of Wire Fraud is Real” by Erica Christoffer and Graham Wood of REALTOR Magazine. When she asked the audience of real estate professionals if they knew of someone who had been a victim of wire fraud, 1/3 of the audience raised their hand. She then detailed the following:

“Hackers are gaining access to e-mail accounts through captured passwords, and they’ll search inboxes for messages related to real estate transactions, Johnson said. Once they find a victim who’s in the process of buying a home, they’ll send a spoof e-mail that looks like it’s from their agent, title representative, or attorney, and it will say there are “new” wiring instructions, which includes a fraudulent account. The home buyer will then unwittingly wire funds directly into the hacker’s account. Once they send it, the money is gone. Millions of dollars are lost on this.”

MortgageFraudBlog.com gives point in case to Johnson’s scam where fraudulent emails were used to conduct wire fraud and bank fraud from escrow deposits in June 2016 involving three companies and hurting 6 victims with the scam.

How to protect your business
Here are some tips to make sure you take the proper precautions online.

  1. Maintain a data security policy. See samples of policies here.
  2. Maintain a document retention and destruction policy. Identify how long to keep documents and how to destroy the information safely. Be sure to work with your legal counsel to create this.
  3. Notify affected parties of a security breach. Remember immediacy and transparency are key in your communications. In the event of a data breach reference the Federal Trade Commission’s Data Breach Response: A Guide for Business.
  4. Use tech to safeguard personally identifiable information. Implement certain technology-based protections, such as maintaining appropriate firewalls and password controls.
  5. Use strong passwords. Here is how to create a strong password.
  6. Establish procedures for wire transfers and communicate with your clients what to expect in the transaction and what communications they will receive from you. Here are some tips from Clareity Consulting on “Reducing the Risk of Real Estate Wire Fraud”.
  7. And, finally, FOLLOW YOUR POLICIES and educate your associates.

The dangers of free wi-fi
According to KnowBe4, “you should always watch what Wi-Fi hotspots you connect to, and use a VPN to help keep your sensitive information out of the hands of hackers.” If you connect to free wi-fi that is unprotected, the provider could have access to what you transmit over their network. For example, at the Republican National Convention, attendees were hacked by a fake wi-fi network. Here’s what happened per Stu Sjouwerman,

“The PR people at Avast decided to have some fun and created a series of fake Wi-Fi networks at various locations around the Republican National Congress in Cleveland. Avast’s team set up several networks, using names such as “Trump free Wifi” or “Google Starbucks,” which were designed to look as though they were set up for convention attendees. Upon connecting, trusting a random and unprotected network they found in a public setting, the users unwittingly gave Avast access to spy on their devices. Over the course of a day, Avast found over a thousand attendees that were completely negligent in their device’s security. Over 60 percent of the users who connected had their identity completely exposed, and slightly less than half of them checked their email or used messenger apps.”

This is scary business, literally. Lesson learned – Remember to always use a secure network with a username and password, and use a VPN when conducting business. Say to yourself now, “No more free wi-fi – it is NOT worth the risk.”

I hope this is helpful as you work to strengthen your cybersecurity practices. I urge you to download Protecting Your Business and Your Clients from Cyberfraud from The National Association of REALTORS to make sure you have your cybersecurity bases covered. This includes Best Business Practices, Best Email Practices, Best Transaction Practices and Best Damage Control Practices. I will cover these Best Practices in future blog posts, so stay tuned.

To receive updates from Tandy on Real Estate direct to your inbox, please subscribe here.

RESOURCES:
https://www.nar.realtor/articles/legal-you-re-the-ideal-target-for-cybercrime
http://www.csoonline.com/article/3019126/security/security-policy-samples-templates-and-tools.html
https://www.nar.realtor/law-and-ethics/protecting-your-business-and-your-clients-from-cyberfraud
https://blog.knowbe4.com/scam-of-the-week-rnc-attendees-get-hacked-through-fake-wi-fi-networks
https://www.ftc.gov/tips-advice/business-center/guidance/data-breach-response-guide-business
http://realtormag.realtor.org/for-brokers/network/article/2016/05/threat-wire-fraud-real
https://clareity.com/wp-content/uploads/2016/08/Reducing-the-Risk-of-Real-Estate-Wire-Fraud.pdf
https://www.rt.com/news/cybercrime-victims-number-grow-427/
https://null-byte.wonderhowto.com/how-to/advice-from-real-hacker-create-stronger-passwords-0156907/
http://www.mortgagefraudblog.com/exclusive-criminal-complaint-concerning-fraudulent-emails-diverting-escrow-deposits/

 

© 2017 Tandy On Real Estate — Powered by WordPress

Theme by Anders NorenUp ↑