“Cybercrime is increasing exponentially, and the reality is that’s the 21st century,” said John Iannarelli, who served 20 years as an FBI special agent and national spokesperson. Iannarelli spoke yesterday during a PAR webinar about how cyber criminals target the real estate industry and how Realtors® can protect themselves and their businesses from attacks.
What makes real estate vulnerable to cybercrime?
Iannarelli noted that the FBI receives about 30,000 cybercrime complaints nationally each month, the vast majority of which go unreviewed. He shared that real estate is the third most targeted industry by cybercriminals.
“Number one, real estate is where the money is. You guys are doing about $32 trillion in transactions every single year,” he reasoned. “Likewise, if I’m a cybercriminal and I steal your money, I get to spend it. If I steal your information, I get to spend it again and again and again. You guys are chock full of information.”
What kind of information are cybercriminals after?
“PII in the cyber world is personally identifiable information,” Iannarelli said. “That’s all the data you collect – the names, addresses, social security numbers, dates of birth, etc. Anything that will help identify an individual that they use to get a credit card, get a loan, make any sort of transaction where they require personal information.”
By nature of their business, Realtors® have access to and store a great deal of PII that can be stolen, putting their clients and their businesses at risk.
What kinds of cybercrime are specific to real estate?
Cybercriminals most use wire fraud, also known as business email compromise, to target Realtors®, said Iannarelli. A criminal might hack into a vulnerable Realtors®’ website to watch their email traffic and look for pending transactions. They can then create an email that looks very similar to that Realtor’s® (for example, maybe it’s one letter different) and send the Realtor’s® client their own wiring instructions. The client might not notice the different email address and send their money to the criminal instead.
“That money is usually gone before people even realize that anything’s happened,” he said, adding, “Even if you’re an innocent victim in all of this, it can still affect your reputation and how people think about you. That’s why you want to take precautions.”
What precautions can you take against wire fraud?
When it comes to wire fraud, Iannarelli said the best way to protect yourself is to confirm all information with your clients via phone call. If you send them wiring information for a transaction, call them on the phone and have them read the information back to you to ensure that they’ve received the correct instructions.
How else can Realtors® protect themselves from cybercrime?
“Just delete, don’t respond,” Iannarelli advised of phishing and spam messages. Many times, these messages will include a link that cybercriminals want you to click on. Opening these links can download dangerous malware onto your device. He urged Realtors® not to click on any suspicious, unfamiliar or unexpected links.
“Just think: what are they trying to achieve? What are they trying to take advantage of? Who wants this gift card? Who wants money? If it’s out of the norm, it’s a clear sign it’s a scam,” he explained. “If it’s within the norm, still pick up the phone and verify. No one’s going to fault you for being cautious, because you’re protecting everybody by doing that.”
He also encouraged Realtors® to protect all their devices. While many people have antivirus software programs on their computers, they often forget about their phones, which they carry with them and use every day. Protecting your phone by downloading antivirus software onto it is just as important.
What should offices be doing to protect personal information?
“Companies have to have policies,” Iannarelli said. “You have to have a policy of how you handle sensitive information and what the rules are. You shouldn’t be transferring or transmitting information unless you’re doing it through some sort of encryption.”
In addition to forming and enforcing these policies, he encouraged offices to conduct cybersecurity training and refresh office members annually to keep them up to date on ways to protect themselves.
What do I do if I’m a victim of a cyberattack?
You can file a complaint with the Internet Crime Complaint Center at ic3.gov.
However, because so many complaints are filed each month, Iannarelli warned that yours may not be viewed in a timely manner or deemed a priority. He recommended reporting through your bank directly for the best results, as they typically have mechanisms in place to deal with cybercrime and fraud.
What about phishing, spam calls, credit fraud and other cybercrime?
For more tips and information from Iannarelli, view the webinar recording.
Topics
Member Discussion
Recent Articles
-
Seller’s Property Disclosure: From the Buyer’s Side
- May 9, 2025
- 4 min. read
A lot of education about the Seller’s Disclosure Law is about a seller’s responsibilities. But what are some things that buyers (and their agents) should be taking into consideration when reviewing the Seller’s Property Disclosure Statement?
-
1 in 3 Underestimate Energy Upgrade Costs
- May 8, 2025
- 2 min. read
Despite the cost of energy-efficient upgrades, 90% of those surveyed said they didn’t regret their decision to make them.
-
Home Insurance Rates Rose for 2 in 3 Policyholders in 2024
- May 7, 2025
- 2 min. read
From 2023 to 2024, the majority (35%) said their home insurance rates increased by 5.0% to 9.9%. A considerable 21% said their rates rose 10.0% to 19.9%.
Daily Emails
You’ll be the first to know about real estate trends and various legal happenings. Stay up-to-date by subscribing to JustListed.
