The real estate industry has been the second largest target of cyberattacks since mid-2017, according to a new report from a digital security firm — highlighting the need for agents, brokers, and other professionals to be aware and use security measures when corresponding online and sending information via email.
The report, from Proofpoint and out today, found that real estate companies have suffered an average of 277 cyber attacks since the third quarter of 2017. Only the biotech industry saw more attacks per company during that period, the report notes, and real estate was more targeted than consulting, construction, engineering and numerous other industries.
During the third quarter of 2018 alone, real estate companies saw an average of 54 attacks per company, which was the third highest among the industries identified in the report. Proofpoint did not specify which companies were impacted, or even if they were real estate brokerages, title companies, mortgage lenders, tech vendors, or some other category of real estate businesses.
Credit: Proofpoint
Proofpoint offers cybersecurity services and compiled the report by examining data related to its clients’ email, social media, and other online tools.
Why real estate is being targeted
Ryan Terry, a senior product marketing manager at Proofpoint, told Inman in an email that the real estate industry makes a tempting target for attackers because its “high-value transactions occur frequently and mainly take place digitally.” He also pointed out that there are multiple people involved in real estate transactions, giving “fraudsters multiple opportunities to insert themselves.”
Ryan Terry
“There is also a great deal of publicly available information about real estate that enables the fraudsters to easily identify targets and insert themselves into these digital transactions,” Terry added.
Be on the lookout for phishing, urgent emails, and transfer requests
Cyber attacks come in a variety of forms including credential phishing (sending faked emails or forms to trick recipients into handing over credentials like passwords), URL-based attacks, and email fraud. The Proofpoint report describes instances in which attackers try to “convey a greater sense of urgency” via subject lines that include words such as “request” and “payment.” Such attacks were up 48 precent during the third quarter of 2018.
Spoofing a user’s display name is also an exceedingly common tactic and accounted for more than 99 percent of all fraudulent emails last quarter, up from 90 percent during the previous quarter, according to the report.
Terry said that most real estate-focused email attacks are customized and use “believable, and often expected, requests for personal information and payments.”
“For example, a first-time home buyer is awaiting a down payment request from a lender and is therefore in a vulnerable situation if they receive a fraudulent email asking for a wire transfer for the expected amount,” he explained.
In addition to email, social media profiles remain “key vectors for fraud and theft,” according to the report, though protections from companies such as Twitter and Facebook have “cut phishing links by 90% vs. a year ago.”
Who is at risk?
Terry said that last quarter 14 percent of attackers targeting the real estate industry went after a CFO, 9 percent went after procurement personnel, and 9 percent went after a human resources department. He added that the prevalence of independent contractors in the real estate industry can increase risk because with multiple “points of entry” it becomes more “difficult for people to identify suspicious anomalies in their communications.”
How to bolster your defenses
The report recommends a number of precautions companies can take to protect themselves including training employees to spot malicious email, investing in custom email quarantine and blocking tools, and making sure the attacks never even reach their targets in the first place.
“Attackers will always find new ways to exploit human nature,” the report states. “Find a solution that spots and blocks inbound email threats targeting employees before they reach the inbox.”