Phishing is similar to fishing. Except instead of trying to lure fish, perpetrators attempt to lure unsuspecting people into providing sensitive information or data.
The kind of information targeted commonly includes passwords, bank account numbers and credit card numbers.
Data protection and safeguarding of sensitive client information is of paramount importance for real estate agencies. This is to protect your customers as well as the reputation and future viability of your real estate agency.
How Do Phishing Scams Work?
These scams are conducted over email, phone calls, social media or through text messages. It usually involves a scammer pretending to represent a legitimate business such as a bank or internet service provider.
They might then try to retrieve sensitive information by asking you to provide or confirm your details because of a ‘technical error that led to a loss of information’ or because of ‘unauthorised or suspicious activity on your account’. Other times, they may redirect you to a fake version of a legitimate website you might visit.
Common Warning Signs
Many phishing scams copy the format and branding of organisation they claim to represent. However, there are some warning signs such as:
- Grammatical errors and typos
- Phony email addresses that are close to the real thing, e.g. firstname.lastname@example.org
- A website asking for details it usually doesn’t ask for
- Suspicious attachments and hyperlinks (hovering over will usually display where it’s going to take you)
If your computer slows down unexpectedly or new icons begin popping up, it could also be an indication that it’s been compromised.
How to Protect Your Agency
Be wary when opening links and attachments. If you are suspicious, search the internet for information referencing the scam. Always ensure you are logging into secure websites. This is identifiable by a green padlock or with ‘https’ in the browser. Secure websites always use ‘https:’ as opposed to ‘http:’ at the start of the address.
Never provide your personal details over the phone to someone claiming to be from your bank or any other organisation. Ask for their name and contact number instead and independently verify with the organisation before calling them back and giving them any information.