Connect with us

Real Estate Technology

Hackers target associations – how to protect your brokerage, yourself

(TECHNOLOGY) Hackers are increasingly targeting associations, and while they set their own policies to protect themselves, here’s how to do the same for you and your company.

Published

on

associations hackers

It all seemed so routine. For officials of both the Henderson (TX) and Boulder Valley(CO) public school districts, the email that they received from an existing construction vendor asking them to update their automated payments to new bank information was nothing seemingly out of the ordinary.

Only when vendors began to inquire about the status of payments that the districts had sent did the districts come to realize that the routine change had made themselves the victims of a scam known as a BEC, or a Business Email Compromise.

In each case, the losses ran into the hundreds of thousands of dollars before being discovered. Henderson ISD lost approximately $610,000 to the hackers and Boulder Valley Public Schools lost approximately $870,000. The fiscal hit was accompanied by reviews of and changes to their operating procedures to ensure that such a loss wouldn’t happen again in the future.

While the districts tied their losses to public transparency, with information about the vendors and the scope of work that each was involved with available on their websites, government officials said that such schemes are typically quite sophisticated and ongoing long before any request for money, in order to establish a level of trust with their victims.

Secret Service Agent Bill Mack, speaking to the Tyler Morning Telegraph, noted that “[w]e’ve seen an uptick in the number of cases…Contact is often made long before the request for money. Criminals will use a compromised network to gather information about the target. Then, appearing to be a legitimate representative of the vendor, they will often request a simple change in account numbers.

With FBI estimates as to the annual cost of cybercrime reaching over $2 billion dollars annually, and those losses only partially recovered through either the efforts of law enforcement or insurance, it’s important to recognize the fact that as scammers and hackers expand beyond the tired trope of the 419/Nigerian Prince, they’re now targeting new avenues, such as governmental entities and private associations (perhaps even your local real estate board/association).

While professional associations have been the targets of hackers since at least 2010, according to Ed Schipul, they’re coming under increasing levels of attack.

As a professional member of an organization, we depend on their advice, counsel, and information about upcoming trends and events. We rely on the communication that we receive from them to be timely, accurate, and most importantly, not be harmful to us, professionally or personally.

Assuming that the associations themselves are taking steps to protect their cybersecurity, how do we, as members protect ourselves from hackers?

The Federal Deposit Insurance Corporation (FDIC) has tips on staying safe from hackers in an ever-connected world:

• Be suspicious if someone contacts you unexpectedly online and asks for your personal information.
• Only open emails that look like they are from people or organizations you know, and even then, be cautious if they look questionable.
• Be especially wary of emails or websites that have typos or other obvious mistakes.
• Verify the validity of a suspicious-looking email or a pop-up box before providing personal information.
• Don’t immediately open email attachments or click on links in unsolicited or suspicious-looking emails.
• Install good anti-virus software that periodically runs to search for and remove malware.
• Be diligent about using spam (junk mail) filters provided by your email provider.
• Don’t visit untrusted websites and don’t believe everything you read.
• Criminals might create fake websites and pop-ups with enticing messages intended to draw you in and download malware.

In the case of officials at the districts, one measure that was implemented in each is worth remembering in a click-and-send era; they promised to have their respective staffs pick up the phone and call the vendor when any type of banking information was requested, to verify the request before providing information.

When dealing with our associations, if we receive an email or other outreach that seems out of character for them, it’s a good reminder to call and ask them if they’d intended to send it out before we take electronic action.

Get The American Genius
in your inbox

subscribe and get news and exclusive content to your email inbox

Roger is a Staff Writer at The Real Daily and holds two Master's degrees, one in Education Leadership and another in Leadership Studies. In his spare time away from researching leadership retention and communication styles, he loves to watch baseball, especially the Red Sox!

Real Estate Technology

Microsoft adds a powerful security layer and you should use it now

(TECHNOLOGY) Microsoft is packing a punch with their new feature dedicated to folders – and because you likely handle sensitive info, you’ll want to start using it immediately.

Published

on

microsoft two factor authentication 2fa

In an era during which online privacy’s validity is underscored by leaked personal information and doxxing attempts, any attempt to add a layer of security is appreciated. To that end, Microsoft OneDrive users will be pleasantly surprised by its new feature: an encrypted folder protected by two-factor authentication.

Microsoft OneDrive’s aptly named Personal Vault is the answer to skepticism around online storage. The folder will be added to existing and future OneDrive users’ file pages, and any files synchronized between your desktop and the Personal Vault folder will be encrypted both on your computer and in the cloud. To access these files, you will need to go through Microsoft’s two-factor authentication.

For those not in the know, two-factor authentication—often abbreviated as “2FA”—requires you to log in from two points: the credential page and a secondary location, such as your phone or a verified email address. Typically, 2FA services prompt you for your login information, after which point they will send a login code to your registered phone number or a different email address; you’ll enter the code before being allowed to continue.

As you might imagine, 2FA makes it nearly impossible to fake someone’s credentials in order to log into their account; to do so, one would need both the correct credentials and physical access to the user’s 2FA device or email address. It’s this layer of security that makes the Personal Vault folder a step up from competing cloud storage services, but hopefully we’ll see 2FA working its way into Google Drive soon.

It’s also pertinent to note that the Personal Vault will avoid caching your files if you’re using the web version of OneDrive on an unregistered computer, so it’s clear that OneDrive’s emphasis on security this time around extends past the initial file access.

There are a few drawbacks to 2FA, chief among which is the lack of convenience. If you leave your Personal Vault folder open and idle for more than a few minutes, it will lock again, forcing you to go back through the 2FA process. Additionally, if you lose access to your phone or your backup email address unexpectedly, recovering your files can be a hassle.

That said, you can’t put a price on the peace of mind that this security brings — especially when it means the files you handle with sensitive info, are safe. It’s worth the mild inconvenience and the extra few seconds to keep them that way.

Get The American Genius
in your inbox

subscribe and get news and exclusive content to your email inbox

Continue Reading

Real Estate Technology

RealEye tracks more than site clicks, it tracks where people look

(TECHNOLOGY) RealEys is website tracking software that tells you more than just how many people look at your site or where they click. RealEye tells you where they look, too!

Published

on

accountability

One of the beauties of the Internet era is the data we can see on direct consumer behaviors. Heat maps and website analytics can allow us to see how consumers actually act.

However, unconscious behaviors, the kind that lead to actions taken on a site or app, continue to elude us. RealEye wants to change that.

This software, which can be viewed on ProductHunt, uses “webcam eye-tracking software you are able to follow your user’s eyes and see exactly what they see while looking at your website.”

This way, you can see what people study (and don’t study) before they engage an action on a specific page.

Because this tech is tied to a webcam, you aren’t limited to testing on web pages. According to a comment from creator Adam Cellary, “you can test layouts (png/jpeg) and based on results – correct your designs!”

The company utilizes a vetted pool of testers to review sites with the software, and the data is sent back to customers for their analysis. Customers pay for frequency of access to that test group.

Now, some of you may be thinking, “that’s a lot of sensitive data on someone’s face being recorded. What about the privacy issues associated with that?”

Thankfully, the product doesn’t collect recordings.

Instead, it records behavior as data points. The point on the page where users look is logged on an x/y axis, along with time spent looking at that particular coordinate. The app also tracks scroll offset.
Because this data is set up as raw numbers, privacy is protected and the data can be easily migrated into a heat map format.

A/B testing is the most obvious application. If you want to see which product page layout leads to a better conversion rate, RealEye provides some of the most accurate data on how consumers perceive each design.

That’s because users can’t “cheat” this kind of testing.

Using the eye mapping data, you can see which page features instantly draw in your users.

Right now, the most effective testing results are found on desktop. Because mobile screens are so small, it is hard to find meaningful variety in user behavior using those results.

One would imagine this will change down the road.

Get The American Genius
in your inbox

subscribe and get news and exclusive content to your email inbox

Continue Reading

Real Estate Technology

No tech skills needed to build a lead gen chatbot in 5 minutes

(TECH NEWS) Create your very own AI chatbots with this awesome new free to start service, no tech knowledge required. Warning: It’s kind of fun and can lead to shenanigans.

Published

on

landbot chatbot

Artificial Intelligence (AI) is on the rise and innovating quickly. Chatbots featuring AI are becoming increasingly prominent on company websites for more cost-effective, 24/7 customer support and lead generation.

You don’t need to be tech savvy to set up Landbot’s new easy-to-use AI chatbot builder. As long as you have a basic grasp of how to use a computer and the internet, Landbot has you covered.

Landbot offers users a platform to create customized chatbots for customer support, lead generation, and analytics tracking. It launched eight months ago on Product Hunt, earning over 1,700 upvotes and ranked in the Top 200 Products of all time.

Their homepage features a friendly chatbot happy to answer all of your questions. The chatbot also serves as an example of what your very own chatbot could look like if you sign up.

Signing up is as easy as briefly chatting with the bot, providing your name, company or project title, and email address. Lucky you, the sandbox version is not only super user-friendly, but also free to use.

And trust me, the two hours I spent playing around with it are testament to how fun and easy it is to build a chatbot.

No AI, coding, or chatbot knowledge are required to use Landbot 1.0. Simply follow along with the tutorial, learning how to drag, drop, and connect blocks to create conversational interfaces.

Begin with the start message, which is the first thing customers will see. From here, you can create new blocks to build flows. Each block functions as either a question or a message.

Question blocks can have any number of answer types, including pre-set buttons, free text fields, or specific information like asking for contact info.

In the simple message blocks, you can add links, photos, YouTube videos, or custom HTML. Everything is laid out on a grid and connected by dragging an arrow from one block to the next.

Blocks can loop back to previous ones, creating a customizable loop. For bonus fun, you can test out a preview version of your bot to make sure you connected everything correctly.

Once you’ve got your basic conversation flow laid out, customize your bot’s appearance by editing a template or creating a design scheme from scratch. Background, fonts, and color can all be edited to personalize your bot.

Special features include app integration, where you can get Slack notifications when someone using the bot needs help. Automated emails can be sent to qualified leads, ensuring a human on your team follows up with the customer.

Manage leads with access to a table of details, exportable as a .CSV file for record keeping. Analytics are available showing user metrics, flow analytics, and if you incorporated surveys, then collected results.

While Sandbox is free to use, some of the more advanced features are only available if you throw down for a monthly subscription. Landbot offers three pay-to-play options, starting at €20 /month (around $25 USD) for the Starter plan.

Play around with Landbot’s platform and craft yourself a neat new chatbot pal, pal!

Get The American Genius
in your inbox

subscribe and get news and exclusive content to your email inbox

Continue Reading
Advertisement

Our Parnters

Get The Daily Intel
in your inbox

Subscribe and get news and EXCLUSIVE content to your email inbox!

Emerging Stories

Get The American Genius
in your inbox

subscribe and get news and exclusive content to your email inbox