{"id":13851,"date":"2019-08-21T09:12:14","date_gmt":"2019-08-21T14:12:14","guid":{"rendered":"https:\/\/theamericangenius.com\/housing\/?p=13851"},"modified":"2019-08-21T10:50:19","modified_gmt":"2019-08-21T15:50:19","slug":"hackers","status":"publish","type":"post","link":"https:\/\/theamericangenius.com\/housing\/real-estate-tech\/hackers\/","title":{"rendered":"Hackers target associations &#8211; how to protect your brokerage, yourself"},"content":{"rendered":"<p>It all seemed so routine. For officials of both the Henderson (TX) and Boulder Valley(CO) public school districts, the email that they received from an existing construction vendor asking them to update their automated payments to new bank information was nothing seemingly out of the ordinary. <\/p>\n<p>Only when vendors began to inquire about the status of payments that the districts had sent did the districts come to realize that the routine change had made themselves the victims of a scam known as a BEC, or a <em>Business Email Compromise<\/em>. <\/p>\n<p>In each case, the losses ran into the hundreds of thousands of dollars before being discovered. Henderson ISD lost approximately $610,000 to the hackers and Boulder Valley Public Schools lost approximately $870,000. The fiscal hit was accompanied by reviews of and changes to their operating procedures to ensure that such a loss wouldn\u2019t happen again in the future. <\/p>\n<p>While the districts tied their losses to public transparency, with information about the vendors and the scope of work that each was involved with available on their websites, government officials said that such schemes are typically quite sophisticated and ongoing long before any request for money, in order to establish a level of trust with their victims. <\/p>\n<p>Secret Service Agent Bill Mack, speaking to the <a href=\"https:\/\/tylerpaper.com\/news\/local\/henderson-isd-falls-victim-to-fraud-scheme\/article_78563c14-ce5f-11e8-a9e4-1b3611a387ce.html\" rel=\"noopener noreferrer\" target=\"_blank\">Tyler Morning Telegraph<\/a>, noted that \u201c[w]e\u2019ve seen an uptick in the number of cases&#8230;Contact is often made long before the request for money. Criminals will use a compromised network to gather information about the target. <strong>Then, appearing to be a legitimate representative of the vendor, they will often request a simple change in account numbers.<\/strong>\u201d<\/p>\n<p>With FBI estimates as to the annual cost of cybercrime reaching over $2 billion dollars annually, and those losses only partially recovered through either the efforts of law enforcement or insurance, it\u2019s important to recognize the fact that as scammers and hackers expand beyond the tired trope of the 419\/Nigerian Prince, they\u2019re now targeting new avenues, such as governmental entities and private associations (perhaps even your local real estate board\/association).<\/p>\n<p>While professional associations have been the targets of hackers since at least 2010, according to Ed Schipul, they\u2019re coming under increasing levels of attack. <\/p>\n<p>As a professional member of an organization, we depend on their advice, counsel, and information about upcoming trends and events. We rely on the communication that we receive from them to be timely, accurate, and most importantly, <em>not be harmful to us<\/em>, professionally or personally.<\/p>\n<p>Assuming that the associations themselves are taking steps to protect their cybersecurity, how do we, as members protect ourselves from hackers? <\/p>\n<p>The Federal Deposit Insurance Corporation (FDIC) has tips on staying safe from hackers in an ever-connected world:<\/p>\n<p>\u2022\tBe suspicious if someone contacts you unexpectedly online and asks for your personal information.<br \/>\n\u2022\tOnly open emails that look like they are from people or organizations you know, and even then, be cautious if they look questionable.<br \/>\n\u2022\tBe especially wary of emails or websites that have typos or other obvious mistakes.<br \/>\n\u2022\tVerify the validity of a suspicious-looking email or a pop-up box before providing personal information.<br \/>\n\u2022\tDon\u2019t immediately open email attachments or click on links in unsolicited or suspicious-looking emails.<br \/>\n\u2022\tInstall good anti-virus software that periodically runs to search for and remove malware.<br \/>\n\u2022\tBe diligent about using spam (junk mail) filters provided by your email provider.<br \/>\n\u2022\tDon\u2019t visit untrusted websites and don\u2019t believe everything you read.<br \/>\n\u2022\tCriminals might create fake websites and pop-ups with enticing messages intended to draw you in and download malware. <\/p>\n<p>In the case of officials at the districts, one measure that was implemented in each is worth remembering in a click-and-send era; they promised to have their respective staffs pick up the phone and call the vendor when any type of banking information was requested, to verify the request before providing information. <\/p>\n<p>When dealing with our associations, if we receive an email or other outreach that seems out of character for them, <strong>it\u2019s a good reminder to call<\/strong> and ask them if they\u2019d intended to send it out before we take electronic action. <\/p>\n","protected":false},"excerpt":{"rendered":"<p>(TECHNOLOGY) Hackers are increasingly targeting associations, and while they set their own policies to protect themselves, here&#8217;s how to do the same for you and your company.<\/p>\n","protected":false},"author":337679,"featured_media":13855,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"wds_primary_category":0,"footnotes":"","jetpack_post_was_ever_published":false,"_links_to":"","_links_to_target":""},"categories":[93],"tags":[311,713,625,1234],"class_list":["post-13851","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-real-estate-tech","tag-associations","tag-hackers","tag-privacy","tag-real-estate-news"],"jetpack_featured_media_url":"https:\/\/theamericangenius.com\/housing\/wp-content\/uploads\/sites\/2\/2019\/01\/associations-hacked-protect.jpg","jetpack_sharing_enabled":true,"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/theamericangenius.com\/housing\/wp-json\/wp\/v2\/posts\/13851","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/theamericangenius.com\/housing\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/theamericangenius.com\/housing\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/theamericangenius.com\/housing\/wp-json\/wp\/v2\/users\/337679"}],"replies":[{"embeddable":true,"href":"https:\/\/theamericangenius.com\/housing\/wp-json\/wp\/v2\/comments?post=13851"}],"version-history":[{"count":8,"href":"https:\/\/theamericangenius.com\/housing\/wp-json\/wp\/v2\/posts\/13851\/revisions"}],"predecessor-version":[{"id":14079,"href":"https:\/\/theamericangenius.com\/housing\/wp-json\/wp\/v2\/posts\/13851\/revisions\/14079"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/theamericangenius.com\/housing\/wp-json\/wp\/v2\/media\/13855"}],"wp:attachment":[{"href":"https:\/\/theamericangenius.com\/housing\/wp-json\/wp\/v2\/media?parent=13851"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/theamericangenius.com\/housing\/wp-json\/wp\/v2\/categories?post=13851"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/theamericangenius.com\/housing\/wp-json\/wp\/v2\/tags?post=13851"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}