Last year, more than 143 million people had their data exposed by a databreach perpetrated against Equifax. Cybercrimes against large corporations such as Target or The Home Depot are top news stories. However, hackers are far more likely to target small businesses like your brokerage. In fact, companies with less than 250 employees are the most targeted by hackers, according to a report from Symantec.
Because of the nature of the job, REALTORS® are often on-the-go, using a personal phone and public WiFi network, putting you and your clients at a much higher risk of exposure. As REALTORS®, you’re trusted by your clients with sensitive information, such as Social Security numbers, bank account information and drivers’ license numbers. While you’re collecting this data for credit checks or mortgage documents, you’re also opening your clients up to irrevocable damage if it ends up in the wrong hands. Though there aren’t federal laws on data breaches that specifically apply to brokerages, there are laws in many states, including Illinois. State law requires companies to notify clients of a security breach and to encrypt or destroy client data companies collect.Yet, a survey by Manta found 1 in 3 small businesses have no type of cyber protections, including encryption, antivirus software or firewalls in place. If your brokerage does not have a data security program in place, the Federal Trade Commission has five simple principles to keep in mind:- Take Stock – Ensure you know what personal information you have on file.
- Scale Down – Don’t hold onto data you no longer need.
- Lock It – Secure the data your business needs.
- Pitch It – Get rid of data you don’t need.
- Plan Ahead – Create a data security plan.
- Back up old emails: Criminals can use keywords from old emails you sent five years ago against you. If you need to hold on to older emails, consider storing them in an external hard drive.
- Use a Password Manager: Everything requires a password now. As tempting as it is to use the same password for everything, recall recent hacks from Best Buy and MyFitnessPal which exposed logins and passwords for their sites. With tens of millions of records exposed, you may not even know that your password for another site is easily accessible on the web. That’s why a password manager, a service that securely stores complex passwords for many sites, is so useful. Many password managers offer a yearly subscription plan that typically costs less than $30.
- Educate Staff: Hackers only need one click on a fraudulent link to gain access to your entire company’s network. Managing Brokers should reiterate the importance of being vigilant and using good judgement online for all staff.
- Hire an IT adviser:考虑到伊利诺斯州的数据法,券商应该存在ure they are compliant and safeguarded against possible exposure. For a smaller brokerage, using an IT adviser may be a more affordable option than hiring someone full time. An advisor can set up a security plan and perform maintenance monthly, as needed.
- Check to See If You’re the Victim of a Breach:You can type your email address intoHaveIBeenPwned.com,a website created by a software developer that checks your account against publicly shared data by hackers.
PROTECT YOUR CLIENTS AGAINST REAL ESTATE CYBER CRIME
A growing scam among hackers is real estate wire fraud, which has cost consumers over $5 billion in financial losses from real estate wire fraud since 2013, according to FBI statistics. In this scam, hackers send an email to a buyer about to close on a home with fake wiring instructions. The perpetrators pose as a real estate attorney, seller, representative of the title company or other trustee to trick buyers into wiring away their savings – and technology has allowed this scam to flourish. One way scammers can accomplish this impersonation is through email spoofing. Spoofing allows a scammer to forge an email address to make it appear that it’s coming from a colleague or client. These criminals can gain access to your company’s network and send an email posing as you if anyone in your office clicks a malicious link. Another less technical way crooks can fool you is by creating an email address that is one letter off from the legitimate one, i.e. “@ChicagoRELATOR.com,” which can be difficult to spot at first glance. If you or a client clicks through a spoofed email, sophisticated criminals may even use company letterhead and forged signatures to make their bogus wire instructions appear more legitimate. The best way to prevent your clients from becoming the victim of wire fraud is by educating them early. Wire instructions rarely change, so tell your clients to always confirm by calling you and the title company before wiring any amount. If instructions do change, they won’t come without a phone call first. More and more of our personal data is being used online every day. News stories detailing hundreds of millions of stolen records continue to grow, not dissipate, so it’s critical for you to ensure you and your clients are protected against costly cyber crime.