As a small business owner you probably have a lot of things
keeping you up at night. Your use of E-mail in doing business probably
wasn't one of them, until you read this post.
E-mail was not designed to be secure. It was created to be a simple electronic messaging platform for trusted networked computers back in the late 1960's, and grew in use during the 1990's. It eventually replaced both the telephone and the fax machine as the primary communication medium for business in the 2000's. Its security flaw of being "trusted" remains from its original 1960's design, and is what has also made it the preferred attack vector for cyber criminals to defraud both individuals and businesses. Rather than dwell on what we can't change, let's focus on what we can.
The E-mail Interloper
Over the last year a very popular type of e-mail hacking has been
targeting attorneys, loan officers, and realtors. (Although there have been
similar scams with vendor payments and payroll provider settlements) A
hacker compromises one of these party's e-mail accounts. Rather than make
their presence known, they will just sit back and read through the person's
e-mails and wait for the right situation to arise, usually a real estate
transaction. Once the hacker knows the particulars of the deal, they wait
until the time of closing and then send an e-mail from the compromised party's
e-mail account stating to the buyer or the buyer's agent that the wiring
instructions for the settlement has changed and to use the new bank routing and
account number to transfer the proceeds of the transaction. The buyer
then sends the wire to the hacker's bank, and by the time all the parties
figure out what has occurred, the hacker has since moved the money to several
other banks and eventually wires the funds to an overseas bank and
"poof" hundreds of thousands, potentially millions are gone. If
that wasn't bad enough, now everyone gets lawyer-ed up to try and figure out
who is at fault, and the real mess begins. Regardless of whether you are
the buyer, seller, a real estate agent, or attorney, this can be a business
nightmare as both the money and the deal are gone.
Security Tip: If you are in the real estate business, or another business
where you frequently send wires to different parties, always pick up the phone
and call a number (that you already have on file) and verify with the receiving
party the wiring instructions before sending the funds. A simple five
minute phone call will defeat an e-mail take over scam, and will also
demonstrate to your customers and business partners that you take security and
doing business with them seriously. If your clients are the ones sending
funds, remind them to do this one simple thing to protect themselves, and your
commission.
Be Secure!
@tjmprofessional
No comments:
Post a Comment