Phishing scams hitting the real estate industry hard
20 August 2018
Even though the real estate market in the UK isn’t exactly riding high at present and house prices grew by a little over 2 percent this year, hundreds of thousands of people are still looking for their future homes everyday, checking out offerings from real estate firms, interest rates, resale values, and quotes from sellers.
Like all other industries in this digital age, a bulk of real estate deals and transactions are now taking place online, with real estate firms managing dedicated websites and forums for people to book new homes, make payments, or put up their homes for sale. And like all other industries, the real estate market is highly vulnerable to cyber criminals looking to gain access to PII and financial information of gullible buyers.
A recent report from Proofpoint has revealed how cyber criminals are now using tried-and-tested phishing tactics, such as creating fake domains, carrying out business email compromise, and putting up fake digital signature icons on malicious websites to defraud home buyers on a massive scale.
According to the firm, the vast majority of fake documents intended to lure victims into divulging their personal information to fraudsters are drafted or designed in a way that they appear to come from realtors, closing companies, DocuSign, and other firms involved in the real estate industry.
Fake DocuSign lures to defraud homebuyers
DocuSign, the digital signature giant which boasts over 85 million users worldwide including millions in the UK alone, lets people authenticate online documents, purchase orders, and agreements with their unique digital signatures. While the platform is all about convenience and the saving of precious time, it is also true that if fraudsters gain access to digital signatures of people, they could use the same to carry out many fraudulent transactions online without alerting such victims.
Considering that DocuSign is used widely in the real estate industry both by consumers and real estate firms, cyber criminals have crafted ingenious methods to defraud the former. According to Proofpoint, DocuSign lures crafted by fraudsters are not just credential-stealing tactics, but are designed to encourage recipients to log into fake Docusign landing pages with third-party credentials.
For instance, fraudsters are using fake landing pages to phish for Microsoft Office 365, AOL, and generic email credentials by linking such landing pages with URLs of compromised sites that are designed to target homebuyers. Some landing pages also abuse real estate brands to increase the sense of legitimacy for potential victims.
“In several other cases, we also observed generic email credential phishing pages with URLs that referenced closing or closing documents. Thus, threat actors can easily reuse generic templates with more targeted campaigns,” the firm noted.
“Real estate search sites and nationally recognized real estate franchises all made their way into phishing templates. Threat actors, as they often do, co-opted these brands and their graphics and then used social engineering techniques to convince potential homebuyers to enter email credentials to access additional content like “secured auction pages”,” it added.
Attacks on real estate firms
Aside from targeting buyers and attempting to steal their credentials, fraudsters are also targeting real estate brands with business email compromise attacks and by using Remote Access trojans (RATs). Using such tools, fraudsters are stealing sensitive information that includes personal and banking information of such firms and their consumers.
BEC attacks are also being carried out on “mortgage companies using typosquatted domains and social engineering attempting to initiate fraudulent transfers of funds, rounding out the range of threats revolving around real estate.”
“Real estate frequently involves high-stakes, rapid transactions for all involved parties. The number of emails exchanged during these transactions can be overwhelming with numerous documents changing hands, digital signatures passing to different entities, and more.
“Consumers should be exceedingly vigilant in their interactions with parties claiming to be involved in ongoing real estate transactions while realtors, mortgage brokers, and other industry organizations should educate customers about security and take steps to avoid abuse of their brands. Moreover, real estate professionals should implement layers of protection against increasingly frequent attacks on the industry,” the firm added.