Cyber-criminals
are finding new methods every day to steal personal and financial information.
Their techniques range from phishing scams to buffer overflow techniques and
brute-force password hacking. Banking institutions have found themselves under
attack far more than usual in recent years, and have in turn begun
to incorporate stronger
security measures in an attempt to block hackers. As a result, many
scammers/hackers have moved on to what they believe are "easier
targets." focusing on normal people rather than financial institutions,
Just last week, the Federal Trade Commission and the National Association of
Realtors issued a warning to consumers that they must be
hyper-vigilant in order to avoid recent phishing schemes that have been
targeting closing costs on real estate transactions.
The
National Association of Realtors, along with the Federal Trade Commission,
issued their statement warning people to be on the look-out for a specific
scheme targeting those involved in a real estate transaction. First, the
hackers gain access to the email account of a customer, real estate agent, or
escrow officer, and use the information to keep up-to-date on the transaction and
determine the closing date. When they have figured out the closing date, the
scammer sends an email that has been masked in such a way that they are able to
impersonate the escrow company, title company, or real estate agent, telling
the customer that the wiring instructions had a last-minute change. If the
customer takes the bait, they send their funds to the scammer's account, which
can be emptied in minutes.
Sepulveda Escrow utilizes encrypted and secure email when sending documents with sensitive and confidential information. In addition, documents can be returned via email through this secure portal. Sepulveda Escrow has also instituted new procedures to contact Clients directly to confirm details, rather than relying on email or contact through a third party. (Please see end of this blog for some helpful tips.)
Another
example of phishing is when a hacker contacts a target or a group of targets under the guise of an Official informing them that they have been the victim of
a scam. They then tell the recipient that they can help them fix the damage,
but first ask for certain sensitive information like Social Security number or
bank information, to "verify" what data had been "stolen."
While you may look at this and think that the scheme is too obvious to be
effective, statistics show that approximately 0.4% of recipients fall prey to
such attacks. In other words, if a mass email is sent to 10,000 people, about
40 of them will have their information successfully stolen.
While
phishing is historically the easiest and most effective method by which hackers
are able to steal personal or financial information, there are several other
methods. A buffer overflow attack, used by more sophisticated hackers, involves
inputting many lines of code into an online form in order to overload the
system and allow the hacker to steal data inputted by previous customers. A
brute-force password hack involves a computer program that inputs all kinds of
combinations of letters, numbers, and symbols, until the correct password has
been found and the hacker has gained access to an email or other kind of online
account.
Finally,
hackers often package viruses or worms into free online software or as
attachments to mass emails. Such viruses can enable the hacker to record
keystrokes, thus giving them access to many of your passwords, or enable them
to access built-in microphones or webcams on laptops. Simply opening such an
email or downloading an infected attachment can lead to a virus being installed
on your computer or mobile device. Fortunately, anti-virus software can often
help to detect and remove these viruses, but hackers are constantly finding new
ways to avoid detection by your anti-virus program. The best way to avoid getting
such viruses is to be careful when downloading anything, and to avoid opening
any emails that seem suspicious or come from unknown or unreliable sources.
Here are
some tips to help you avoid being affected by similar scams. First and
foremost, if something doesn't look right or feels even a little bit
suspicious, don't hesitate to double-check it. Don't rely too much on emails.
Instead, pick up the phone and call your escrow officer or realtor to make sure
that everything you have received is correct. Don't open email attachments you aren't expecting. Additionally, you shouldn't trust
financial information that has been sent via email, nor should you send any of
your own financial information via email, because it usually isn't secure. In
general, wiring instructions are sent by fax or encrypted email message.
When inputting personal information on a website, check the address
for "https," of which the "s" stands for secure, meaning
that your information will be better protected.
Be very careful when
opening attachments or downloading anything from an email, no matter who sent
it to you. Just because you recognize the email address, doesn't mean that the
message actually came from the person you associate with that email address.
It's possible that a scammer could have hacked a friend's email, or could have
disguised their email to appear as if the message came from a friend's email
address. Proceed with caution. Being aware and cautious can save you a lot
of hassle in the long run.
Biggest Tip: Following up on the phone after sending an email may seem burdensome, but we at Sepulveda Escrow find that it is always worthwhile to go the extra mile to avoid financial losses and potential lawsuits.
***************************************************************************************************
Find out more about us at www.sepulvedaescrow.net. Any Questions? Contact our Escrow Expert! Sepulveda Escrow Corporation (818) 838-1831. Follow our company on Facebook, Twitter, LinkedIn, and Google+.
Find out more about us at www.sepulvedaescrow.net. Any Questions? Contact our Escrow Expert! Sepulveda Escrow Corporation (818) 838-1831. Follow our company on Facebook, Twitter, LinkedIn, and Google+.
***************************************************************************************************
No comments:
Post a Comment