This is the opening to an article published this week on Bays News 9 (we posted a link to it below): “Katie and John Waterman just bought a new house in Tampa. Everything was going great – until their real estate agent’s email was hacked…”
This article is about a realtor in the Tampa Bay area whose email was hacked, monitored and then used to ask her clients to wire more escrow money.
The FBI calls it “Business Email Compromise” and warns that it’s an “emerging global threat. It’s very sophisticated and very lucrative for the organized criminals who are perpetrating these crimes.”
Here are some tips from the FBI to help protect yourself against Business Email Compromise:
- Verify changes in vendor payment location and confirm requests for transfer of funds.
- Be wary of free, web-based email accounts, which are more susceptible to being hacked.
- Be careful when posting financial and personnel information to social media and company Web sites.
- Regarding wire transfer payments, be suspicious of requests for secrecy or pressure to take action quickly.
- Consider financial security procedures that include a two-step verification process for wire transfer payments.
- Create intrusion-detection-system rules that flag emails with extensions that are similar to company email but not exactly the same (e.g, .co instead of .com.)
- If possible, register all Internet domains that are slightly different than the actual company domain.
- Know the habits of your customers, including the reason, detail and amount of payments. Beware of any significant changes.
Link to Bay News 9 article: