As you may know, September is REALTOR Safety Month, so all month long we are going to focus on just that, how to protect yourself and your business. This week, Craig Grant will be focusing on how to protect Yourself and more importantly your clients’ from Wire Transfer, Listing Scams, Hackers & More. Trust us, you don’t want to miss this week’s webinar!
Wednesday, September 26th @ 3 PM EST
Instructor: Craig Grant
Privacy is an increasingly rare commodity these days. Just search for yourself on Intelius.com and take note of the information they are handing out about you for free. For a significant amount of pocket change, one can uncover the real scoop—a true testament to the fact that our personal information is worth something to legitimate businesses as well as criminals.
Today’s Realtors are faced with an ever-increasing number of privacy and safety concerns. There are multiple reasons for this. For Advertising purposes, Realtors often publish pictures and personal details and sometimes reveal location information unknowingly. Secondly, they rely heavily on technology (computers, smartphones, and tablets), that can be hacked if preventative measures are not in place. In addition, there are transactions such as short sales which require Realtors to collect and store the same information that data criminals seek. And herein lies the problem. For many of us words like “spoof” and “phish”—that relate to receiving bogus e-mails—are not part of our everyday lexicon, nor do we want them to be. But the time has come for everyone in the real estate industry to get educated in this digital economy. Knowledge and awareness is the name of the game or the consequences can be devastating.
A few unsuspecting real estate professionals in different parts of the country have realized the painful truth in this reality. They were victims of what is now referred to as The Wire Fraud Scam. While this scheme has played out in several different ways, it leads to the same downfall – a hacker successfully attacked. In a nutshell an agent receives wiring instructions from her closing attorney, unaware that Hacker Joe has placed himself in the middle of transmission and changed the routing account information in the email before it gets forwarded to the buyer. On the receiving end, the buyer complies with the instructions, and in doing so, makes a 20% deposit into Hacker Joe’s account.
Time to Tighten it Up
In light of this example and a growing number of other scams pervading the real estate industry I believe a review of some key privacy guidelines and rules are in order.
Consider taking the following actions to protect your privacy and secure your data.
1. The First Step – Your Online Self-Assessment
Your first step to online privacy and protection is to know what information you already have online. When was the last time you Googled yourself? What websites are sharing information about you? What private information are you storing on your computer?
These are only a few of the questions you need to answer to begin your self-assessment. If you find highly confidential information on any website (i.e. images of your signature or your social security number), you can request a removal from Google and other search engines. Simply do a search using the keyword phrase “Removing content from Google” for directions on how to do this.
2. Stop using Public Wi-Fi Networks
Hackers who creep onto public Wi-fi networks are hoping that you haven’t received the all-important memo years ago that began with “Never Use a Pubic Wi-fi Network.” If you fail to heed this warning, you need to realize that you are wide open to potential hackers who insert themselves into the line of communication in order to harvest your account passwords and read your e-mail. If you think a hacker had to go through extensive training to learn how to do this, think again—think Google and YouTube.com. There are video tutorials online that demonstrate how easy it is to do this.
There are other spots where a virtual agent might work or conduct business, such as a coffee shop, which is an ideal place for a hacker to set up a fake network. Even worst, if you stay on such a public Wi-fi long enough, a hacker can take complete control of your computer.
Protect yourself and don’t take the bait. Use a Virtual Private Network (VPN). Service providers like Private Internet Access (PIA) charge a nominal fee per month to encrypt your data so hackers cannot see it and Tunnel Bear is a VPN service provider with a free option up to 500MB.
3. Adhere to strict email security rules
Chances are good that you have received a phishing message in your InBox. This message appears urgent and comes from a known source such as FedEx or a bank in your area, when in fact it’s a scam designed to get your attention, to persuade you to click on the webpage and enter your personal details. Never click on the link – you could download a virus that affects everyone on your network. Beware of a suspicious email from someone you know. Unfortunately, your friend’s email contact database could have been hacked. If in doubt, pick up the phone and call them.
Lastly, if sensitive financial data is being sent over the Internet, use email encryption.
Most VPNs have this feature. If you are not using a VPN, Info-encrypt.com is a free, web-based service for easily securing your email that does not require installation on a PC. There are also videos on youtube.com on how to encrypt an email in Gmail or Outlook. For large real estate firms, there are enterprise options from HP Securemail and Hushmail.com.
4. Perform a Facebook Privacy Check up
The number one place that people voluntarily relinquish their right to privacy is a social network. Remember once on the Internet, always on the Internet, so do not post anything you would not share with the world—forever. Most of Facebook’s one billion users do not realize that everytime they update their Facebook timeline or profile, search engines are immediately notified and soon indexes this new information.
Action Item: If you do not want other search engines to link to your Facebook timeline, visit your Settings and select Privacy from the left column. Under the Who Can Look me Up? Section, look for the question Do you want other search engines to link to your timeline? Click Edit and change this setting to No.
5. Clear your browser history and cookies
Cookies are tiny pieces of code that websites attach to your computer to store information about you and your activities on their website. Cookies remember your preferences and can save you a good bit of typing. However, if you are trying to tighten up your online privacy it is a good practice to clear your cookies and delete your browser history on a regular basis.
6. Password protect your hardware
This is a simple but important requirement for your computer and mobile devices. For your mobile devices, fingerprint recognition is a great option. Those who oppose this option argue, “But I trust my family and co-workers.” To be clear, requiring authentication is necessary in case your laptop or mobile device is lost or stolen.
In addition, make sure you use strong passwords (not the four-digit simple passcode) for your devices and for online applications, use only passwords that contain uppercase letters, numbers, and symbols.
7. Consider two-factor authentication for business related applications
There’s another way to ensure your accounts are never hacked and involves the use of two-factor authentication. Accounts such as Google, Facebook, Evernote, and Dropbox give you this option, just to name a few. In this way you will need your smartphone as well as your account password to login.
8. Practice Mobile Safety
Did you know that a picture taken on your smartphone with location services turned On embeds GPS metadata into the photo? With proper software someone can pinpoint your exact location, including latitude and longitude coordinates. Keep it simple and disable locations services if you know you will be uploading a picture to the web. Other mobile safety precautions include:
Keep your operating system up-to- date. New updates addresses bug fixes and also keeps your device safe from the latest threat.
Check the image on your lockscreen. If your device is lost then found by a good Samaritan, will they be able to contact you? While there are apps for this, you can use simply write on an existing image in your photo album using the free app Skitch.
9. Mask Your IP Address
When you land on a website you leave a footprint in the form of IP information. It gives a website owner, at the very least, your location and service provider. For example a site owner looking at analytics will recognize me as a visitor from Atlanta. By using an IP masker, this will not be the case.
10. Get Notified if Your Name is Mentioned Online
If your name is ever mentioned on a public page online, you might want to know. You can do this by going to www.google.com/alerts. Make sure you have a Google Alert setup with your first and last name in quotations (Example – “Juanita McDowell”). The quotations tell the search engine to keep string of words together. If you are logged into your Gmail account, the email will be delivered to this address. If you prefer it be sent to another address, log out so it will prompt you for another email address.
No doubt there will always be personal information that you need to keep private. As a Realtor serving the public, maintaining online anonymity is a major challenge. With daily advances in technology it is hard to go anywhere online where our information is not being tracked or accessed. The solution is not to avoid the digital landscape, but to exercise caution and remember these important guidelines to ensure that you will not compromise your privacy and therefore your security.
A REALTOR® Is Only As Good As Their Online Reputation
In any service oriented industry one’s reputation and image are vital, but in real estate where every transaction is one of the biggest decisions in a person’s life, it is paramount. In the old days it was easier to build, maintain and monitor one’s reputation because it typically existed within your circle of influence and local market.
Those were the good old days. Now the Internet has allowed us to expand our reach to a global audience and all of our communications have gone digital (e-mail, voicemail, text message, social media, forums, etc.). This means they are permanent, and especially with the rise of social media, easily distributable. So if you make one little mistake or have one irrational client who wants to defame you, it can hurt all of the good will you have built up over the years and potentially ruin your business.
Now there are so many social media & customer review sites, chat rooms, forums, etc. that your customers and prospective customers could be talking about you on. So how do you focus on your “job” as a REALTOR® and yet somehow keep up with all of this? Lucky for you, here are some great tips & tools available to help you manage your online reputation:
- Always think before you hit Send or Submit as you can’t take it back. Also, always try to use proper online & offline etiquette & avoid negative situations (disagreements, petty or trivial activities, etc.) that can be used against you.
- Google YOURSELF, and see what shows up and know what you are up against; you know your prospective clients will.
- Set up Google Alerts – enter any keyword or phrase and receive an e-mail newsletter of links to web pages or articles anytime those words are mentioned online
- Monitor the mentions & direct messages on social media sites (or use aggregation tools like com to consolidate this effort)
- Create a defined presence for yourself online. Everything you have online (your website, blog, social media profiles, etc. should be similarly named (com) and linked to each other (AddThis.com). This gives the consumer (as well as the search engines like Google) a clear picture of who you are online. If you want to take it a step further for Google, create an account at Klout.com that will also track your online activity. If you are going to choose one social media site to create a profile on, make it LinkedIn as it is typically the first thing that shows up when someone searches for your name.
- Check how you are faring on customer review sites like Yelp, Zillow, com and HomeAdvisor.com. When it comes to Yelp, you may also want to check out the list of affiliate vendors (plumbers, electricians, etc.) you typically recommend to your clients to make sure they make you look good because if a client has a negative experience with one of your referrals it can negatively reflect on you.
- While it impossible to rule out being implicated in a listing related scam (most commonly on CraigsList), you can monitor your listings’ online activity by creating a listing activity report at com or Google Alerts (detailed above)
- Consider enlisting a product like com or Brand.com to help you in all aspects of reputation management (similar to credit monitoring services) including assistance in removing unwanted information (slanderous posts, bad reviews, legal records, etc.) off the internet
If you are a company owner or broker, you might want to seriously consider creating a Company Usage Policy. This is a contract (that you can easily create at http://socialmedia.policytool.net/) that defines a set of guidelines/rules of what your employees are allowed to do and allows you to legally monitor their online activity. This has become a necessity in the real estate industry due to the fact that the internet has made it so easy to slip up. For example, if one of your agents commits a fair housing violation, the broker and company would not only have to deal with the negative repercussions with their client base, but are also held legally liable for their agents’ actions. So, if you are looking for a tool that will effortlessly allow you to track your team’s online activity, check out www.ExactTarget.com.
Hopefully these tips and tools will help keep you safer and your reputation intact so that the next time your future clients Google you, they will hire you because they find nothing but good things!
How to Solve You Being the Weakest Link in the Chain
Just like clock-work any time I teach a technology class on risk management, safety &/or the Cloud, the question always arises from the crowd…..yeah these are really cool tools, but are they safe?
And while it is true even some of the largest technology companies have had to deal with hacking incidents in recent memory and that there is no such thing as a 100% impenetrable/hack-proof product out there, I am of the belief that the cloud is very safe. That is as long as you the end user aren’t the weak link in the chain.
What I mean by that is, if you have been victim to viruses several times in the past, then you might not want to invest in technologies like the cloud, because viruses are of course an easy entry point for hackers (but this is easily remedied by obtaining a good Anti-Virus Suite such as Avast.com or AVG.com). But the other area where you could be the weakness is your use of weak or repetitive passwords on more than one site.
What happens to most of us is, due to the high number of sites we now have to remember passwords for, we understandably get lazy and reuse the same or similar password on multiple websites &/or are forced to carry around a spreadsheet everywhere you go with all of your site logins.
Well there is a big problem with this, hackers have caught onto this trend and now often target websites with low security (example no private data), steal the user login info, then go to high security sites (ex. shopping &/or credit card sites), plug this information in and often are able to access your accounts without ever having to hack into the big sites with all the premium security. In other words, if you are using weak &/or repetitive passwords, it is not a question of if you will be the victim of identity or credit card theft, but when.
But what if I told you the solution to this is easy and FREE (or the Premium Package is only $12/year). It is called LastPass and it stands for the Last Password you will ever need. The way it works is you will install this onto every computer device (including the app on your mobile devices) you have and it then installs itself with a little icon/button into all of the web browsers (ex. Internet Explorer, Chrome, etc.) on those devices. So once you have this set up and you go back to any website that requires a login/password, all you have to do is click on the LastPass icon, request that it create a strong password for you for that site and it will store it for you in your password vault. You will need to repeat this process for every site you use, but once you update all of your sites, you can throw out your spreadsheet and from that point on you will only need to remember ONE password, your master password for your LastPass account! And the beauty of this program is it is cloud based and because you are installing it on all of your computer devices, you are always able to get into all of your websites from any device anytime with tough passwords (only you don’t have to remember them)! And the Paid/Premium Version even allows you to login from other people’s computers safely by going in through the LastPass website.
And by the way, brokers/company owners, you need to realize that one weak link in your chain can take the whole company down. So if I were in your shoes, I would consider requiring all of my employees to have good Anti-Virus & Password Protection software solutions.
Hopefully this tip will help you be more secure and make your lives a little bit easier but if you need more help on this including great encryption solutions to protect your files, emails, devices and more, check out the Tech Safety & Security section of RETI.