Realtor Magazine is sharing the story of a real estate agent who almost got caught up in what could have a ‘phishing scam’—the term commonly used to describe a way for people to get email addresses and other personal information from the people they target.
An agent in Florida received an email from someone who said he was moving to the area and was looking for a local agent. When the agent replied saying he was available and the next best step was to obtain a pre-approval letter the supposed buyer replied the next day, saying that the approval letter was attached to the email.
But when the agent clicked on what was supposed to be an attachment it went to a website that required logging in.
That’s where the agent thought something was suspicious and didn’t proceed with the steps. But if he or she had created an account using their email and a password—perhaps the same password used for other sites, including their email—the scammers might have been able to capture both the mail client the agent uses and the password to access the account. That’s when they could start to do real damage, such as the scam that used real estate agent email addresses (or addresses that looked very similar to theirs) and asked clients to wire funds to a different account that belonged to the scammers.
To see screenshots of the email conversation between the agent and the buyer head over to the site of the Internet security firm SANS that the agent contacted originally.