Traditionally, when it comes to monetizing a real estate deal its all about location, location, location, but malicious actors are now targeting everyone from the home buyer to the lender to steal vital information.
Proofpoint recently looked at 600 real estate transactions came across six attacks targeting those involved that utilized a laundry list of techniques designed to gather login credentials or payment card and bank account information. The tools used included social engineering, phishing, malware, specifically banking trojans and information stealers, compromised personal and business landing pages, weaponized attached documents, email thread hijacking, phishing portals themed around individual agents/agencies and financial wire fraud.
In most cases several of these methods were combined to make a more powerful tool
The first three methodologies were all aimed at stealing a person’s Office login credentials. Each used a slightly different type social engineering message with the common theme that it would be of importance to a person involved in a home sale.
One was a fake Office 365 login page sent to a real estate firm CEO via a spear phishing email th ..
Support the originator by clicking the read the rest link below.
