when it comes to monetizing a real estate deal its all about location, location,
location, but malicious actors are now targeting everyone from the home buyer
to the lender to steal vital information.
recently looked at 600 real estate transactions came across six attacks
targeting those involved that utilized a laundry list of techniques designed to
gather login credentials or payment card and bank account information. The tools
used included social engineering, phishing, malware, specifically banking trojans
and information stealers, compromised personal and business landing pages, weaponized
attached documents, email thread hijacking, phishing portals themed around
individual agents/agencies and financial wire fraud.
cases several of these methods were combined to make a more powerful tool
three methodologies were all aimed at stealing a person’s Office login
credentials. Each used a slightly different type social engineering message with
the common theme that it would be of importance to a person involved in a home
One was a
fake Office 365 login page sent to a real estate firm CEO via a spear phishing
email that attempted to harvest his credentials. The second used a spoofed real
estate company login page requesting the recipient enter their Office 365 sign
in info so they can view the attached document that was purportedly part of a
real estate deal. The third was similar but sent to brokers at a specific
nation-wide company telling the target they needed to sign in to view the
case the attackers used a similar social engineering scheme to entice the victim
to download an attached document. Except in this case the threat actor was not looking
for login information, but had attached a malicious document that would inject
payment card and bank info-stealing malware onto the target system.
The final attack-type
found also went after payment card data, but was a bit more straightforward
merely being an email with the real estate company logo that contained a fake credit
card authorization form asking for the person’s name, account number and CVV.
that since home sales and other real estate transactions are not only quite
complicated, but also very stressful it leaves the participants open to t his
style of attack. This means a higher level of caution needs to be in place
throughout the deal.
include telling those involved to be on the look out for scams, using MFA for
signing in to Office 365 or other productivity tools and verify with the named
sender whether or not the document that was received is legitimate.