What you’ll learn (TL;DR)
- Cybercriminals use phishing to target homeowners by pretending to be banks, mortgage companies, or utility providers to steal sensitive information.
- Trending phishing scams include misleading online ads, fake real estate agents, and bogus emails impersonating popular e-signature platforms.
- Tips to avoid phishing scams: go to the source, be cautious of offers that seem too good to be true, and expect the unexpected.
Trending Phishing Attacks
You’re probably familiar with the term “phishing," but are you aware of how scammers use it to target homeowners? Phishing is a common scam that cybercriminals use to trick people into sharing sensitive information, often over email, text, or calls. Cybercriminals pretend to be banks, mortgage companies, or utility providers, specifically targeting homeowners. They’ll ask for your login credentials and use them to drain your bank accounts. Sometimes, they’ll impersonate realtors, lenders, or insurance companies to gain your trust. In doing so, you might willingly share your driver’s license, social security number, and credit report, leaving you vulnerable to identity theft.
Cybercriminals love phishing because it is easy for them to exploit our inclination to trust. Let’s look at three trending phishing scams and tips to help avoid them.
Tip #1: Go to The Source.
Recently, the FTC issued a warning about a company called Doxo, which ran misleading ads online, presenting itself as a payment platform for major utility companies like AT&T and Spectrum. Unfortunately, Doxo scammed users, pocketing their payments and disappearing, leaving them without utility services and unpaid bills. If you pay your bills online, check your statement to find the authentic online payment site and bookmark it for future use. This reliable source should be bookmarked, enabling you to verify any suspicious ads or messages claiming your utility payment is due. Go to the source, uncover the truth, and avoid potential scams.
Tip #2: Is it Too Good to be True?
Do you own a timeshare? What would you do if a “real estate agent” called you with an interested buyer? The “agent” only asks you to pay a small fee right now, promising to help you make big money quickly. Sounds suspicious, doesn’t it? That’s because it’s a scam. Scammers use public records to target timeshare owners, especially individuals who may not use their timeshares often. Timeshares can be hard to sell, so an already interested buyer sounds too good to be true. If you get an unsolicited call with an offer, don’t hesitate to hang up and do your research. Check with the state real estate licensing agency or contact your timeshare company. Chances are, if it sounds too good to be true, it is.
Tip #3: Expect the Unexpected.
In today’s real estate scene, important documents like offer letters and refinancing paperwork are sent electronically for signing. But here’s the thing: scammers are onto this trend, too. Last year, cybercriminals sent over 3.5 million phishing emails impersonating DocuSign—and many more impersonating other popular file-sharing services. These file-sharing scams usually start with an email, urging you to click a link right away; otherwise, your home purchase might fall through. However, that email isn’t from DocuSign or your real estate professional. Instead, links to a fake website where you might unknowingly give away your login credentials or download malware to your device. Phishing scams often start with something unexpected, like an urgent message with dire consequences. Expect the unexpected and be wary of urgent requests for personal information.
Beyond Emails
Did You Know that Phishing is More than Just Emails?
Contrary to popular belief, phishing doesn’t solely begin with emails. In 2022, Americans fell victim to “smishing” (SMS phishing or text phishing) scams, resulting in losses exceeding $330 million.
If you receive a suspicious communication that appears to be sent from First American, or suspicious websites that look like First American, please forward the message or URL to phishing.abuse@firstam.com, and we can help you verify it.
References
1.
“Pay Your Bills, Not Impersonators.” Federal Trade Commission, Consumer Advice, 29 April 2024
2.
“If You Have a Timeshare, Scammers Might Target You.” Federal Trade Commission, Consumer Advice, 29 March 2024
3.
Proofpoint, State of the Phish Report, 2024
4.
“Beware of Clever Dropbox Phishing Scam.” ALTA Community, 22 March 2024
5.
“New FTC Data Analysis Shows Bank Impersonation is Most-Reported Text Message Scam.” Federal Trade Commission, Protecting America’s Consumers, 8 June 2023