Buying a home is part of the American dream. But one scam could turn it into a nightmare, endangering years’ worth of clients’ savings, as well as your reputation as a real estate professional.
The Federal Trade Commission and the National Association of Realtors are warning the real estate industry about a “bogus email” that could result in an empty bank account—and it’s a reminder that real estate information is prized among the black market.
The phishing email contains alternative wiring instructions related to the closing of a deal. To set the hook, hackers break into buyers’ or agents’ email accounts, find messages about upcoming transactions and pose as real estate professionals. If a buyer agrees to the fraudulent email instructions, money is wired to the scammer’s account, and the buyer’s funds are likely wiped clean with little chance of ever being recovered.
As more homebuyers and agents use digital technology to communicate and facilitate transactions, there is an obligation to maintain the privacy and security of sensitive information. This is especially the case when high-stakes real estate documents, such as home contracts, are sent and signed electronically.
Thankfully, there is a solution that allows you to continue completing transactions online while ensuring that your clients’ private information is protected and seen only by those with permission.
Multi-factor authentication
When using digital documents, it is essential that you verify a user’s identity before granting access to private information. By requiring multi-factor identity authentication before a person is able to access and sign a document, you are requiring the user to prove their identity more than once, which greatly reduces the chance of a hacker gaining unauthorized access to confidential documents.
Multi-factor authentication can be used in many different ways, but it typically combines something the signer knows (a user name and password) with something they have (a mobile phone or one-time passcode). One of the best ways to execute this is through short message service, or SMS, authentication.
How SMS authentication works
Upon signing into their email account, the client receives a text message with a one-time passcode. Then they enter the code to view the secure documents, which is permitted because their identity has been verified, not once but twice – once by signing in to their account and once by entering the code they received via SMS, i.e., text message. Unless both of these steps are successfully completed, the user cannot access the private information, and, therefore, cannot falsely sign any contract or other documents.
Because your clients’ mobile phones are rarely out of reach, this method is quick and easy to use – requiring little training for clients to use – and it’s cost-effective.
Should there ever be any suspicion of fraud or question of validity, the SMS message is recorded in an audit trail that tracks which phone number received the code and when it was opened. This provides legal evidence that the proper steps were taken to prevent fraud, which can be essential in protecting your reputation and your business in the event that fraud does occur.
As industry and federal authorities remind us, hackers are prevalent, and they’re targeting the real estate industry. SMS authentication is an easy, yet powerful way to protect yourself and your clients. Given the high stakes involved, taking this extra step should be part of your closing protocol.
Digital security must be made a priority in today’s real estate industry. To learn more about e-signature security, download this free e-book.