On June 9th 2017, the CCIM Miami-Dade-Monroe District hosted its CCIM Monthly Meeting at Morton’s Steakhouse in Coral
Gables. The topic was on Cyber Awareness by Chris Scott, an expert
on Cyber Security. Mr. Scott is also an "ethical hacker", advising banks and businesses on internet fraud.
 |
| Miami-Dade CCIM District Monthly Meeting / Cyber Awareness re Fraud |
Fraud is Everywhere in Our Digital Workplace
As we transact business in the information age, where global economies rely heavily on
computers and e-commerce, we need to be alert to the various sources of fraud
perpetrated via email and especially with bank wire transfers. In commercial real estate, we spend a large
portion of the day on our computers using the internet emailing clients,
researching properties, market values, property owners, and analyzing
investment properties. The computer and the internet have become an integral
part of the profession.
Mr. Scott warned us to be extremely careful with our digital communications as cyber
fraud is on the increase. In particular, the headers of an email should be carefully examined to see the URL and information regarding the sender.
According to the AFP
Payments Fraud and Control Survey, 73% of companies were targets of
payments fraud in 2015, up from 62 percent in 2014. Moreover, 39% of corporate
practitioners from these companies report the potential loss from fraud was
greater than $250,000. And the preferred payment method responsible for fraud
loss was checks and wire transfers.
Common Fraud Tactics
Mr. Scott lists common fraud tactics:
- Phishing - An email that tricks recipient into taking some type of harmful action
- Business Email Compromise (BEC) - A certain attack where the attacker pretends to be an authorized user of a system in order to gain access to it
- Ransomware - A certain malicious software made to block access to a computer system
- Wire Fraud - Targeting of banks and financial institutions via wire transfers
Common Scenarios
As an example, ten employees work for a boutique real estate
company. The company decides to hire a new employee to work in accounts payables. A cyber criminal, without being noticed, may have already compromised the real
estate company’s network as a result of prior surveillance and email
communication. Cyber criminals do their homework and may have set up a fake URL that closely resembles the company information and web site. They monitor the
existing network traffic and observe the writing styles of key figures in
preparation to compromise the systems.
Another scenario: What if the Cyber Criminal masquerading as the company’s
boss or high ranking employee sends an email to the new employee with wire instructions
to send $100,000 to client? He or she
may not be fooled but that email, but what if the Cyber Criminal more clever?
Tips
Mr. Scott provides helpful tips against Cyber Criminals. They are:
- · Check the email address and email header. Look for the sender’s name and email header.
- · Be suspicious of attachments. Only download and open those that you are expecting.
- · Notice the email’s greeting. Does the sender know your name and use it?
No comments:
Post a Comment