During Covid, real estate professionals may be relying on virtual tours and utilizing teleconferencing platforms to keep up with clients. And the home office might be the new hub for day-to-day business.
However, while office computer systems typically offer layers of protection to keep data safe, the home computer might not be as secure. Cyber attacks have seemed to become more prolific during the pandemic. Deloitte reported that almost half of those working from home are lured into phishing scams.
Don’t fall prey to data thieves. Here’s how to keep your real estate business safe from cyber attacks while working from home.

Watch Out for Weird Attachments
Phishing schemes are a common tactic used by cyber predators to install malicious programs onto the computer. These can be viruses or spyware. What is a phishing scheme? Imperva explains that this type of attack is carried out by individuals who send links via emails and texts that seem to be sent from a source that the recipient would trust. Maybe the email appears to come from a bank or maybe even a coworker.
The scam uses this deception to lure the recipient into clicking a link, which installs malware on the recipient’s device. However, Imperva notes that the link also could stall the computer or “the revealing of sensitive information.”
Sometimes phishing attacks can be identified by simply hovering the mouse over the sender’s email. This typically reveals the true email address. The recipient also may be able to hover over the link; doing so will show the website address where the link directs. Often the link location will reveal a suspicious address.
Be on the lookout for emails from lending or financial institutions that prompt you to enter any financial or sensitive information. Sometimes these emails can look legitimate, and this is why the schemes are so dangerous. Contact your bank if you receive an email that asks for financial information. If something is amiss with your account, a direct call to your bank is the best recourse. In addition, emails that are spoofing legitimate websites (like banks) can be reported to those institutions.
Phishing schemes also can seem to appear as though they are sent by a coworker, client or colleague. Again, double check the sender’s information. And don’t click on any links. Don’t reply to the email directly; the email recipient may show up as a familiar contact, but the name could simply be spoofed.
ClearedIn details a phishing scheme that targeted parent teacher organizations. Recipients received an email from what appeared to be another member (maybe the president) that asked them to purchase gift cards and send the gift card codes to the email sender. The email promised to reimburse the recipient for the price of the cards. Of course, the scheme was to get gift cards, and the reimbursement was never going to happen (since the sender was not affiliated with the parent teacher organization).
Similar phishing schemes could target real estate professionals. Again, check the email recipient’s address, and don’t click on any links or attachments that seem suspicious. And, while gift cards can be great closing gifts for clients, be wary of any email that asks you to send gift card info via email.

Protect Your Computer
If you’re working from home using a personal computer, protect your data. Install reputable antivirus software and be diligent about scanning for viruses and malware.
Not sure what software is the best? You can talk to your broker or other industry professionals to inquire about what they use and recommend.
When setting your passwords, don’t choose anything that’s obvious like birthdays or social security numbers. Choose something that you can remember, though, or keep the passwords in a safe place (if you forget them).
Creating a Plan
The National Law Review notes that the real estate industry may be an ideal target for cyber attacks because “Real estate transactions contain significant amounts of personal information, including, but not limited to, financial data, Social Security numbers, driver’s license numbers, passports numbers, insurance information, and passwords.”
The publication explains that real estate organizations and businesses need to create a plan as to how they will handle a breach. When creating an “Incident Response Plan,” the publication explains that real estate organizations should:
- Have both an internal and external team prepared to respond. Per the Law Review, internal teams typically would include IT teams, executives, human resources, etc. External teams would include attorneys, public relations teams, investigators, etc.
- Secure insurance coverage that protects against data breaches. The cost of breaches can be high.
- Understand and identify all legal issues that could impact how the company responds. The Law Review states that this could include contractual obligations, too.
Typically, real estate professionals are aligned with a broker. Talk to your broker about what tools are in place to handle a data breach and what tools you might need to have in place while working from home.
Resources from the National Association of REALTORS®
The National Association of REALTORS® explains that “The REALTOR® code of Ethics and Standards of Practice explicitly acknowledge a REALTOR’s® obligation to preserve the confidentiality of personal information provided by clients in the course of any agency or non-agency relationship—both during and after the termination of these business relationships.” To help REALTORS® navigate the world of cybersecurity, NAR provides a wealth of resources, including a Cybersecurity Checklist and a Data Security and Privacy Toolkit.
Some of NAR’s recommendations include:
- Maintaining inbox folders and archive important emails (in a safe place)
- Choosing more complicated passwords (nothing too short or basic)
- Using unique passwords for each account
- Staying away from unprotected wi-fi…use secure wireless networks.
- Keeping antivirus software updated
- Backing up files and keeping them somewhere safe
- In addition, NAR provides videos about how to prevent cybercrime during Covid-19 and cybersecurity best practices during the pandemic.
Teleconferencing
During the pandemic, many professionals utilized teleconferencing software to meet virtually and keep business moving. Unfortunately, even virtual meetings could be hacked; teachers sometimes reported having virtual class sessions invaded by individuals who were not students.
Per The Tech Times, some hackers ‘zoombombed’ meetings; this tactic, the publication explained, wasn’t about stealing any data. Instead, zoombombers dropped into meetings uninvited sometimes to annoy or harass or simply as a kind of prank.
However, The Tech Times noted that attacks on teleconferencing can be more involved, with account passwords or credentials being shared on the web.
When using Zoom or any conferencing platform, make sure to download the most recent updates. Don’t ever share meeting information with anyone who isn’t invited. And, of course, run antivirus software regularly to check for viruses or other malware (and keep the antivirus software updated).
While many professionals continue to work from home during the pandemic, those who work from home on personal computers and private internet connections should be diligent about cybersecurity. Real estate professionals can visit the National Board of REALTORS® for more resources on how to keep data safe during Covid and find recommendations for cybersecurity. Most everyone working from home should be aware of phishing schemes; don’t download or click on any attachment from an unfamiliar sender or open anything that seems suspicious.
Hovering the mouse over the sender’s name can reveal that the sender is spoofing a familiar contact. Keep all antivirus software updated and reach out to your broker for any additional help or guidance.