This Is How Your Personal Data Is Being Sold By Large Real Estate Companies And Easy Steps To Protect

You would think that when buying a brand-new house, everything will go smoothly in every single aspect, but that’s actually far from reality. According to the statistics, this industry is one of the most jeopardized ones in terms of cybercrime. And that's especially the case in the United States. Not to mention the fact that there are companies, like Zillow that are known for selling sensitive data of their consumers to real estate agents without their knowledge.

This Is How Your Personal Data Is Being Sold By Large Real Estate Companies And Easy Steps To Protect

That’s why it’s of huge importance to stay safe at any given moment. If you would like to protect yourself in these types of situations, then scroll below to see what needs to be done to accomplish that.

Get Yourself Familiar With The Most Common Threats

There are various threats that are lurking behind every corner and waiting to "attack" you. Before I further proceed with this topic, I would like to first enumerate several things to help you understand the dangers that reside in the real estate industry.

  1. Cybersecurity threats – Hackers have become very wise over the past couple of years, which means that they can easily get access to your data, such as your personal identification and financial information by relying on different email scams or by simply entering your system without you even noticing it. This is something that frequently happens on some of the biggest search platforms, hence if I were you, I would opt for smaller ones because, for the time being, they are a lot safer. Fortunately, there are lots of great alternatives when it comes to this that would never allow anything bad to occur to their consumers.
  2. Physical threats – Sadly, things like identity theft have also become very common in this industry, which normally happens when physical documents (which contain extremely important data) are stolen.
  3. Insider threats – This segment refers to both business owners and homebuyers. Namely, sometimes certain people may seem trustworthy at first glance but are actually far from it. When I say this, I allude to employees in your company, contractors, and many others. These individuals are prone to misusing sensitive data for their own personal gain or because they want to harm the firm they work for. So keep an eye on them!
  4. Social engineering threats – This is by far one of the most common threats. Namely, there are lots of people and “organizations” out there that will pretend to be somebody else (such as a legitimate real estate company or agent) just so they could trick you into giving away all your sensitive data. If by any chance, you are contacted by these individuals, please be sure to first do your homework to see if they are really legit before you take any further steps.
  5. Third-party vendor threats – These are typically businesses that deal with sensitive data on behalf of other companies from this industry that couldn't care less about protecting their consumers, which, of course, results in data breaches.

Now, that you are aware of every possible threat that is out there, I hope that you will pay attention to them whenever you are searching for a new home or when you are executing a specific transaction.

Find A Reliable Real Estate Marketplace Company

I know that a vast majority of people do not perceive these sorts of companies as anything that’s potentially dangerous, but as I’ve previously told you there are a number of these platforms that are prone to taking advantage of the consumer’s sensitive data, like Zillow.

That’s why if I were you, I would rather focus on the smaller companies of this kind where you can transparently see all their privacy policies. For example, if you’re currently interested in houses that are situated in the state of Alabama, then it would be much better if you resorted to a private Alabama real estate search of some of the smaller (yet more trustworthy) real estate market companies, instead of opting for the “big names” in terms of property search platforms. Otherwise, you’ll end up being constantly bombarded with spam emails that will at some point drive you nuts.

Properly Train Your Workers

This refers to the business owners because not even they are safe when it comes to this. If you’re the owner of a real estate company and you want to be sure that all personal data are safeguarded properly, then you must train your employees so they can be wary of anything that is going on in the online world.

So what do I mean by that? For starters, you need to be sure that your email and network protection is capable of filtering out different malware and spam. That’s something that’s mandatory.

Then you need to turn to a data protection policy that's going to show your workers exactly what needs to be performed to secure personal data. Keep reminding them that if they by any chance notice anything that's even remotely suspicious, they should immediately notify you.

Don’t Forget To Back-up Your Data On A Regular Basis

If you're the owner of a real estate company or any other company for that matter, then there's no need to remind you how essential it is to frequently back up your data if you want to protect it from a variety of different threats.

Perceive this step as some sort of insurance that you can lean on in case of a data loss accident. Don’t forget that precisely something like this is going to make sure that you can easily recover anything that’s been lost, and, at the same time, it’s going to reduce the impact of a data breach on all your operations.

From what I've heard from some of the biggest experts in this field is that one of the best strategies that you can use is the so-called 3-2-1 rule. So what does it represent? It wants to accentuate the fact that everybody must have at least three copies of their data in two formats.

Bear in mind that one of those copies must be put off-site. If you want to add another layer of protection, then it would be wise to turn your data into code once you store it online so you can lower the chances of tampering or data theft.

Another thing that can be implemented is cloud storage, such as Google Drive or Dropbox. Both of these tools are great options due to the fact that they instantly back up your data, which means that you do not need to worry about losing it.

If by any chance you are utilizing a cloud property management software, then you do not need to manually back up anything because as soon as you upload your data, it is immediately encrypted and backed up.

That’s precisely one of the major reasons why so many people (including business owners) love to employ cloud property software.

Dedicated Server Is A Great Option

Unfortunately, a vast majority of real estate companies have a tendency to utilize a shared server in order to host their files which is not recommendable due to the fact that it could cause numerous risks.

How come? Well, that's because, in these instances, different programs, websites, and scripts are being run practically on the same machine. Not to mention the fact that if you use a shared server, it means that literally, anyone can access your server, not just only you and your staff but even individuals outside of your firm.

And If something like this happens, your site is going to become a lot more vulnerable which could at some point result in a data breach simply because the server you've been utilizing has poor-quality security.

Therefore, it's essential to opt for a dedicated server if you want to efficiently decrease the risk of data theft and breach. Not only will you safeguard your data more effectively, but you'll also have peace of mind knowing that nothing can jeopardize your data. And that's for sure invaluable.

Password, Password, Password

This refers to every single person out there. Sadly, a lot of people fail to realize how pivotal a strong password is. They just simply create one that's relatively short and simple and then employ it on every profile and email that they have.

And that's a completely wrong approach that could seriously jeopardize your data. According to the reports that have been published by TechRepublic, almost twenty percent of enterprise users utilize passwords that can be defined as weak.

And then, we even have the ones who use extremely weak passwords, such as “123456” or they put their birth date. Another very bad idea. Bear in mind that if you want to create something that cannot be breached easily, then you must make a password that’s strong.

When I say strong, I allude to the one that's for starters very long (it must have at least eight characters) and should contain both lowercase letters and uppercase letters, special characters, and numbers.

It wouldn't be wise to have a password that has important personal information such as your address, birth date, and other similar things. In addition, if you would like to add an additional layer of security, then I would recommend you use two-factor authentication.

Why does this matter? Namely, precisely something like this is going to enable you to create a unique code either on the Google Authenticator app or on your cell phone number. I mean, it's highly unlikely that anyone will ever have both access to your smartphone and your password.

Turn To Secure Communication Channels For Exchanging Sensitive Data

What do I mean when I say a secure communication channel? It alludes to any type of communication that highlights data confidentiality and protection. If you’re planning on having any real estate transaction (that’s either non-monetary or monetary) then be sure to utilize safe communication channels.

What are the best options when it comes to this? There are several ones and below, I’ll mention a couple of them:

  • Virtual private network – Also known as VPN. It enables you to have safe communication online by encrypting data that's been sent between any devices.
  • Secure file-sharing platforms – Anything that you would like to transfer, including sensitive data, you can by employing some of these platforms because they are very reliable and safe.
  • Secure messaging apps – There are various apps of this type that are excellent. From what I know, Signal is one of the best ones, for the time being, due to the fact that it provides end-to-end encryption for safe and stable communication.
  • In-person meetings – If you need to talk about something that’s private, confidential, and above all, important, then I would advise you to opt for secure meetings that you can hold in locations that cannot be easily accessed by anyone.

Protect All Your Devices

One of the best things that you can do protect your files (and devices in general) from malware, viruses, spam emails, phishing emails, and many other things is by downloading some good security software.

When I say this, I refer to an antivirus program that is able to safeguard all your devices against a variety of different virtual threats. If you opt for something like this, you will drastically decrease the chances of receiving anything that's potentially fishy.

Embrace AI

There are various technological innovations that we could make use of when it comes to this. One of them is artificial intelligence which has taken data protection to a totally new level. With its help, anyone can detect and avoid cyber-attacks effectively.

How come? Namely, artificial intelligence, along with machine learning algorithms is capable of breaking down huge amounts of data in order to recognize patterns and anomalies that at first glance appear to be security threats.

key in door

No one should ever misuse your personal data! However, since you don’t have control over it, the only thing that you can actually do to protect yourself is to implement everything that’s been written here today.

Check the comment section below for additional information, share what you know, or ask a question about this article by leaving a comment below. And, to quickly find answers to your questions, use our search Search engine.

Note: Some of the information in samples on this website may have been impersonated or spoofed.

Bookmark articleSave

Was this article helpful?

Comments, Questions, Answers, or Reviews

There are no comments as yet, please leave one below or revisit.

To protect your privacy, please remove sensitive or identifiable information from your comments, questions, or reviews. We will use your IP address to display your approximate location to other users when you make a post. That location is not enough to find you.

Your post will be set as anonymous because you are not signed in. An anonymous post cannot be edited or deleted, therefore, review it carefully before posting. Sign-in.

Write Your Comment, Question, Answer, or Review

Online Threat Alerts Security Tips

Pay the safest way

Credit cards are the safest way to pay for online purchases because you can dispute the charges if you never get the goods or services or if the offer was misrepresented. Federal law limits your liability to $50 if someone makes unauthorized charges to your account, and most credit card issuers will remove them completely if you report the problem promptly.

Guard your personal information

In any transaction you conduct, make sure to check with your state or local consumer protection agency and the Better Business Bureau (BBB) to see if the seller, charity, company, or organization is credible. Be especially wary if the entity is unfamiliar to you. Always call the number found on a website’s contact information to make sure the number legitimately belongs to the entity you are dealing with.

Be careful of the information you share

Never give out your codes, passwords or personal information, unless you are sure of who you're dealing with

Know who you’re dealing with

Crooks pretending to be from companies you do business with may call or send an email, claiming they need to verify your personal information. Don’t provide your credit card or bank account number unless you are actually paying for something and know who you are sending payment to. Your social security number should not be necessary unless you are applying for credit. Be especially suspicious if someone claiming to be from a company with whom you have an account asks for information that the business already has.

Check your accounts

Regularly check your account transactions and report any suspicious or unauthorised transactions.

Don’t believe promises of easy money

If someone claims that you can earn money with little or no work, get a loan or credit card even if you have bad credit, or make money on an investment with little or no risk, it’s probably a scam. Oftentimes, offers that seem too good to be true, actually are too good to be true.

Do not open email from people you don’t know

If you are unsure whether an email you received is legitimate, try contacting the sender directly via other means. Do not click on any links in an email unless you are sure it is safe.

Think before you click

If an email or text message looks suspicious, don’t open any attachments or click on the links.

Verify urgent requests or unsolicited emails, messages or phone calls before you respond

If you receive a message or a phone call asking for immediate action and don't know the sender, it could be a phishing message.

Be careful with links and new website addresses

Malicious website addresses may appear almost identical to legitimate sites. Scammers often use a slight variation in spelling or logo to lure you. Malicious links can also come from friends whose email has unknowingly been compromised, so be careful.

Secure your personal information

Before providing any personal information, such as your date of birth, Social Security number, account numbers, and passwords, be sure the website is secure.

Stay informed on the latest cyber threats

Keep yourself up to date on current scams by visiting this website daily.

Use Strong Passwords

Strong passwords are critical to online security.

Keep your software up to date and maintain preventative software programs

Keep all of your software applications up to date on your computers and mobile devices. Install software that provides antivirus, firewall, and email filter services.

Update the operating systems on your electronic devices

Make sure your operating systems (OSs) and applications are up to date on all of your electronic devices. Older and unpatched versions of OSs and software are the target of many hacks. Read the CISA security tip on Understanding Patches and Software Updates for more information.

What if You Got Scammed?

Stop Contact With The Scammer

Hang up the phone. Do not reply to emails, messages, or letters that the scammer sends. Do not make any more payments to the scammer. Beware of additional scammers who may contact you claiming they can help you get your lost money back.

Secure Your Finances

  • Report potentially compromised bank account, credit or debit card information to your financial institution(s) immediately. They may be able to cancel or reverse fraudulent transactions.
  • Notify the three major credit bureaus. They can add a fraud alert to warn potential credit grantors that you may be a victim of identity theft. You may also want to consider placing a free security freeze on your credit report. Doing so prevents lenders and others from accessing your credit report entirely, which will prevent them from extending credit:

Check Your Computer

If your computer was accessed or otherwise affected by a scam, check to make sure that your anti-virus is up-to-date and running and that your system is free of malware and keylogging software. You may also need to seek the help of a computer repair company. Consider utilizing the Better Business Bureau’s website to find a reputable company.

Change Your Account Passwords

Update your bank, credit card, social media, and email account passwords to try to limit further unauthorized access. Make sure to choose strong passwords when changing account passwords.

Report The Scam

Reporting helps protect others. While agencies can’t always track down perpetrators of crimes against scammers, they can utilize the information gathered to record patterns of abuse which may lead to action being taken against a company or industry.

Report your issue to the following agencies based on the nature of the scam:

  • Local Law Enforcement: Consumers are encouraged to report scams to their local police department or sheriff’s office, especially if you lost money or property or had your identity compromised.
  • Federal Trade Commission: Contact the Federal Trade Commission (FTC) at 1-877-FTC-HELP (1-877-382-4357) or use the Online Complaint Assistant to report various types of fraud, including counterfeit checks, lottery or sweepstakes scams, and more.
  • If someone is using your personal information, like your Social Security, credit card, or bank account number, to open new accounts, make purchases, or get a tax refund, report it at This federal government site will also help you create your Identity Theft Report and a personal recovery plan based on your situation. Questions can be directed to 877-ID THEFT.

How To Recognize a Phishing Scam

Scammers use email or text messages to try to steal your passwords, account numbers, or Social Security numbers. If they get that information, they could get access to your email, bank, or other accounts. Or they could sell your information to other scammers. Scammers launch thousands of phishing attacks like these every day — and they’re often successful.

Scammers often update their tactics to keep up with the latest news or trends, but here are some common tactics used in phishing emails or text messages:

Phishing emails and text messages often tell a story to trick you into clicking on a link or opening an attachment. You might get an unexpected email or text message that looks like it’s from a company you know or trust, like a bank or a credit card or utility company. Or maybe it’s from an online payment website or app. The message could be from a scammer, who might

  • say they’ve noticed some suspicious activity or log-in attempts — they haven’t
  • claim there’s a problem with your account or your payment information — there isn’t
  • say you need to confirm some personal or financial information — you don’t
  • include an invoice you don’t recognize — it’s fake
  • want you to click on a link to make a payment — but the link has malware
  • say you’re eligible to register for a government refund — it’s a scam
  • offer a coupon for free stuff — it’s not real

About Online Threat Alerts (OTA)

Online Threat Alerts or OTA is an anti-cybercrime community that started in 2012. OTA alerts the public to cyber crimes and other web threats.

By alerting the public, we have prevented a lot of online users from getting scammed or becoming victims of cybercrimes.

With the ever-increasing number of people going online, it important to have a community like OTA that continuously alerts or protects those same people from cyber-criminals, scammers and hackers, who are every day finding new ways of carrying out their malicious activities.

Online users can help by reporting suspicious or malicious messages or websites to OTA. And, if they want to determine if a message or website is a threat or scam, they can use OTA's search engine to search for the website or parts of the message for information.

Help maintain Online Threat Alerts (OTA).

This Is How Your Personal Data Is Being Sold By Large Real Estate Companies And Easy Steps To Protect