A Friendly Reminder on How to Avoid Email Scams Aimed at Women's Council Members
Technology has been a boon to referral networks. In a matter of minutes, you can locate and send a client referral to a fellow Council member across town or across the country. In the real estate industry, the Women’s Council referral network is especially strong, with 56 percent of members reporting they refer business to another member annually.
To help facilitate referrals, Women’s Council maintains an “open” network; that is, full contact information is displayed for all members on a public site. Anyone can find you and, generally, that’s a good thing…but not always.
As members of Women's Council and local, state and national REALTOR® associations, many of you have experienced communications that appear to be from these organizations but upon closer examination, they are tall tale signs of a phishing scam. Many will request to wire money, ask for personal information, or encourage you to click on a link or open an attachment for “important information” that results in malware (hostile or intrusive software, viruses, spyware, ransomware, etc.) being installed on your computer.
So what’s a member to do? Your business relies on connecting with Council members you may not know. While you don’t want to miss a lead or lose a referral, you do want to be aware and know how to read the signs of suspicious emails so you can avoid phishing scams. Here are some tips to help you spot (and avoid) scams – whether general in nature or those targeting Women's Council members.
Look at the URLs and domain names. Do they make sense? For example, if the email is from Jane Doe and the domain is janedoe.com that seems logical. But if the domain name is janedoe.com.bestdeal.com, this is a red flag. You may also see a foreign country domain extension in the URL, e.g., ru for Russia. Ask yourself if that makes any sense given the situation. Even if a URL looks legit, it may be hiding the real one. To check, hover your mouse over the link (don’t click!) and you’ll see the true URL. If it differs from the displayed link, the message is probably fraudulent or malicious.
Consider the salutation and signature. If the salutation reads “Dear Council Member” but the message makes reference to a specific person who provided your name, that signals a likely scam. Also, look at the email signature. Does it include full contact information, as is the standard practice for business communications?
Read for poor grammar or spelling. Scammers are notoriously bad about spelling and grammar. If a poorly written email claims to come from a large corporation or well-known brand, you can almost be assured this is a scam as these companies are very careful about their image.
Never provide personal information or send money without confirming legitimacy. Check the “Find a Member” directory or Council Referral Center to confirm the individual’s membership. If you are in communication with the sender, ask for clarifying/confirming details. One smart Council member asked for more information about the source of the referral and the individual quickly cut off communication. If you’re asked to send money to assist a specific member, contact the member directly to confirm a true need before taking any action. Be wary of any request to send money to an unidentified vendor. Targeting association members for payments using the president or treasurer’s name is a current popular scam.
If you don’t recall noted actions, beware. The recent Women's Council member phisher makes references to having left voice and text messages. Do you recall getting these? Widespread scams include notification of contest winnings (Did you enter?) and lottery winnings (Did you buy a ticket?). With these and other scams, if the news or opportunity sounds too good to be true…it probably is.
- Avoid clicking on suspicious links or attachments. If you have any reason to doubt the legitimacy of an email, never click on a link or attachment. Doing so can result in installing malware, which can range from being a mere irritant to the loss of your computer’s contents. Very recently a Dropbox link was sent out in the name of the National President asking to open up an attachment -- this is a scam and do not open the attachment!
Now that you can spot a phishing email, here are a few things you can do to protect yourself (and others).
Review your computer settings. While it will vary depending on your platform, you likely have an option to determine how easily “junk” mail (which includes scams) gets through to your inbox.
Install security software. While most email programs do a decent job of filtering out junk emails, an additional layer of protection can minimize the impact if you do inadvertently click on a link you thought was from a legitimate source.
Report phishing scams. Most large companies (Google, Apple, PayPal, Microsoft, large banks, etc.) welcome notification that someone is using their name in a scam. Use your browser to search for “report phishing to (company name)” to find quick instructions. The U.S. government also invites scam reporting: firstname.lastname@example.org. If you receive a phishing email that uses the Women’s Council of REALTORS®’ name, send the email to email@example.com and type “Suspected Phishing” in the subject line.
The tips provided here are to remind you to exercise caution and to help you learn how to quickly assess an email that seems a bit out of the ordinary. Viewing such emails with a thoughtful eye will allow you to continue to enjoy the unparalleled success of the network of the Women’s Council of REALTORS®!