Ramblings of a Baltimore area Realtor: Vistaprint Exploited For Real Estate Wire Fraud Scams

Vistaprint Exploited For Real Estate Wire Fraud Scams

Fraud and scams are a real threat to all our financial security.  They are rampant in all arenas not just real estate and finances.  Just today I got an email from google voice with a verification code, only I don't have a google voice account associated with this particular gmail account.  Internet dating sites are also a target rich environment for scammers looking for unsuspecting victims.  Reverse look up phone numbers, right click on pictures and do a google search, search email addresses and don't always trust that the person emailing you for help finding a home is legitimate, real estate is a perfect environment to launder money, it takes longer than some other methods but purchasing a property and reselling it for profit is a great way to launder money so beware of the source of income.  And,  now that we have stated income loans again and property values are on the rise it can become easier for people to commit fraud.  Remember, if it seems too good to be true it could very well be!!

In real estate, the threat of wire fraud is real. Industry professionals are aware of the growing real estate scams that dupe buyers into giving their purchase money to hackers. In 2016, wire fraud topped the list as a sophisticated scam causing consumers to lose millions of dollars each year. Realtor.com has published best practices for Realtors, and even offers a sample wire fraud e-mail template notice to use in daily correspondence. 

Labeled "Sophisticated" Because To The Average Eye, It Looks Legit 

The typical scam involves hackers gaining access to e-mail accounts through captured passwords, and then searching inboxes for messages related to real estate transactions. Once a targeted victim is identified, hackers send spoof e-mails to look like they are coming from the agent, title representative, attorney, or lender, often including "new" wiring instructions to a fraudulent account. Victims unwittingly comply, sending funds directly to the hacker's account. And once the money is gone, it is often unrecoverable. 

For those who work in the real estate industry, the chances of being exposed to wire fraud or attempted wire fraud are increasing. And while we do our best to warn and educate, the crime is too easily perpetrated, as no one thinks it will happen to them -- or their clients -- until it does. 

Tehse wrods may look lkie nosnesne, but yuo can raed tehm, cna't yuo?

The scam works partly because our brains can read jumbled letters and are wired to overlook typos.  Coupled with content that uses real information (like e-mail signature blocks and  specific details relating to property information dates), an unsuspecting reader trusts written words, as well as the relationship behind the real identity of the person with whom they believe they are corresponding. For example: 

mickeyrnouse.com  - at a quick glance, this might look like MickeyMouse.com, but upon closer inspection, can you see that it really says MICKEYRNOUSE.COM?

mikeymouse.com  - in this instance, the "c" in mickey was dropped , and Mikey reads everything. 

mickeymuose.com -because transposed letters are easy to miss

These are the types of tricks scammers leverage to get their foot in the door.

Vistaprint - More Than Economical Business Cards and Free Pens... 

In a recent case of attempted fraud, scammers spoofed an agent's personalized e-mail domain by dropping 1 letter in the name.  As we investigated the fraudulent e-mail account, WHOIS showed the domain owner to be Vistaprint, registered through TuCows.com. We reported the attempted wire fraud to both companies. TuCows responded immediately to shut down the domain. 

While pleased with the registrar's fast response, we wondered about Vistaprint's connection to the case and pressed  further in pursuit of the culprits behind the scam. Surprisingly, we learned through a google search that Vistaprint has been a long-standing platform favorite exploited by scammers for the purpose of business e-mail compromise (BEC) scams and phishing attacks. Stories involving abuse of Vistaprint's platform have been making news headlines dating back to 2014. CNBC aired a particularly disturbing story in August of 2016 which targeted the CEO of Centrify, a California-based cybersecurity company. 

A Shocking Petri Dish Of Cyber-Hacker Slime 

Phishme.com explains in detail here how attackers sign up for Vistaprint's option to create a free domain. Scammers use fake information to meet Vistaprint's bare bones "validation" measures, and pair web hosting with an e-mail account on Vistaprint's 1-month free trial. (A few days is ample time to perpetrate wire fraud.) As Vistaprint retains ownership over all of their domain names ("leasing" them to end users), it is easy for scammers to hide their true identities and get away with the ploy. Wash, rinse, and repeat. 

Uncool, Vistaprint!

To help illustrate the rampant abuse taking place on a daily basis, consider the reverse Whois search we performed at https://www.whoxy.com/reverse-whois/ this morning. The query looks for domains where the registrant's email address matches to Vistaprint's "csadmin@vistaprint.com" e-mail address:

 

The sorted the results to show a list of domain names that lit up yesterday, November 1, 2017. Check out what 15 seconds of a closer look was able to spot. See anything that looks tricky to you? We found a few...

 Sadly, the results haven't changed much from those found by Ronnie Tokazowski in the September 2015.

A Call For Accountability & Policy Changes 

Threatstop.com writes: "Registration of fake domains by fraudsters and hackers is a real problem that is relatively easy to solve and even a very simplistic fix would prevent a great deal of crime. The BEC scam is just one example of how criminals use fake, free domains to perpetrate crimes. One would hope that domain vendors take notice of this issue, and begin to put policies and processes in place to help stamp out this type of criminal activity." 

Vistaprint, if you're not part of the solution, you are part of the problem.  We implore you to stop enabling fraud on your platform. Turning a blind eye to criminal use of your resources just doesn't work for civilized society.

Amanda Thomas, Broker
Realtor®, SRES®, BPOR, MCNE Providence Group Realty
  

 

Mobile: 469.298.9706
Address: 3308 Preston Rd #350-124, Plano, TX 75093


If you are thinking of buying or selling an home in  Maryland give us a call at 410-292-0100 or start your search here and we'll talk about the market conditions and what your home could possibly be worth in today's market place if you are thinking of selling. If you are considering buying a home, there is no better time than now to buy. The tax savings and wealth building alone is worth the plunge into todays market.  Remax New Beginnings and I are connected with some of the brightest and best real estate agents in the world and can assist with your move here in Maryland or anywhere in the United States or abroad.  Ask me how.

June Piper-Brandon ~ Associate Broker ~ CDPE, CIAS, ePro, MRP

The Traczyk Team

Remax New Beginnings

City Living Expert

 

 

 

 

 

 

June Piper Brandon - Agent with Century 21 New Millennium

June Piper Brandon - Agent with Century 21 New Millennium

Comment balloon 2 commentsJune Piper-Brandon • November 04 2017 02:59AM

Comments

June Piper-Brandon Truly an extremely noteworthy blog to re-post. I hope more pay attention to this issue.

Posted by Sandy Padula and Norm Padula, JD, GRI, Presence, Persistence & Perseverance (Realty National) about 1 year ago

Wow... lots to review, and very informative.  We need to ALWAYS pay attention to the email addresses we receive ... so much email fraud (scams) are being done with Title companies, too.  Nothing worse than having a clients $250,000 cash being wired to a scam.

Posted by Dan Hopper, Denver Realtor / Author / Advocate/Short Sale (Keller Williams Realty Downtown LLC) about 1 year ago

This blog does not allow anonymous comments