IMPORTANT: REALTORS® Targeted in Email Phishing Scam

Posted on: February 28th, 2017 by RAGC Team No Comments

spam_email_screen_stock-100664936-largeA new scam is targeting real estate agents specifically and it is a scam that uses the name of Sue Dietz, a real estate sales associate, who also served as president of the East Central Iowa Association of REALTORS®.  Scammers have been using her name to create fake email addresses.  They send emails to unsuspecting real estate agents offering referrals.  The emails look something like this…


My name is Sue Dietz a realtor with RE/MAX ADVANTAGE REALTY in Dubuque IA, I have a client who is interested in buying a property in your area of expert, Please let me know if you’re available to help them out and I will send their contact details and the listings they are interested in.


Those who reply to the fake email are sent a link to a Google Drive account that is supposed to contain information about a referral.  When the recipients click this link, a virus is installed on their device that allows scammers to take passwords and other personal information off the device.

If you have received an email similar to this, you are encouraged to report it as spam.  Since early 2016, nearly 4,000 real estate agents – nationwide and in Canada – who received the scam email have contacted Dietz to either inform her of the scam or to confirm the referral with her.

Jessica Edgerton, associate counsel for the National Association of REALTORS®, provides tips for making your email more secure.  She says:

  • Check your sent mail, junk mail, and email account settings regularly for anomalies. Hackers often break into an email account and modify the “email forwarding” settings to forward emails to their own account.
  • Regularly purge your email of unneeded or outdated information. Save any important emails securely.
  • Avoid email as a method for sending sensitive or confidential information. Instead, consider using a secure document sharing or transaction management platform.
  • Use strong passwords that incorporate a combination of letters, numbers, and symbols.
  • Avoid using unsecured or public Wi-Fi.

Further, the FTC offers the following tips to avoid being a victim of a phishing scheme:

  • Never e-mail your financial information. E-mail is not considered secure.
  • Check the security of the website. For any financial information you provide over the web, check that the site is secure. The URL should begin with https.
  • Watch what you click on. Do not click a link in an e-mail to go to an organization’s site. Instead, look up the real URL and type it into the web address yourself.
  • Be cautious about opening attachments and downloading any files from e-mails.
  • Make sure your operating system, browser, and security software are up-to-date.

When in doubt or when you receive an email from someone you don’t know, do not click a link in the email!  Use the tips above and an abundance of caution to ensure that your email, passwords and personal information are not compromised.