Vistaprint Exploited For Real Estate Wire Fraud Scams

Reblogger June Piper-Brandon
Real Estate Agent with Long & Foster Hampden MD RE License 579412

Fraud and scams are a real threat to all our financial security.  They are rampant in all arenas not just real estate and finances.  Just today I got an email from google voice with a verification code, only I don't have a google voice account associated with this particular gmail account.  Internet dating sites are also a target rich environment for scammers looking for unsuspecting victims.  Reverse look up phone numbers, right click on pictures and do a google search, search email addresses and don't always trust that the person emailing you for help finding a home is legitimate, real estate is a perfect environment to launder money, it takes longer than some other methods but purchasing a property and reselling it for profit is a great way to launder money so beware of the source of income.  And,  now that we have stated income loans again and property values are on the rise it can become easier for people to commit fraud.  Remember, if it seems too good to be true it could very well be!!

Original content by Amanda Thomas TREC# 0608931

In real estate, the threat of wire fraud is real. Industry professionals are aware of the growing real estate scams that dupe buyers into giving their purchase money to hackers. In 2016, wire fraud topped the list as a sophisticated scam causing consumers to lose millions of dollars each year. Realtor.com has published best practices for Realtors, and even offers a sample wire fraud e-mail template notice to use in daily correspondence. 

Labeled "Sophisticated" Because To The Average Eye, It Looks Legit 

The typical scam involves hackers gaining access to e-mail accounts through captured passwords, and then searching inboxes for messages related to real estate transactions. Once a targeted victim is identified, hackers send spoof e-mails to look like they are coming from the agent, title representative, attorney, or lender, often including "new" wiring instructions to a fraudulent account. Victims unwittingly comply, sending funds directly to the hacker's account. And once the money is gone, it is often unrecoverable. 

For those who work in the real estate industry, the chances of being exposed to wire fraud or attempted wire fraud are increasing. And while we do our best to warn and educate, the crime is too easily perpetrated, as no one thinks it will happen to them -- or their clients -- until it does. 

Tehse wrods may look lkie nosnesne, but yuo can raed tehm, cna't yuo?

The scam works partly because our brains can read jumbled letters and are wired to overlook typos.  Coupled with content that uses real information (like e-mail signature blocks and  specific details relating to property information dates), an unsuspecting reader trusts written words, as well as the relationship behind the real identity of the person with whom they believe they are corresponding. For example: 

mickeyrnouse.com  - at a quick glance, this might look like MickeyMouse.com, but upon closer inspection, can you see that it really says MICKEYRNOUSE.COM?

mikeymouse.com  - in this instance, the "c" in mickey was dropped , and Mikey reads everything. 

mickeymuose.com -because transposed letters are easy to miss

These are the types of tricks scammers leverage to get their foot in the door.

Vistaprint - More Than Economical Business Cards and Free Pens... 

In a recent case of attempted fraud, scammers spoofed an agent's personalized e-mail domain by dropping 1 letter in the name.  As we investigated the fraudulent e-mail account, WHOIS showed the domain owner to be Vistaprint, registered through TuCows.com. We reported the attempted wire fraud to both companies. TuCows responded immediately to shut down the domain. 

While pleased with the registrar's fast response, we wondered about Vistaprint's connection to the case and pressed  further in pursuit of the culprits behind the scam. Surprisingly, we learned through a google search that Vistaprint has been a long-standing platform favorite exploited by scammers for the purpose of business e-mail compromise (BEC) scams and phishing attacks. Stories involving abuse of Vistaprint's platform have been making news headlines dating back to 2014. CNBC aired a particularly disturbing story in August of 2016 which targeted the CEO of Centrify, a California-based cybersecurity company. 

A Shocking Petri Dish Of Cyber-Hacker Slime 

Phishme.com explains in detail here how attackers sign up for Vistaprint's option to create a free domain. Scammers use fake information to meet Vistaprint's bare bones "validation" measures, and pair web hosting with an e-mail account on Vistaprint's 1-month free trial. (A few days is ample time to perpetrate wire fraud.) As Vistaprint retains ownership over all of their domain names ("leasing" them to end users), it is easy for scammers to hide their true identities and get away with the ploy. Wash, rinse, and repeat. 

Uncool, Vistaprint!

To help illustrate the rampant abuse taking place on a daily basis, consider the reverse Whois search we performed at https://www.whoxy.com/reverse-whois/ this morning. The query looks for domains where the registrant's email address matches to Vistaprint's "csadmin@vistaprint.com" e-mail address:

 

The sorted the results to show a list of domain names that lit up yesterday, November 1, 2017. Check out what 15 seconds of a closer look was able to spot. See anything that looks tricky to you? We found a few...

 Sadly, the results haven't changed much from those found by Ronnie Tokazowski in the September 2015.

A Call For Accountability & Policy Changes 

Threatstop.com writes: "Registration of fake domains by fraudsters and hackers is a real problem that is relatively easy to solve and even a very simplistic fix would prevent a great deal of crime. The BEC scam is just one example of how criminals use fake, free domains to perpetrate crimes. One would hope that domain vendors take notice of this issue, and begin to put policies and processes in place to help stamp out this type of criminal activity." 

Vistaprint, if you're not part of the solution, you are part of the problem.  We implore you to stop enabling fraud on your platform. Turning a blind eye to criminal use of your resources just doesn't work for civilized society.

Amanda Thomas, Broker
Realtor®, SRES®, BPOR, MCNE Providence Group Realty
  

 

Mobile: 469.298.9706
Address: 3308 Preston Rd #350-124, Plano, TX 75093
close

This entry hasn't been re-blogged:

Re-Blogged By Re-Blogged At
Topic:
Real Estate Best Practices
Groups:
Bloggers Choice Selections
Dedicated Bloggers
Diary of a Realtor
Addicted to Active Rain
Square Pegs
Tags:
fraud
scams
financial fraud
financial scams
wire fraud scams

Spam prevention
Show All Comments
Rainmaker
1,536,440
Sandy Padula and Norm Padula, JD, GRI
HomeSmart Realty West & Geneva Financial, Llc. - Carlsbad, CA
Presence, Persistence & Perseverance

June Piper-Brandon Truly an extremely noteworthy blog to re-post. I hope more pay attention to this issue.

Nov 04, 2017 06:47 AM #1
Rainer
403,840
Dan Hopper
Keller Williams Realty Downtown LLC - Denver, CO
Denver Realtor / Author / Advocate/Short Sale

Wow... lots to review, and very informative.  We need to ALWAYS pay attention to the email addresses we receive ... so much email fraud (scams) are being done with Title companies, too.  Nothing worse than having a clients $250,000 cash being wired to a scam.

Nov 04, 2017 03:13 PM #2
Show All Comments

What's the reason you're reporting this blog entry?

Are you sure you want to report this blog entry as spam?

Rainmaker
1,006,602

June Piper-Brandon

Piecing Dreams One Home at a Time
Take the next step in home ownership now
*
*
*
*
Spam prevention

Additional Information