The corporate mentioned the assault was unsuccessful. In response to the incident, some Command options have been briefly restricted, and KW rolled out multi-factor authentication.
Whether or not it’s refining your enterprise mannequin, mastering new applied sciences, or discovering methods to capitalize on the following market surge, Inman Join New York will put together you to take daring steps ahead. The Subsequent Chapter is about to start. Be a part of it. Be part of us and hundreds of actual property leaders Jan. 22-24, 2025.
Simply days after information broke of a phishing assault towards AnnieMac, hackers have focused Keller Williams in an identical assault — one which was apparently unsuccessful however which however prompted the corporate to lock down some options of the KW Command platform.
TAKE THE INMAN INTEL INDEX SURVEY FOR NOVEMBER
Keller Williams confirmed the would-be assault in an e-mail to Inman Tuesday, saying that “upon detection, we promptly took measures to address the phishing attempts and secured the affected accounts.” The corporate additionally mentioned that finally there “was no hack and no infiltration of our system.”
Inman first discovered of the incident Tuesday through a tipster. The tipster shared an e-mail, apparently from Keller Williams, stating that some firm associates obtained suspicious emails that have been designed to “trick” individuals into sharing private data and offering entry to their Command accounts.
On Tuesday, Keller Williams itself shared one other e-mail with Inman that it despatched out, additionally on Tuesday, indicating that the state of affairs was resolved.
“As of today, all temporarily restricted features in Command are fully operational,” the e-mail said. “Thank you for your continued patience as our team worked to secure our systems from recent phishing attempts targeting Command accounts.”
The corporate didn’t say — both within the e-mail or to Inman — which options have been briefly restricted or for a way lengthy.
Nevertheless, the e-mail on Tuesday said that the corporate has rolled out multi-factor authentication as a further safety measure throughout associates’ login procedures.
Information of the tried phishing assault comes the identical week that mortgage supplier AnnieMac revealed that scammers accessed private data of 170,000 clients. That hack truly passed off in August, however AnnieMac introduced the incident this week as a part of a plan to supply free credit score monitoring and id theft safety to victims.
Each incidents spotlight the ever-present hazard of phishing assaults. Such assaults sometimes contain scammers sending potential victims emails that appear like they arrive from coworkers, administration or different inner sources. When recipients click on hyperlinks within the emails, they could be prompted to enter private data similar to passwords, which the scammers can use to penetrate laptop techniques.
Such assaults are frequent, particularly in actual property. In 2019, as an illustration, the Shopper Safety Bureau (CPB) warned of a 1,100% rise in actual property phishing scams between 2015 and 2017. In a single high-profile occasion, a household misplaced a whole downpayment to such a rip-off.
Although the CPB’s warning is a number of years outdated now, the episodes at AnnieMac and Keller Williams spotlight the continuing risk of phishing, and the necessity for vigilance amongst members of the true property neighborhood.
