Don't Take The Bait: Protect Your Property Management Business from Phishing

Don’t Take The Bait: Protect Your Property Management Business from Phishing

Phil Puccio

We’ve encountered a few strange email messages and social media posts recently, and that has led us to think about phishing and the dangers it poses to your property management company. A few months ago, we talked to you about email spam, and this blog today is a follow-up.

Spam is unwanted communication, which is usually delivered by email. It’s annoying, but it’s technically legal.

Phishing is a criminal activity that involves fraudulent communication designed to get confidential information from you. It’s usually an email or a phone call or a response to a form on your website. The perpetrators will steal your credit card information and take your money, or they’ll sell the information taken from you to other criminals.

You need to know how to identify it and what you can do about it.

Property Management & Phishing:

Identifying and Avoiding Phishing Emails

Unfortunately, there’s not much you can do to avoid this sort of phishing. There are bad people all over the world, and thanks to the internet, they’re now as close as your backyard.

The golden rule is this: Be Suspicious.

Just last week, I got an email that claimed to be from Quickbooks/Intuit. The email said that our last payment didn’t go through correctly. This stood out as strange because at Fourandhalf, we don’t pay directly for Quickbooks. It’s provided to us by our accountant. So, I questioned why I was getting the email. It could have been possible that the accountant forgot to pay our Quickbooks bill, but I knew it wasn’t likely.

Here’s what I did to determine this was a phishing email:

  1. Who did they send the email to?
    They sent it to hello @ Fourandhalf. That’s suspicious because it’s the email address dedicated to our incoming marketing messages. Half a dozen staff members receive those emails, so it likely wouldn’t be used for the company’s financial information. That was the first clue.
  2. Who is the email from?
    The email didn’t come from Intuit or Quickbooks. It came from billingintuit.com. That’s suspicious.

Normally, these two things would have been good enough for me to determine that the email was shady. Another thing I noticed is that the email just didn’t look right. There was odd formatting. The spelling was correct, which is unusual, but the message didn’t seem to take up the right amount of space in the window. Some lines of text were bold and others weren’t. Different sections had different fonts. There was also a Fix It Now button. It wasn’t the best quality and I don’t think Intuit or Quickbooks would have put this out themselves.

This email wasn’t asking me to click on a link or go to another site where I would put in my information. Usually, that’s what phishing companies do to gather the information they need. This email asked the recipient to call. That’s also dangerous; people on the other line could be collecting your information by voice. Don’t think you’re safe just because the email isn’t asking you to click on something.

Phishing Messages from Websites

Another example came to us from someone on Facebook. This company had a form on their website that people could fill out for more information. They received a message through that form from someone claiming to be a photographer and an illustrator. The individual claimed that the images used on the website belonged to him and he held the copyright on them. The message asked the company to contact him.

Again – suspicion is good.

First of all, this came in on the website contact form. That’s not how anyone with a copyright issue would normally get in touch with a company. You’d get an email or a letter. You’d probably get a registered letter from a copyright attorney.

If the photos were improperly used and violated the Digital Millennium Copyright Act of 1998, it’s the website host who would be contacted. So, if your site is run by Go Daddy and you’re using someone else’s pictures, Go Daddy would be contacted and asked to take the photos down. You’d be hearing from your hosting company, not the individual themselves.

There were also misspellings and we noticed a lot of bad English.

What Can Property Management Companies Do About Phishing?

This isn’t something you can stop, unfortunately. The best thing to do is to be suspicious. If you’re not sure whether the email or the message you’ve received is legitimate, ask around. Talk to other people in your office. Don’t click on links and don’t call the phone numbers. Never reply to these emails because that simply tells them that your email is real, and that’s valuable.

If you’re a Fourandhalf customer, send anything suspicious over to us. We’re happy to take a look and do a little investigating.

Technology does a lot of great things for us, but it also opens us up to extra risks. Contact us at Fourandhalf if you have any questions about spam, phishing, or any of the other suspicious information online that may threaten your property management business.


The Property Management Show is brought to you by Fourandhalf. We help property managers strategize and implement marketing plans that bring in owner leads. Get a free marketing assessment to find out how to start getting better clients into your portfolio.

Find out how to get better clients with Fourandhalf Marketing


Don’t Take The Bait: Protect Your Property Management Business from Phishing News

Source link

Don’t Take The Bait: Protect Your Property Management Business from Phishing Resources

Property Management

Leave a Reply

Your email address will not be published.