Keller Williams’ KW Command targeted in phishing attack

2 days ago 1

The company said the attack was unsuccessful. In response to the incident, some Command features were temporarily restricted, and KW rolled out multi-factor authentication.

Whether it’s refining your business model, mastering new technologies, or discovering strategies to capitalize on the next market surge, Inman Connect New York will prepare you to take bold steps forward. The Next Chapter is about to begin. Be part of it. Join us and thousands of real estate leaders Jan. 22-24, 2025.

Just days after news broke of a phishing attack against AnnieMac, hackers have targeted Keller Williams in a similar assault — one that was apparently unsuccessful but which nevertheless prompted the company to lock down some features of the KW Command platform.

TAKE THE INMAN INTEL INDEX SURVEY FOR NOVEMBER

Keller Williams confirmed the would-be attack in an email to Inman Tuesday, saying that “upon detection, we promptly took measures to address the phishing attempts and secured the affected accounts.” The company also said that ultimately there “was no hack and no infiltration of our system.”

Inman first learned of the incident Tuesday via a tipster. The tipster shared an email, apparently from Keller Williams, stating that some company associates received suspicious emails that were designed to “trick” people into sharing personal information and providing access to their Command accounts.

On Tuesday, Keller Williams itself shared another email with Inman that it sent out, also on Tuesday, indicating that the situation was resolved.

“As of today, all temporarily restricted features in Command are fully operational,” the email stated. “Thank you for your continued patience as our team worked to secure our systems from recent phishing attempts targeting Command accounts.”

The company did not say — either in the email or to Inman — which features were temporarily restricted or for how long.

However, the email on Tuesday stated that the company has rolled out multi-factor authentication as an additional security measure during associates’ login procedures.

News of the attempted phishing attack comes the same week that loan provider AnnieMac revealed that scammers accessed personal information of 170,000 customers. That hack actually took place in August, but AnnieMac announced the incident this week as part of a plan to offer free credit monitoring and identity theft protection to victims.

Both incidents highlight the ever-present danger of phishing attacks. Such attacks typically involve scammers sending potential victims emails that look like they come from coworkers, management or other internal sources. When recipients click links in the emails, they may be prompted to enter personal information such as passwords, which the scammers can use to penetrate computer systems.

Such attacks are common, especially in real estate. In 2019, for instance, the Consumer Protection Bureau (CPB) warned of a 1,100 percent rise in real estate phishing scams between 2015 and 2017. In one high-profile instance, a family lost an entire downpayment to such a scam.

Though the CPB’s warning is several years old now, the episodes at AnnieMac and Keller Williams highlight the ongoing threat of phishing, and the need for vigilance among members of the real estate community.

Email Jim Dalrymple II

Read Entire Article