Have you ever received an email prompting you to urgently update your account details to avoid suspension, only to find out it was a fraudulent attempt to steal your personal information? Welcome to phishing, a type of online scam where criminals or bad actors impersonate legitimate organizations to steal valuable information.

As a landlord or property manager, you likely handle a lot of sensitive data - your own and your tenants'. This can make you an attractive target for email phishing scams. While it can be frustrating, it’s helpful to know that you can safeguard your online accounts by understanding and detecting potential threats. Here are simple steps you can do right away to protect yourself online:

  1. Update Your Software: Not only should you update your operating systems regularly, but also any software or apps you use on your device. Having up-to-date software is crucial to warding off cyberattacks.
  2. Use Strong Passwords: Create unique and complex passwords for every account you use to increase online security and avoid cyberattacks on more than one account at once.
  3. Enable 2-Factor/Multi-Factor Authentication (2FA/MFA): Ensure you have enabled 2-Factor Authentication or Multi-Factor Authentication on every software platform that offers this feature.
  4. Look for Suspicious Senders: Always double-check email addresses and domain names before clicking on any links or opening any emails.
  5. Take a Clue from the Language: Look for spelling errors, grammar mistakes, or strange wording that might indicate a scam or phishing attempt.
  6. Don't Share Information: Be extra wary of any online requests asking for sensitive or personal information. Always call the business directly using a confirmed phone number if you have any questions or concerns about your security.
  7. Avoid Urgency: Beware of texts or emails pressing you to act on a request immediately.
  8. Use the Hover Feature: Before clicking any links, hover your mouse over the attachment or URL (without clicking) to check for authenticity. If the URL or attachment looks suspicious or does not match the exact domain where you have an account, do not click the link. 
  9. Follow Best Practices: It's always safest to open a new browser window and enter the business URL that you normally use for that business rather than clicking on the link in the email to avoid redirects or email scams.

When it comes to secure property management, ensuring your online security is as important as maintaining the physical property. Any vulnerability online may lead to significant loss or damage to your business and may even cause a breach of tenant data, a nightmare scenario for everyone involved.

It's 2024, and maintaining online security has never been this critical – or manageable. Continue reading to learn strategies you can implement, ensuring optimum online safety and the continual growth of your property investment.

What Is Phishing?

Phishing is a cybercrime where scammers, posing as legitimate institutions, send emails or text messages to trick individuals into providing sensitive data, such as passwords, credit card numbers, and Social Security numbers. These details can then be used to access important accounts, leading to identity theft and financial loss. It's like a digital form of fishing, where the scammers throw out a 'baited hook' and hope someone bites.

Understanding the Basics of Phishing

As recent statistics suggest, cyber-attacks occur more frequently than many realize, with the FBI receiving a cybercrime report every 39.5 seconds. These attacks can take many forms, from hacking to phishing, and pose a significant threat to landlords and tenants alike. A successful breach can lead to serious consequences, such as identity theft, fraud, and significant financial loss.

5 Common Types of Phishing

While email is the most common method of phishing, it's not the only one. Scammers are inventive and use various platforms to target their victims:

  1. Email Phishing: Bad actors send an email that appears to be from a trusted source, asking the recipient to provide personal information or click on a link leading to a fraudulent website.
  2. SMS Phishing (Smishing): Similar to email phishing, but carried out via text messages.
  3. Voice Phishing (Vishing): A phone call to trick victims into giving out personal information.
  4. Pharming: This involves redirecting users from a legitimate website to a fraudulent one to collect their login credentials.
  5. Spear Phishing: Bad actors tailor their attack to a specific individual or organization, often using personal details to appear more convincing.

One of the initial things to watch out for is the sender's email address. Cybercriminals often use email addresses that appear to be legitimate but have slight alterations. For example, an email from support@tenantcloudd.com instead of support@tenantcloud.com should raise a red flag.

How to Recognise 6 Phishing Red Flags

As the saying goes, knowledge is power, and here are six essential tips for how to spot email phishing.

  1. Poor Grammar and Spelling Errors
    If an email is riddled with grammar and spelling errors, it's likely not from us or any other professional entity.
     
  2. Generic Greetings or Salutations
    Personalization is key in professional communications. Emails from reputable sources usually address you by your name. Watch out for generic greetings like "Dear user" or "Dear sir/madam."
     
  3. Urgent Action Demands and Claims of Account Problems
    Phishing emails often create a sense of urgency, pressuring you to act immediately. Be skeptical if an email demands immediate action to resolve account problems or claim a reward. We ensure our communications are clear and calm, never pressuring you into hasty decisions.
     
  4. Requests for Personal Information or Payment Details
    A classic phishing strategy is the request for sensitive information. We will never ask for your personal information or payment details via email.
     
  5. Suspicious Attachments or Links
    Be wary of unexpected email attachments or links. Hovering over a link (without clicking) will display the actual URL. If it looks suspicious or doesn't match the context of the email, it's likely a phishing attempt.
     
  6. Offers That Are Too Good to Be True
    Finally, if an offer seems too good to be true, it probably is. Phishing emails often lure victims with incredible deals or promises.

How to Respond to a Suspected Phishing Email

Be skeptical of suspicious emails and verify their authenticity before taking any action.

Keep your eyes open, trust your instincts, and always err on the side of caution. If you suspect a phishing attempt, don't hesitate to contact our support team immediately. It's better to be safe than sorry when dealing with potential phishing emails.

  • Do not click on any links or download any attachments. These could potentially contain harmful malware that can compromise your personal data.
     
  • Do not reply or provide any personal information. Avoid revealing any sensitive data like passwords, credit card numbers, or social security numbers.
     
  • Analyze the email critically. Look for the signs we have discussed, such as poor grammar, generic greetings, or requests for personal information.
     
  • Cross-check with the concerned party. If the email appears to come from a known contact or company, reach out to them directly using trusted contact information, not the details provided in the suspicious email.

Using Unique and Strong Passwords for Each Online Account

Your online accounts, including your property management software, should have unique and strong passwords. The use of a strong password – a combination of numbers, symbols, and both uppercase and lowercase letters – makes it more difficult for cybercriminals to hack into your accounts.

Pro Tip: It is crucial to avoid using the same letters or numbers for your account password as it increases the likelihood of unauthorized access.

Example of a weak password: 12345

Example of a strong password: K^4Fdw90i

We recommend using a separate password for your email, as it is often the gateway to resetting passwords on other sites.

The Importance of Two-Factor Authentication

Two-factor authentication (2FA) or two-step verification (2SV) adds another layer of security to your online accounts. In addition to entering your password, you'll need to provide another piece of information, such as a code sent to your mobile device. This double-check ensures that even if your password is compromised, hackers cannot access your account without the second verification factor.

Learn how to set up two-factor authentication on TenantCloud by reading this instructional guide in our Help Center.

Being Cautious of Online Requests for Personal Information

Cybercriminals often pose as legitimate organizations to trick users into providing sensitive information. Never share personal information online unless you're sure of the recipient's identity and the security of the platform.

If you've accidentally clicked on a link or attachment in a phishing email, take immediate action to protect your data. If you believe that your personal information, like your Social Security, credit card, or bank account number, has been compromised, visit IdentityTheft.gov. It provides specific steps based on the information that you have lost.

Cybersecurity is a moving target, with new threats emerging daily. Continually educate yourself and your tenants about the latest cybersecurity threats and protection measures. Knowledge is power in the fight against cybercrime.

Promote a culture of security amongst your tenants. Encourage them to use strong, unique passwords, and educate them about the importance of not sharing personal information online.

Trust in TenantCloud

At TenantCloud, we take your online security seriously. Cybersecurity is a shared responsibility, and we are committed to providing a secure environment for our landlords and tenants. Our platform is designed with robust security measures to protect your information, including two-factor authentication, data encryption, and regular security audits.

Not only do you deserve efficient online property management, but you deserve peace of mind too. That’s why we're constantly monitoring and evolving our security measures to stay ahead of potential threats and provide you with a safe, reliable platform for managing your properties.

If you suspect that your TenantCloud account has been compromised, don't hesitate to contact us immediately. 

Remember, maintaining online security isn't an end goal but a continuous process. Stay vigilant, stay updated, and stay secure with TenantCloud.