Cybersecurity and Wire Fraud Prevention Policy


Real estate professionals are increasingly targeted by cybercriminals using sophisticated schemes designed to exploit the fast-paced, high-stakes nature of real estate transactions. Among the most damaging threats is wire fraud, often involving intercepted or manipulated communications that result in funds being sent to fraudulent accounts.

In addition, the use of AI tools is growing in our industry, and with it comes the responsibility to ensure sensitive client information remains protected.

This policy outlines important practices and guidelines to safeguard our agents, clients, and transactions from cyber threats, including wire fraud and data misuse.

Training Resources

đź“ş Watch a recorded Click Smart, Close Safe: Cyber + Wire Fraud Prevention Webinar to reinforce your knowledge.

General Cybersecurity Best Practices

To protect sensitive information and maintain business integrity, agents must follow these standards:

  • Never email sensitive data (e.g., Social Security numbers, account numbers, wiring instructions, or passwords) in the body or as attachments.
  • Use secure platforms (encrypted email, secure file-sharing systems, or reputable courier services) when transmitting confidential information.
  • Strengthen logins with unique passwords and multi-factor authentication (MFA). Enable MFA on email, CRM, Paperless, and any other business systems.
  • Use a password manager to securely store and generate strong passwords.
  • Be cautious on public Wi-Fi and always log out of sensitive accounts when not in use.
  • Stay alert for suspicious emails—look for unusual senders, typos, or changes in tone that might indicate a phishing attempt.
  • Pay attention to email filters—criminals can set up hidden rules that divert client emails so you never see them. Regularly review your email settings.
  • Archive emails periodically—move emails older than 1–2 years onto a hard drive. If your account is compromised, fewer clients will need to be notified.
  • Email is not a file cabinet—do not rely on email as your long-term storage system.
  • Protect files on your computer—use built-in encryption such as BitLocker (PC), FileVault 2 (Mac), or trusted tools like VeraCrypt or Encrypto.
  • Regularly update devices and software to close known security vulnerabilities.

AI Tools & Client Privacy

With the rise of AI platforms (such as ChatGPT and other large language models), agents must be vigilant about data privacy:

  • Do not upload confidential information (client names, property details, contracts, financials, etc.) into public AI systems.
  • Understand data risks: Inputs into free/public AI tools may be stored or shared in ways that violate privacy laws.
  • Legal liability: Misusing AI could expose you and the brokerage to compliance violations. Cyber liability insurance may not cover negligence involving AI.

Wire Fraud Awareness & Prevention

Wire fraud is one of the most significant threats to real estate transactions. Criminals may:

  • Hack or spoof email accounts to impersonate agents, lenders, or title companies.
  • Send fraudulent wiring instructions to divert closing funds.
  • Exploit the assumption that agents are directly involved with wiring money.

Even if you don’t handle client funds, you are still a potential entry point for attackers.

Preventative Measures for Agents & Clients

CENTURY 21 Redwood Realty recommends these steps to reduce risk:

  • Confirm by phone: Always verify wiring instructions using a trusted phone number, not one provided in an email.
  • Be suspicious of changes: Last-minute updates to wiring instructions are rare—treat them as red flags.
  • Educate clients early: Clearly explain that you will never provide wiring instructions. Clients should confirm details directly with the title company or attorney.
  • Call clients 10 days before closing: Use a dedicated phone call to remind them that this is when cybercriminals may attempt to strike.
  • Verify transfers with a predetermined phone number: Instruct clients to confirm electronic transfers with the title company using a number provided early in the process—not one from a last-minute email.
  • Double-check with the bank: Ensure both the account number and the account holder’s name match before wiring funds.
  • Verify receipt: Clients should call the title company immediately after sending a wire to confirm safe delivery.
  • Don’t “reply”—forward: When responding to financial emails, use Forward and manually type in the correct recipient address to avoid replying to a spoofed email.
  • Use disclosure forms: Provide written disclosures around cyber fraud to reinforce client awareness and accountability.

đź“ť Recommended Agent Practices

  • Provide clients with a one-page Cybersecurity and Wire Fraud Prevention Notice (available in Zipforms Redwood Library and Templates) early in the transaction and have the clients sign the acknowledgement portion
  • Consistently follow cybersecurity best practices in your own business operations.
  • Ensure proper handling of PII (Personally Identifiable Information) in all communications and storage.
Did this answer your question? Thanks for the feedback There was a problem submitting your feedback. Please try again later.