The company announced that the attack was unsuccessful. As a result of this incident, some features of the command were temporarily restricted and KW introduced multi-factor authentication.
Whether you’re refining your business model, mastering new technology, or finding a strategy to take advantage of the next market boom, Inman Connect New York prepares you to take a bold step. The next chapter is about to begin. Please join us. Join us and thousands of other real estate leaders from January 22-24, 2025.
Days after news of the phishing attack on AnnieMac broke, hackers targeted Keller Williams with a similar attack. Although this attack was clearly unsuccessful, it still led to the company locking down some features of the KW Command platform.
Participate in the November INMAN Intel Index Survey
Keller Williams acknowledged the attack in an email to Inman on Tuesday, saying, “Once detected, we immediately addressed the phishing scam and secured the affected accounts.” The company also said that ultimately “there was no hacking or intrusion into our systems.”
Inman first learned about the case Tuesday through a tipster. The tipster shared an email apparently from Keller Williams, alleging that some company officials “tricked” people into sharing personal information and providing access to the Command account. He said he received a suspicious email with the purpose of
On Tuesday, Keller Williams herself shared another email with Inman that she had also sent on Tuesday, indicating that the situation had been resolved.
“As of today, all features that are temporarily restricted in command are fully operational,” the email said. “Thank you for your continued patience as our team works to protect our systems from recent phishing attacks targeting command accounts.”
In neither email nor to Inman, the company did not specify which features would be temporarily restricted or for how long.
However, Tuesday’s email said the company has introduced multi-factor authentication as an additional security measure during the employee login process.
News of the attempted phishing attack comes in the same week that loan provider Annie Mac revealed that scammers had accessed the personal information of 170,000 customers. The hack actually took place in August, but Annie Mac announced the incident this week as part of its plan to provide free credit monitoring and identity theft protection to victims.
Both incidents highlight the ever-present danger of phishing attacks. Such attacks typically involve scammers sending potential victims emails that appear to come from co-workers, management, or other internal sources. When recipients click on links in the email, they may be asked to enter personal information, such as passwords, which scammers can use to gain entry into their computer systems.
Such attacks are particularly common in the real estate sector. For example, in 2019 the Consumer Protection Bureau (CPB) warned that real estate phishing scams increased by 1,100 percent between 2015 and 2017. In one high-profile case, a family lost their entire down payment to such a scam.
Although CPB’s warning is already several years old, the events at Annie Mac and Keller Williams highlight the ongoing threat of phishing and the need for vigilance among members of the real estate community.
Email Jim Dalrymple II
