Disabled KW Email and Phishing Attacks

If Google tells you that your KW Email account has been disabled and to contact an administrator, you have fallen victim to a “Phishing” attack

Pronounced “Fishing”, this means that you likely received a “lead” email that contained a link to a property they were interested in, or their “requirements”, or a “pre-approval letter”, or something like that.

When you clicked on that link, you were presented with a Google login page, as if you had somehow been signed out of your Google account.

Unfortunately this is a fake login page that is designed to collect your login information, so that scammers can log in to your account and send scam emails to all of your contacts.

Once the scammers do that, the Google system detects the unusual activity and locks down your account automatically.

At this point, you will need to contact KW International support to unlock the account and set a new password:

KW International can be reached at Support@KW.com or 512-306-7191

SLM unfortunately does not have the ability or access to unlock your account for you, it must be done by KW International support.

We also STRONGLY suggest changing the password for any account that you used this email address to create i.e. Dotloop

What can I do to protect myself from Phishing attacks?

Phishing attacks depend on ignorance to work. To stay ahead of the scammers, learn to think twice about what seems like a legitimate lead or login page.

  1. The Real Estate industry is tied for the #1 spot for the number of Phishing attacks with the Mortgage Lending industry. More Phishing scams come into the mailboxes of Real Estate Agents and Mortgage Agents than any other industry.
  2. If a any email seems fishy, IT IS
    • If you ever think to yourself “I should ask Scott/my MCA/tech support/another agent/etc. whether this is a scam”, then it is a scam and you should just delete the email.
  3. Don’t be so desperate for a lead that you endanger your accounts
    • Most Phishing scams come to agents in the form of a “lead”, whether sent directly to their email, or submitted through a contact form on a website. These “Leads” always contain a link, usually to the client’s “requirements” or to the listing they’re interested in, or to a “preapproval letter”.
    • Leads through KW websites and profiles should only contain links to legitimate sources AROUND the body of the message. Any links in the text that the “lead” sends in are to be considered scam links
    • Most people sending leads to agents don’t know how to add a link to a lead email, so any link is to be regarded as suspect
    • If you’re not sure a lead was supposed to have a link or an attachment, respond asking for them to call you or to send the “requirements” or “preapproval” as an attachment instead
      • If they refuse to call you, or cannot produce a different version of the attachment, it is a scam
    • See the image below for an example of a common scam lead email. If you receive an email that looks ANYTHING like this, delete it
    • If a “lead” DOES contain a link, here’s how to see whether it is legitimate:
      1. Hover your mouse cursor over the link but DO NOT click it
      2. If you are using Google Chrome, Mozilla Firefox, or Apple Safari, a very small box should pop up in the bottom left or right corner of your browser showing you where that link is being directed to
      3. If the preview of that link doesn’t match the text that is written out, it is a scam
    • If a link in a “lead” is sent as plain text, such as https://kw.com/homes-for-sale/43436asp?id=4343600073, rather than clicking on the link, first highlight it, copy it, then paste it into the address bar to ensure that you are going to the link that is listed, not to another page.
    • You can also use Google to determine if a link is a scam:
      1. Right click on the link
      2. Click “Copy link address” or “Copy link location”, whatever the wording is for your particular browser
      3. Paste the link into Google and search
      4. If the Google results say anything about a scam, or if the results are incomprehensible, it is a scam and the email should be deleted
  4. Remember: If a any email seems fishy, IT IS
    • This bears repeating. If you ever think to yourself “I should ask Scott/my MCA/tech support/another agent/etc. whether this is a scam”, then it is a scam and you should just delete the email.
  5. Be on the lookout for poor grammar or spelling
    • In the screenshot above, a couple of poor grammar choices come to our attention:
      1. “let me know if you would like us to view it” should be more like “let me know if it’s still available to view”
      2. “Click the following link to view the Residential” should be something like “Click the following link to view the listing” (no agent is going to use “the residential”, it just doesn’t work)
  6. Pay attention to any “log in page” you are presented with
    • If you click a link and are presented with a login page, check the address bar. If the address begins with anything except https://accounts.google.com, it is a scam.
      • BEWARE of “lookalike” addresses such as “qoogle.com” which has “Q” as the first letter, rather than “G”, or “accountsgoogle.com” which is missing the “.” between “accounts” and “google”
    • At any time, you can visit https://accounts.google.com to determine whether you are logged in or not
  7. Report any suspected scam emails
    • Forward suspected scam emails to Spam@UCE.Gov
    • UCE is a division of the Federal Trade Commission that investigates spam, fraud, and phishing attacks
  8. Remember: If a any email seems fishy, IT IS
    • This bears repeating again. If you ever think to yourself “I should ask Scott/my MCA/tech support/another agent/etc. whether this is a scam”, then it is a scam and you should just delete the email.