New Alert: New Phishing Attempts Using Real REALTOR® Identities

GAAR has received reports of fraudulent messages targeting REALTORS®, including fake Zoom meeting links and document-sharing scams that appear to come from legitimate sources.

Scam #1: Fake Zoom Meeting Links

Scammers are posing as potential buyers and sending emails that include malicious “Zoom meeting” links. These messages often look legitimate, using real property details or professional language to appear credible. The link directs you to a fake Zoom site designed to steal login credentials or install malware on your computer.

What to watch for:

  • Links that do not lead to “zoom.us” or “zoom.com”
  • Generic or vague messages such as “let’s review this property over Zoom”
  • Urgent or unexpected meeting invitations from unknown senders

Stay safe:

  • Always verify the sender and link before clicking
  • Open Zoom meetings directly from your Zoom app or your own account
  • Never enter your login information through a link in an email
Scam #2: Fraudulent “Document” Emails from Real Accounts

A second, more sophisticated scam involves emails appearing to come from legitimate REALTOR® accounts. A member reported receiving multiple fraudulent messages.

These emails included:

  • Real names, phone numbers, and license information from local REALTORS®
  • A message stating, “We have some documents for you to review”
  • Links prompting users to log in or provide passwords

While everything looks authentic, the links are not legitimate and are being used to harvest login credentials or compromise your account.

The member warned, “Everything about them looks legitimate… but somebody is apparently hacking into other people’s email accounts. It asks for passwords and such — of course, I don’t do that. Just wanted to give members a heads up.”

Protect Yourself
  • Verify the sender. If an email seems unusual or unexpected — even from a known contact — confirm by phone or text before clicking.
  • Never enter your login credentials from a link in an email.
  • Use multi-factor authentication (MFA) on your email and MLS accounts.
  • Report suspicious messages to your broker.
  • If you’ve already clicked a suspicious link, change your passwords immediately.