Although realtor safety month has come to an end, there’s a good reason to still think about security when it comes to real estate. In addition to keeping their staff safe, real estate businesses and brokerages need protection from website and email hacks as well.

Real estate transactions are becoming more digital-based, leaving consumers and real estate professionals alike susceptible to digital scammers. Two incidents in Colorado are perfect examples of how vulnerable real estate websites and email are. One had a closing agent receive an email from the “seller” instructing her to change the wire transfer of almost $83,000 to a different account (she did). Another saw a Realtor’s email hacked, resulting in an imposter’s unsuccessful attempt to get her client to wire his $65,000 down payment to a different bank account.

Even with security measures in place, you may still be a target, according to Kathleen Hurley, IT director for NYC-based Madison International Realty, a real estate private equity firm.

“You may be confident that your IT department has implemented the right tools, such as a strong antivirus, antimalware, and firewalling policy. However, if you have not trained your staff thoroughly and repeatedly, your company is only slightly secure,” Hurley wrote in a recent article.

According to Hurley, the biggest hole in security is the one created by users themselves. To help real estate businesses prevent the hacking of their websites, Hurley offered a few tips for companies to pass along to their employees:

Be vigilant about passwords — Staff should avoid writing down passwords. “A visible password is offering anyone who happens by an opportunity to get curious,” Hurley wrote.

Also, employees should be trained on how to handle those phone calls from the “Windows Department” asking for passwords. Last, Hurley suggested IT protocols for password sharing be in place.

“Will IT ever ask for a password over the phone? Will they always reset a password? Knowing what the standard is can help a user respond properly to a social hack attempt,” she wrote.

Educate your staff — Using one password for multiple sites is frowned upon. Still, most of us continue to do it, if for no other reason than it’s easier to remember one password instead of several. The problem is we may be using the same password for our business transactions as we do for our social media accounts. A solution, according to Hurley, is to have IT provide education on how compromising that practice can be in addition to offering password management tools that can make it easier for users.

“Those firms that have implemented two-factor authentication or biometrics are doing all that they can to ensure users are as smart as they can possibly be about protecting the firm’s information,” Hurley wrote.

Beware of the cloud — Although convenient, cloud-based file sharing has inherent risks that should be considered carefully before uploading documents.

In response to the successful scam in Colorado, the Federal Trade Commission issued a warning and tips for consumers, real estate agents, and title companies regarding digital real estate transactions. In addition, real estate agents can check out The National Association of Realtors’ list of suggestions to help prevent scam attempts.