{"id":185279,"date":"2026-02-06T16:26:00","date_gmt":"2026-02-06T21:26:00","guid":{"rendered":"https:\/\/testing.news-you-need.com\/index.php\/2026\/02\/06\/cybersecurity-for-commercial-real-estate-key-strategies\/"},"modified":"2026-02-07T04:45:11","modified_gmt":"2026-02-07T09:45:11","slug":"cybersecurity-for-commercial-real-estate-key-strategies","status":"publish","type":"post","link":"https:\/\/testing.news-you-need.com\/index.php\/2026\/02\/06\/cybersecurity-for-commercial-real-estate-key-strategies\/","title":{"rendered":"Cybersecurity for Commercial Real Estate: Key Strategies"},"content":{"rendered":"<p><a href=\"https:\/\/www.jpmorgan.com\/insights\/real-estate\/treasury-services\/cybersecurity-for-commercial-real-estate-key-strategies\">Cybersecurity for Commercial Real Estate: Key Strategies<\/a><\/p>\n<p><a href=\"https:\/\/www.jpmorgan.com\/insights\/real-estate\/treasury-services\/cybersecurity-for-commercial-real-estate-key-strategies\">https:\/\/www.jpmorgan.com\/insights\/real-estate\/treasury-services\/cybersecurity-for-commercial-real-estate-key-strategies<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-02-06 16:26:00<\/a><\/p>\n<p>Source Domain: <a href=\"www.jpmorgan.com\">www.jpmorgan.com<\/a><\/p>\n<p>Author: <a href=\"\"><\/a><\/p>\n<p> Using an unordered list, summarize the following article with between 4 and 8 key points.<br \/>\n    Other best practices for protecting your portfolio against business email compromise include:\u00a0<\/p>\n<p>Verify callbacks: If you didn\u2019t perform the callback yourself, confirm it was done correctly before sending payment.<br \/>\nEnable email controls: Tools that mark emails from outside your company make it harder for scammers to impersonate employees.\u00a0<br \/>\nCheck email addresses and domain names: Look for signs of spoofing before clicking links. You may see slight alterations to the spelling of an email address or website URL, or changes to the top-level domain such as swapping \u201c.com\u201d for \u201c.co.\u201d<br \/>\nBe cautious with personal info: Scammers can use information you post on social media or other public websites to craft more convincing phishing attempts, and audio and video clips can be used to create deepfakes.\u00a0<\/p>\n<p>Bank account takeover is a form of identity theft and a growing cyber threat. A fraudster\u2019s goal: Gain access to a protected account and the funds or data it contains.\u00a0<br \/>\nA cybercriminal may attempt to trick you into sharing sensitive data through deceptive texts, emails or calls that appear to be from someone you trust.\u00a0<br \/>\n\u201cBad actors may call, pretending to be from your bank, and attempt to socially engineer you into divulging sensitive information through a fabricated urgent scenario,\u201d said Nico DiGioia, vice president of Global Banking Client Fraud Experience at J.P.\u00a0Morgan. \u201cThey might claim to want to help you solve a problem, such as reviewing a potentially fraudulent payment or an account with missing funds.\u201d<br \/>\nThe target may hand over account details without realizing they aren\u2019t speaking with their bank.\u00a0<br \/>\nFraudsters often use spoofed emails or look-alike domains that closely resemble a real email or login page from the bank they\u2019re impersonating. Another account takeover tactic is search engine optimization (SEO) poisoning, where scammers manipulate search engines so a fake website designed to steal account credentials appears at the top of the results.<br \/>\nPrevent account takeovers<\/p>\n<p>Learn to spot red flags: \u201cRecognizing an account takeover attempt is much easier when you know what your bank will and won\u2019t ask for over the phone,\u201d DiGioia said. When a J.P.\u00a0Morgan or Chase employee contacts you, they will never ask for your full account number, password or full token code. They also won\u2019t ask you to click a link and enter your credentials. Don\u2019t limit this tactic to your bank\u2014know what to expect from any vendor with access to sensitive information, such as your property manager or property management system provider.\u00a0<br \/>\nVerify requests: Don\u2019t assume a call, text or email is legitimate. Check with a known contact before sharing any sensitive information\u2014especially if the request is unusual or urgent.\u00a0<br \/>\nCheck email addresses and domain names: In addition to checking emails, texts and website URLs for signs of spoofing before entering credentials, consider using bookmarks to access key websites like your bank. This can help you avoid a fake version hiding in search results.<br \/>\nUse multifactor authentication: MFA helps protect your account if a scammer steals your login credentials by requiring additional proof of identity, such as a code sent by text to your phone.<\/p>\n<p>Digital solutions for preventing unauthorized payments can be part of your real estate cybersecurity strategy\u2014even for analog payments like checks.\u00a0<br \/>\nChecks remain the payment method most vulnerable to fraud, with 63% of respondents to the AFP survey reporting their organizations faced check fraud in 2024. But for many multifamily real estate owners, checks remain a necessary payment method.\u00a0<br \/>\nConnect offers payment fraud solutions that can help validate checks\u2019 legitimacy before processing, along with tools for protecting other payment types. Talk to your banker to make sure you\u2019re taking advantage of the right solutions for your business\u2019s payment strategy.\u00a0<\/p>\n<p>Cybersecurity threats are always evolving. These foundational tips can help you protect your business and keep operations running smoothly as fraudsters\u2019 tactics shift:\u00a0<\/p>\n<p>Know who has access to your accounts: Your team members should have access that\u2019s appropriate for their role. Consider setting payment limits for different accounts and employees based on past payment trends or requiring multiple levels of approvals for high-value transactions. Don\u2019t forget to update entitlements as your team changes. \u201cYou\u2019d be surprised how many times people find old property managers, bookkeepers or accountants who still have access,\u201d said Suzanna Da Silva, Head of Commercial Term Lending Payments at Chase.\u00a0<br \/>\nReconcile regularly: Reconciling payment activity daily can help you quickly identify any irregularities.<br \/>\nDevelop an incident response plan: If one of your properties experiences a cybersecurity incident, a response plan can help you respond quickly and limit disruption. A key step in that plan: Identify takeaways that can help you prevent future incidents. \u201cWhen a property owner experiences one type of fraud, it\u2019s natural to remain on high alert for that particular type\u2014but often there are broader lessons that can help you prevent other threats,\u201d Da Silva said.<br \/>\nInvest in training and testing: Educate employees on cybersecurity threats most relevant to your business and their role in protecting your properties. Contact your banker to learn about resources that can help you keep your team up to date.\u00a0<\/p>\n<p>\u201cOur fraud team is great about having conversations with clients that help them be proactive rather than reactive on fraud prevention and cybersecurity,\u201d Da Silva said.\u00a0<\/p>\n<p><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Cybersecurity for Commercial Real Estate: Key Strategies https:\/\/www.jpmorgan.com\/insights\/real-estate\/treasury-services\/cybersecurity-for-commercial-real-estate-key-strategies Publish Date: 2026-02-06 16:26:00 Source Domain: www.jpmorgan.com&#8230;<\/p>\n","protected":false},"author":1,"featured_media":185280,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/www.jpmorgan.com\/content\/dam\/jpmorgan\/images\/cb\/insights\/real-estate\/cb-cre-cybersecurity-for-cre-header-1440x810px-horizontal.jpg","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[24,25],"class_list":["post-185279","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-cybersecurity","tag-phishing"],"_links":{"self":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/185279"}],"collection":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=185279"}],"version-history":[{"count":1,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/185279\/revisions"}],"predecessor-version":[{"id":185281,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/185279\/revisions\/185281"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/185280"}],"wp:attachment":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=185279"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=185279"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=185279"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}