Home hunters in the UK may have been at risk from a phishing scam it has been revealed. The feed from Lettingweb to Zoopla was reportedly targeted by scammers aiming to capture personal data and ultimately secure a deposit from renters interested in listings on the portal. The scam used a fraudulently obtained agent’s username and password to place fake listings on the feed with instructions for interested renters to get in touch via an email address from which personal details and money would be solicited.
Although Lettingweb is in effect itself a portal for Scottish rental properties it does send its agents’ listings to bigger portals such as Zoopla as well as aggregators such as Lifull Connect. Lettingweb has released a copy of the incident report generated which shows that the breach came from an agent whose username and password had been hacked and not from the platform itself.
The incident highlights the importance of password secrecy as well as just how many sites a listing can end up on once posted through an agent’s account and the importance of the agent giving accurate information when uploading a property.