Artificial intelligence is advancing at a blistering pace. Faster, perhaps, than many in the real estate industry can keep up with.
Agents are constantly being told that they must adapt to the new AI era or be left behind. Proptech companies are rapidly releasing new AI-powered technologies that promise to supercharge workflows. And rising frustration in some quarters has raised questions about public safety and even AI-motivated violence.
Amid all this frenetic change, one emerging danger is becoming clearer: AI-powered cybersecurity threats.
TAKE THE INMAN INTEL INDEX SURVEY
This topic has been thrust into the spotlight recently by Anthropic’s announcement of a new AI model, dubbed “Mythos,” which is currently available only to a select few users. Anthropic has held back the model’s release and launched an initiative called Project Glasswing due to the model’s reportedly alarming capabilities.
Anthropic says Mythos has already uncovered software vulnerabilities across “every major operating system and every major web browser.” And according to a growing number of cybersecurity experts, tools like it could fundamentally reshape the threat landscape.
Historically, many serious cybersecurity vulnerabilities persisted not because they were impossible to find, but because discovering them required a rare mix of expertise, time and persistence.
AI tools like Mythos could change that equation. Just as AI can make a real estate agent’s job easier, the technology can also lower the barrier to entry for cybercriminals and supercharge their capabilities. In that scenario, vulnerability discovery is no longer the bottleneck, and the balance between defenders and attackers becomes much harder to predict.
AI is amplifying familiar threats
In the real estate industry, Anthropic’s Mythos is only part of the growing threat AI poses to cybersecurity. Artificial intelligence has already proven highly useful for real estate fraud.
Cybercriminals stole more than $275 million through real estate-related fraud from at least 12,368 victims last year, according to the FBI Internet Crime Complaint Center. It was a sharp jump from 2024 and 2023 totals.
The agency defines real estate fraud broadly, encompassing fake investment deals and rental or timeshare scams. It notes that victims span all age groups, with similar incident levels reported among people in their 20s through 50s. FBI officials point to AI-enabled scams as a key accelerant, making fraud more scalable, convincing and harder to detect before damage is done.
Cybersecurity experts warn that scammers are increasingly leveraging AI tools like ChatGPT to generate polished, highly convincing phishing emails that erase many of the traditional red flags used to spot scams.
Technically, OpenAI prohibits the use of its models to generate malware, facilitate fraud or deception, or engage in any illegal activity. Its systems are designed to refuse direct requests to write phishing emails or build scam websites.
However, they can still lower the barrier for bad actors and help streamline research, refine language, and scale the kind of content that underpins phishing campaigns.
Low-cost generative AI tools capable of producing deepfakes and realistic voice clones are also pushing phishing into far more sophisticated — and harder to detect — territory.
Traditionally, business email compromise (BEC) attacks relied on gaining access to legitimate email accounts — often through phishing — or spoofing domains to trick employees into wiring money or sharing sensitive information. These scams were largely text-based, which meant they could be flagged by spam filters or scrutinized for telltale signs such as suspicious domains or email headers. While BEC remains widespread, improved filtering and awareness have made these tactics harder to execute.
Voice cloning is changing that dynamic. By introducing urgency and familiarity, it taps into instincts that email simply can’t replicate. You might pause to verify an email’s origin, but when your boss calls, sounding stressed and asking for immediate help, you may be less likely to hesitate.
This evolution has fueled the rise of “vishing” — voice phishing powered by AI-generated voices. These attacks can bypass traditional email defenses and even some voice authentication systems. By creating high-pressure, real-time scenarios, attackers increase the likelihood that victims act quickly and without verification.
Weak systems meet smarter tools
The tech tools fueling real estate fraud are becoming increasingly sophisticated. But cybersecurity experts say the greater risk is the weaker defenses many agents and brokerages may still maintain.
“The question is not whether Anthropic’s new model will introduce new vulnerabilities into the real estate industry,” Luke Irwin, CEO and principal consultant at Aegis Cybersecurity, told Inman. “The more accurate concern is that they will find what is already there.”
Irwin said that, in all cases, vulnerabilities already exist within the platforms used by real estate agents and brokerages. “What Mythos represents is a faster way to identify those weaknesses across large codebases,” he said. “That raises the risk for organizations that do not patch and maintain their systems properly, or that rely on providers who fail to do the same.”
Tools such as Claude and ChatGPT, he said, already provide strong support for phishing, impersonation, and social engineering. Variants discussed in criminal circles, such as FraudGPT, have already shown how AI can be used to improve the scale and quality of malicious communications.
“When you combine that with poor email security, weak controls, and inconsistent staff awareness, you increase the likelihood of wire fraud, unauthorized access to CRM platforms, and exposure of sensitive customer and commercial data,” Irwin said.
Irwin said that cybersecurity fundamentals matter more than ever for agents and brokerages looking to use AI safely. “First, there needs to be a clear policy defining what AI tools may be used and what data can and cannot be entered into them,” Irwin said. “Second, there needs to be a risk assessment process to evaluate safety, effectiveness, bias, and business suitability.”
Lastly, he said that staff and agents need training to understand how to use these tools appropriately and where the boundaries are. If an organization refuses to adopt AI altogether — which seems highly unlikely these days — staff will often go and use it anyway, creating what is commonly referred to as “shadow AI.”
“In many cases, shadow AI is simply a reflection of an organization failing to modernize in line with workforce expectations, thus creating the risk anyway,” Irwin said.
Expanding risk — often without realizing it
The use of AI has become ubiquitous in real estate. In RPR’s latest survey of 225 real estate professionals, 82 percent reported actively using AI in their business. But while Realtors may use AI, they may not always consider its cybersecurity implications.
General knowledge of AI safety is fairly limited among businesses and brokerages that may not have a large cybersecurity division, according to Aimee Simpson, director of product marketing at Huntress.
“It’s not uncommon that employees will upload files directly to models like Claude or ChatGPT, asking for help completing tasks or finishing work,” Simpson told Inman. “What they don’t realize is that by uploading these pieces of content to models, they’re essentially allowing a model to read, access and potentially store information about that data.”
Simpson said this is a problem because that data could begin to surface in other users’ searches, directly expanding the attack surface a business has to contend with in an entirely unseen way.
“Typically, with an attack surface, a company can take steps to visualize and secure it as much as possible,” Simpson said. “The same just does not apply to AI-based threats, as they’re notoriously more difficult to gain visibility into and to implement controls to stop.”
In short, AI use can “massively expand” a company’s attack surface without giving the business many opportunities to build an effective defense. Simpson said it’s a complicated situation that few companies — or Realtors — are paying enough attention to.
Legacy security tools are increasingly outmatched by the rise of AI-powered cyber threats. Last year, the World Economic Forum reported that 87 percent of cybersecurity leaders identified AI-related vulnerabilities as the fastest-growing risk, yet 90 percent of organizations admit they remain unprepared to defend against AI-driven attacks.
The hidden risk inside AI-generated answers
Simpson also noted that there have already been several cases of malicious users creating phishing links and distributing them in organic search results, hoping they appear in chatbot answers.
“When AI tools begin to scrape these websites, they include these links as ‘evidence’ or references that what they’re saying is correct,” Simpson said. “Without knowing, they present phishing links directly to users via their chatboxes.”
Especially in something like real estate, where customers may research a region or company or ask questions about brokers, she said that the ability to manipulate these results using an AI agent is extremely worrying.
“AI systems need to take firmer steps to validate the information they scrape, improving the traceability of their systems to help AI businesses protect their customers,” Simpson said.
So, given all these threats, how can brokerages and agents better protect themselves? Simpson said every effective AI deployment must come with a heavy dose of data protection and safety.
“Before using any AI tools or systems, you need to first create a detailed framework of what data your employees can share with these systems and what’s off limits,” she said. “It may seem overly pedantic, but AI systems represent an enormous data risk when misused.”
