Scams targeting real estate transactions are on the rise, according to the FBI. Experts say there are many simple ways that consumers and real estate professionals can protect themselves and each other.

Cyber crimes (crimes carried out by digital means) have become so common, the FBI has created an Internet Crime Complaint Center (IC3) to address them. According to its website, “From calendar year 2015 to calendar year 2017, there was over an 1,100% rise in the number of BEC/EAC [business email compromise/ email account compromise] victims reporting the real estate transaction angle and an almost 2,200% rise in the reported monetary loss.”

The IC3 reports there were 9,645 victims of real estate fraud in 2017 alone.

Most commonly, a scammer will hack into a buyer’s email and monitor it. When the scammer sees emails between the buyer and their real estate agent, they wait until the transaction is imminent and at the last minute, they send the buyer a fake email made to look like it is coming from the agent asking the buyer to have the money for the purchase wired to a different account.

Scammers can also hack into a real estate professional’s email, if their security is lax.

And there’s a lot more than just your money at stake, said Dale Dabbs, CEO and president of EZShield, a firm that specializes in identity protection.

“These transactions involve a lot of money and a lot of personally identifiable information exchanged,” Dabbs said. “And that’s worth a lot of money to a scammer. People shouldn’t use email to conduct these transactions because it’s not secure. At the very least they should use password-protected email.”

The FBI said business email compromise scams like these are a $12 billion industry, and it’s growing

Dabbs, who recently bought a home, said he and his wife double-checked every number throughout the process, personally verified the wire transfer information before the transaction and called to confirm receipt immediately after. He said consumers should do the same.

“Consumers should ask all of the people they’re working with how their personal information will be protected,” Dabbs said. “Shred all papers materials after the transaction. Make sure your check is covered by fraud protection services. Send it certified mail.”

The FBI’s IC3 website said some consumers were scammed over the phone. They recommend consumers establish a codeword with people they deal with over the phone, to ensure the person on the other end is who they say they are.

Dabbs said real estate agents, mortgage professionals and attorneys should all invest in having their clients’ data professionally protected. He said his company and others like it can also help consumers and professionals deal with the after-effects of a breach, like monitoring victims’ credit to ensure scammers don’t open new lines of credit using victims’ stolen data.

“You can take the precautions now, but you never let your guard down,” Dabbs said. “Once your personally identifiable information is out there, it’s out there.”

Both Dabbs and the FBI say the first thing you should do if you think you’ve been the victim of a scam is contact the bank immediately. There’s a chance it can retrieve the money. The next thing to do is report the incident to the FBI.

Many of these scams happen on Friday afternoons—especially the Friday before a long weekend. By the time victims figure out they’ve been scammed, three or four days might have passed and that kind of head start can mean your money is gone for good. Every second counts.

Scammers typically immediately wire the stolen money to series of different (often unwitting) accomplices making the trail harder for law enforcement to follow. And if the money leaves the country, it is very hard to get it back. That’s why it’s important to contact the bank at the first hint of trouble.

“By the time you’re contacting the FBI, your chance of getting your money back are almost nil,” Dabbs said.