Cybercrime in the real estate industry

An email telling you you've won a few thousand dollars or a voicemail demanding unpaid taxes - by now, there wouldn't be many of us who haven't been targeted by such scams. While many of us know better than to take these seriously, the reality is that cybercrime costs the global economy $2.9 million per minute. It continues to be a significant challenge for businesses and even entire countries. The real estate industry is one that's increasingly being targeted by cybercriminals. Below we provide an overview of what cybercrime in the real estate industry entails, how agents can prepare their businesses and how cyber insurance can help.

Why are real estate agents at risk?

There are few businesses that aren't at risk of cyberattacks in some way, but a few aspects of real estate businesses make them a particularly appealing target. Firstly, you're likely to hold a lot of personal information on your clients, including bank account details and forms of identification. This type of information is valuable for cybercriminals as it provides them with an easy avenue for identity theft, where cybercriminals steal personal information to, generally, steal money or gain other benefits.

Another reason for real estate businesses being a lucrative target is their involvement in facilitating high-value transactions, with large amounts of money passing through various accounts and settlement platforms. In addition, small businesses tend to be an easier target for cybercriminals as they may not have the resources to protect their assets and data compared to larger organisations. The combination of these factors has created the ideal environment for cybercriminals to hone in on unsuspecting real estate agents in their attempts to infiltrate their networks and systems.

What could go wrong?

Cybercrimes and attacks can take many forms, such as malware, ransomware, business email compromise, phishing and much more. To demonstrate a few examples of how real estate agents in particular, may fall victim, here are a few of Aon's clients who have fallen victim to cyberattacks (based on real claims with names anonymised for privacy reasons):

House Real Estate discovered its computer system had fallen victim to a ransomware attack one morning. In attempting to access the agency's server, a message displayed on-screen demanding payment of 5,000 USD (via Bitcoin).

An employee at ABC Real Estate received an email that looked like it was from their energy provider. When the employee clicked on the link in the email, malicious malware in the email proceeded to lock down the agency's computer network.

Home Real Estate sent an email to their client asking for bank account details to transfer money for a deposit. The agency received an email that appeared to have come from the client with bank account details and transferred the money into this account. It turned out that the email chain had been compromised by a hacker in the US, and the money had in fact been transferred to the hacker's account.

Why the cloud isn't foolproof

It might be easy to assume that because you use a cloud-based application or provider, your systems are immune to unfortunate cyber incidents. But it's important to remember cybercrime goes beyond hacking of your virtual networks - even using a computer in the office means that the device itself may be hacked. Furthermore, your data being stored in the cloud doesn't completely secure it from unauthorised access, use, theft, deletion or cyber extortion. Privacy breaches may result from unexpected sources such as a disgruntled employee.

Steps for prevention

There are a number of steps real estate agents or any small business can take to help prevent or lessen the impact of cybercrime. Some of our key tips include:

• Install appropriate security software such as antivirus and malware software on all your devices and keep them regularly updated;

• Limit access to your physical premises, systems and devices to only those who need it;

• Backup your data regularly to reduce the damage if a breach does occur;

• Raise awareness in employees - teach them to identify phishing emails/scams and educate them on the importance of strong passwords;

• Establish good habits among your staff members e.g. by locking computers each time they step away from their desks; and,

• Ask employees to limit personal use of work computers and laptops.

For more tips on how you can enhance the cyber safety of your business, read this article on staying cyber safe.

How can cyber insurance help?

The steps outlined above are all sensible measures to reduce the likelihood or severity of cybercrime, but your business may still fall victim to cyberattacks and crime. Cyber Insurance has been designed to help protect businesses against financial losses arising from cyberattacks and crime and should be seriously considered by real estate businesses with a digital footprint assessing their insurance options. Cyber risk in a new digital world - Live Webinar

As we enter the new normal, increased reliance on technology, flexibility to work from anywhere and other changes in the way we work have dramatically increased opportunities for cybercriminals and may lead to an increase in cybercrime. To learn what this means for real estate agents, as well as mitigation strategies, join us for a live Webinar and Q&;A session with Aon's cyber industry experts:

Date: 24 March 2021
Time: 3:00pm AEDT
Register here

Disclaimer: The purpose of this article is to outline some mishaps of virtual events. Not all mishaps stated above are covered by insurance. © 2020 Aon Risk Services Australia Limited ABN 17 000 434 720 AFSL no. 241141 (Aon)

Read more here about Agency practice and stay connected.