Uico Barrack Broking
1300 605 101
Insights

Cyber Crime In the Real Estate Industry

  • Risk Tip
Cyber Crime Real Estate

Cyber Criminals Target Real Estate Agents: How You Can Protect Your Business! 

Why target a Real Estate business?

Giving out personally identifiable information such as work history, date of birth, past rental locations, as well as phone & email addresses during an application or lease agreement has become part and parcel of renting or buying a property in Australia. This data is often shared digitally, and scanned copies of physical documents are kept within numerous systems between estate agents & third parties. The sensitivity of the data makes it appealing to cyber criminals, as it’s valuable in effecting financial crimes such as identity theft and email fraud. 

The appeal of Real Estate businesses to cyber criminals doesn’t end there, though. Some of the other reasons that real estate businesses are a high threat include:

  • Real Estate Agents transfer significant volumes of money and hold large balances of funds in trust accounts. 
  • Employee training and education around cyber awareness is not widely adopted.
  • Multiple devices and passwords are shared between employees, such as client portals. 
  • Technology is rapidly introduced to assist with efficiency in business practices, which increases the risk and cyber liabilities. 
  • Due to industry regulations, rental records are stored for up to seven years (and in large volumes). This means cyber criminals can potentially access information they know won’t be deleted. 
  • A large number of users have access to sensitive information. The more people that have access to systems, the greater potential for human error and the greater the risk of compromised data exists. 

Real Estate businesses are a lucrative target is their involvement in facilitating high-value transactions, with large amounts of money passing through various accounts through settlement platforms. In addition, small businesses are an easier target for cyber criminals as they may not have the resources to protect their assets and data compared to larger organisations.

The combination of these factors has created the ideal environment for cyber criminals to home in on unsuspecting Real Estate Agents in their attempts to infiltrate their networks and systems.

What are common forms of cyber attacks against Real Estate businesses? 

Cyber crimes and attacks take many forms, such as malware, ransomware, business email compromise, phishing, and many more. Some common examples where Real Estate Agents have been targeted are:

  • An employee clicks on a link in an email, which triggers malicious malware hidden within the email to lock down the agency’s computer network. Cyber criminals may request a ransom to release the network and data. Regardless of whether criminals extract data or not, any unauthorised exposure to data is considered a privacy breach. The breach then needs to be reported to the client and the regulator. 
  • In a transaction, an agency may request bank details from a lawyer or client to transfer money. The agency may receive an email that appears to have come from the client with bank account details but is, in fact, from a cyber criminal who has intercepted the communication. Without detection, the third party may transfer funds directly into the hands of a cybercrime network. 

Preventative steps for your business 

There are several steps that Real Estate Agents (or any small business owner) can take to help prevent or lessen the impact of cyber crime. Some of our essential tips include: 

  • Install appropriate security software such as antivirus and malware detection software on all your devices and keep them regularly updated. 
  • Limit access to your physical premises, systems and devices to only those who need it. 
  • Back up your data regularly to reduce the damage if a breach does occur.
  • Raise awareness amongst employees — teach them to identify phishing emails/scams and the importance of strong passwords. 
  • Have multi-factor authentication and establish good habits among your staff members, e.g. locking computers each time they step away from their desks. 
  • Put a cyber insurance policy in place.

Cyber Insurance

Due to the rapidly evolving cyber risk environment, cyber insurance policies cover various liabilities. While a cyber insurance policy can prove invaluable in helping protect your Real Estate business, it should not be solely relied upon as a cover-all solution; cyber insurance is just one integral part of your cyber protection protocol. Insurers often set parameters to ensure that the cost of providing protection doesn’t escalate, given the ever-evolving risks. 

Some insurance providers require businesses to:

  • Apply multi-factor authentication and encryption across all portable devices.
  • Implement a clearly defined regular backup plan with recovery procedures. 
  • Conduct regular independent audits and penetration testing conducted regularly. 

Cyber insurance is vital in helping to protect businesses from cyber-related risks, however, there are further liabilities that can occur after a cyber event. Looking at the complete picture can help ensure that you cover all risks. 

As experienced Commercial Insurance Brokers, we’ve seen the devastating effects of cyber events on businesses; often, the office grinds to a halt. Covering the costs of business interruption expenses, extortion, and third-party costs should be a primary consideration when reviewing your policies. 

Data and security integrity of tenant/owner records and your business’s intellectual property is also essential. We recommend that real estate staff understand the cyber risks in their daily tasks and devices. Continued employee education is fundamental to securing sensitive data; many companies are offering employee training and false threat testing to heighten employee knowledge. Existing vulnerabilities, current scams and proven prevention methods should be proactively circulated across your team. 

By designing and implementing policies and procedures around cyber protection, you will give your Real Estate firm the best chance at thwarting attempts to bring your business to its knees. 

Rely on cyber insurance professionals 

Whether you’re setting out to establish cyber insurance for the first time or need assistance and a fresh perspective in reviewing your existing protection — the cyber insurance market is best understood by those in the know. At Barrack Broking, we are experienced in providing practical solutions to Australian Real Estate businesses around cyber insurance. 

Our risk management services help to train and educate staff, with false threat testing and phishing education. We’ll continue to partner with your business to monitor your needs and adapt our advice to ensure that you’re adapting to emerging cyber risks and threats. 

Get in touch with our team to make a game-changing decision in your firm’s fight against cyber crime. 

Subscribe to our newest insights

Nii Author Profile
Barrack Broking
Company

In 1849, an Australian insurance company and mutual society was founded. It opened its doors in a small office above a fruit shop in Sydney, opposite Barrack Gate… and rose to become the largest insurer in the British Empire. Today, Barrack Broking is opening its doors. 170 years later, albeit embracing those same values and insuring Australian greatness.

Start a quote
This website uses cookies to improve your experience. Not keen on cookies? Opt-out if you wish.

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience.
NecessaryAlways Enabled
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Non-NecessaryEnabled
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
  • This field is for validation purposes and should be left unchanged.
Contact Us
  • This field is for validation purposes and should be left unchanged.

Share This

Select your desired option below to share a direct link to this page