As Australia has transitioned to an electronic system of exchanging property there has been a rise of cybercriminals targeting residential property transactions. 

Over the last couple of years, there have been high-profile breaches of the national Property Exchange Australia (PEXA) that have affected both real estate agents and their clientele.

Real estate agents are particularly vulnerable to cyber-attacks because of the mobile nature of their work. According to Deloitte, real estate companies are struggling to even “have full visibility of all of their connected devices,” let alone think about securing them. Combined with the large sums of money changing hands, it makes the industry a juicy target for cybercriminals.

What a lot of the industry is unaware of is that Real Estate Agents can be penalised under the notifiable data breach scheme.

There have been a couple of incidents published in the SMH and a separate incident published on the ABC.

The first incident targeting a Masterchef winner no less; “MasterChef finalist Dani Venn woke to a housing nightmare on Monday when it was confirmed $250,000 from the settlement of her semi-rural property on the outskirts of Melbourne was stolen after her conveyancer’s account was hacked.

Unbeknown to Ms Venn and her conveyancer, Sargeants Knox Conveyancing, the proceeds of the sale were transferred to a fraudster’s bank account after hackers accessed the conveyancer’s electronic property transfer account and added themselves as another user.”

Meanwhile, the second incident targeted an abuse victim paying for his property purchase with the funds received from the settlement of his case:

“The conveyancing lawyer Mr Fisher used sent him an email with settlement details and an account to transfer the $90,000 to.

After he made the transfer, Mr Fisher said he received a phone call from the lawyer asking where the money was – the email had been intercepted by a hacker and the account details changed.”

Both instances appear to have a combination of email accounts being hacked and/or emails intercepted.

These sorts of attacks can be mitigated with two simple platforms:

With Perimeter81 and M365 Business Premium, we can set up the essential foundations of a secure mobile and remote working environment

You’re likely on Office365 already and if so, upgrading to Business Premium is simply a matter of following these instructions. With Business Premium additional cybersecurity functionality is unlocked that allows you to tick off the ‘Securing Devices’, ‘Securing Data’, and most of the ‘Securing Access’ components of the Secure Remote Work foundations. 

Meanwhile, Perimeter81  is a business-grade cloud-based VPN. Rather than connecting to the internet via an ISP, the best business VPNs provide an impenetrable tunnel between your organization’s resources and systems and the employees accessing them. End-to-end encryption of these connections, even if they are remote or using public Wi-Fi, prevents unwanted access or visibility into the organization’s network.

You can sign up for Perimeter 81 here

It’s important to note that these foundations and our selection of these two tools were built around principles from the  Australian Cyber Security Centre’s Essential Eight Cybersecurity framework, so rest assured there is strong logic behind this recommendation. However, if you’d like us to dig deeper into the tools or you have further questions please let us know. We are always happy to provide a complimentary consultation for real estate agents.