For real estate agencies, the likelihood of a cyberattack is less a matter of if, but of when.
Data from the Australian Bureau of Statistics reveals that 1 in 6 real estate businesses have been impacted by scams or fraud, and 25% have suffered a cyber security incident.
In fact, the property and real estate industry is a favourite target of cybercriminals. Real estate agents routinely handle high-value transactions and may store personal information provided by clients that could be used for identity theft.
Both aspects, and the fact that most real estate agencies are small businesses (as high as 99%, according to Real Estate Institute of Australia data), create a perfect storm of cyber risk for agencies and individual agents.
Beware the “man in the middle”
While real estate agencies experience all types of cyber incidents, payment redirection scams are particularly prevalent. Property & real estate is one of the top three industries affected by these scams, according to the Australian Competition and Consumer Commission (ACCC).
Also known as “man in the middle” scams, these cases often involve business email compromise. Cybercriminals break into a business email account and use it to target a client, partner or supplier expecting to make payment, and who is, therefore, less likely to scrutinise the invoice.
Payment redirection scams can often take days to uncover. The victim typically doesn’t realise they’ve paid the wrong entity until they receive a late payment notice from the person they thought they had already paid.
These scams could potentially lead to losses in the tens of thousands of dollars. One such incident reported by the ABC in July 2024 cost a client $26,000 when her real estate agent mistakenly transferred the purchaser’s deposit to a scammer.
How can real estate agents protect their businesses?
With cybercrimes on the rise, real estate agents need to protect their businesses and their clients.
In the case of payment redirection scams, a quick phone call may help agents avert disaster. Verbally confirming invoices and payment details before transferring funds (particularly if you’ve been provided new account details via email or SMS) could help you identify scam messages and avoid financial losses.
Real estate agents should also consider steps to secure their systems against business email compromise and other cyber risks. Installing firewalls, anti-virus software, and security updates are good first steps. Using multi-factor authentication (MFA) for system logins also makes it harder for cybercriminals to access email and other programs.
An insurance safety net
Of course, staying one step ahead of cybercrime is challenging for most small businesses. Real estate agents may still fall victim to business email compromise, a payment redirection scam, or another cyber risk, even after taking steps like those mentioned above.
Cyber Liability insurance could create a vital safety net for your agency in these cases.
A Cyber Liability policy covers losses from claims arising from data breaches, business interruption and remediation costs following an actual or threatened data breach. This may include investigating the source and scope of the breach and legal costs, including fines and penalties.
Want to protect your real estate agency? Compare Cyber Liability insurance quotes with BizCover and buy online in minutes. You can even compare other types of cover—like Professional Indemnity and Public Liability—at the same time and see if you could save.
For on-the-go cover, go BizCover or call 1300 805 821 today.