Cyber Crime in the Real Estate Industry
Why Cyber Criminals might target Real Estate Agents, and how you can protect your business.

An email telling you you’ve won a few thousand dollars; a voicemail demanding unpaid taxes – by now, there wouldn’t be many of us who haven’t been targeted by such scams. While many of us know better than to take these seriously, the reality is that cyber crime costs the global economy $2.9 million per minute.  It continues to be a significant challenge for businesses, and even entire countries. The real estate industry is one that is increasingly being targeted by cyber criminals. Below we provide an overview of what cyber crime in the real estate industry entails, how agents can prepare their businesses, and how Cyber Insurance can help.

Why are real estate agents at risk?

There are few businesses that aren’t at risk of cyber attacks in some way, but a few aspects of real estate businesses make them a particularly appealing target. Firstly, you’re likely to hold a lot of personal information on your clients, including bank account details and forms of identification. This type of information is valuable for cyber criminals as it provides them with an easy avenue for identity theft, where cyber criminals steal personal information to, generally, steal money or gain other benefits. Another reason for real estate businesses being a lucrative target is their involvement in facilitating high-value transactions, with large amounts of money passing through various accounts through settlement platforms. In addition, small businesses tend to be an easier target for cyber criminals as they may not have the resources to protect their assets and data compared to larger organisations. The combination of these factors has created the ideal environment for cyber criminals to home in on unsuspecting real estate agents in their attempts to infiltrate their networks and systems.

What could go wrong?

Cyber crimes and attacks can take many forms, such as malware, ransomware , business email compromise, phishing, and much more. To demonstrate a few examples of how real estate agents in particular may fall victim, here are a few of Aon’s clients who have fallen victim to cyber attacks1:

House Real Estate2 discovered its computer system had fallen victim to a ransomware attack one morning. In attempting to access the agency’s server, a message displayed on screen demanding payment of 5,000 USD (via Bitcoin).

An employee at ABC Real Estate2 received an email which looked like it was from their energy provider. When the employee clicked on the link in the email, malicious malware in the email proceeded to lock down the agency’s computer network.

Homey Real Estate2 sent an email to their client asking for bank account details to transfer money for a deposit. The agency received an email that appeared to have come from the client with bank account details, and transferred the money into this account. It turned out that the email chain had been compromised by a hacker in the US, and the money had in fact been transferred to the hacker’s account.

Why the Cloud is not foolproof

It might be easy to assume that because you use a cloud-based application or provider, your systems are immune to unfortunate cyber incidents. But it’s important to remember cyber crime goes beyond hacking of your virtual networks – even using a computer in the office means that the device itself may be hacked. Furthermore, your data being stored in the cloud does not completely secure it from unauthorised access, use, theft, deletion or cyber extortion. Privacy breaches may result from unexpected sources such as a disgruntled employee.

Steps for prevention

There are a number of steps real estate agents or any small business can take to help prevent or lessen the impact of cyber crime. Some of our key tips include:  

  • Install appropriate security software such as antivirus and malware software on all your devices and keep them regularly updated
  • Limit access to your physical premises, systems and devices to only those who need it 
  • Backup your data regularly to reduce the damage if a breach does occur
  • Raise awareness in employees - teach them to identify phishing emails/scams; educate them on the importance of strong passwords
  • Establish good habits among your staff members e.g. by locking computers each time they step away from their desks 
  • Ask employees to limit personal use of work computers and laptops

For more tips on how you can enhance the cyber safety of your business, read this article on staying cyber safe.

How can Cyber Insurance help?

The steps outlined above are all sensible measures to reduce the likelihood or severity of cyber crime, but your business may still fall victim to cyber attacks and crime. Cyber Insurance has been designed to help protect businesses against financial losses arising from cyber attacks and crime, and should be seriously considered by businesses with a digital footprint assessing their insurance options.

  1. Based on real claims from Aon clients
  2. ​​​Names anonymised for privacy reasons

Subscribe to SME Talk

*Note: The purpose of this article is to outline some mishaps of virtual events. Not all mishaps stated above are covered by insurance. To find out more, contact the Entertainment Team.
© 2020 Aon Risk Services Australia Limited ABN 17 000 434 720 AFSL no. 241141 (Aon)
Event Protect Insurance is arranged by Aon Risk Services Australia Limited ABN 17 000 434 720 AFSL 241141 as agent for the insurer, XL Insurance Company SE, Australia Branch, ABN 36 083 570 441. If