In May last year, REINSW reported a cyberattack in which an experienced principal of a Sydney real estate agency watched helplessly as over $750,000 was stolen from the agency’s trust account.
Despite contacting the police and bank immediately, the principal was still left $80,000 out of pocket.
It's happening now
Cybercriminals are increasingly targeting real estate transactions, and successfully stealing large amounts of money from unsuspecting agencies and vendors.
In fact, in the last week the REINSW Helpline supported an agent impacted by sophisticated cybercrime.
After the sale of a property, the agent transferred money to the vendor, using the account details the vendor had sent via email.
However, this email was not from the vendor.
The email appeared legitimate and to have come from the same email address the agent and vendor used to communicate throughout the campaign.
A clear warning
These two attacks, and others in the real estate industry, are severely impacting the reputations of agents and agencies.
REINSW is warning all agents to exercise caution when handling money and communicating with clients.
“You must be vigilant,” says Tim McKibbin, REINSW CEO. “It is critical that you educate yourself and your teams about cybercrime and regularly review the security systems you have in place. Insurance does not cover everything. It comes down to you.”
This is sage advice given the agent in question must make up the shortfall personally until the matter is resolved.
Lessons learned
While the agent involved in the most recent cyberattack is still in the process of remedying the issue, the principal we reported on last year has had time to reflect on how to prevent cyberattacks in the future.
“Check your internet banking does not allow for Real Time Gross Settlement (RTGS) payments,” the principal says. “This allows a same day transfer to another bank with transactions settled as soon as they are processed, meaning money can be transferred and withdrawn in a very short space of time.”
The principal also warned against allowing the same person to create and authorise a payment and relying on your bank to protect you.
“Do your own due diligence on protection and ask questions of your bank and insurer on cybercrime prevention.”
Want more?