HACKERS are intercepting communications to redirect deposit funds into fraudulent bank accounts. Sending account details via email is no longer safe.
Cybercrime is an increasing threat in Australia with PWC’s Global Economic Crime and Fraud Survey revealing that nearly half of Australian businesses (45%) have been attacked by online criminals in the past two years and with the ACCC reporting losses of more than $7.2 million to email scams in 2018 alone.
This could be you.
The property market is the perfect playground for cybercriminals – large sums of money are constantly being transferred between parties with the majority of communications sent via email or text message. Sophisticated hackers have become experts in the conveyancing process, familiarising themselves with the intricacies of a transaction and launching their attacks with impeccable timing and skill.
Cyber phishing is the biggest threat
Fraudsters are intercepting property funds through phishing and email scams. Phishing is when hackers impersonate companies or individuals via email, phone or text to try to get personal information, banking and credit card details, and passwords.
Phishing is a serious issue with the ACCC receiving 24,291 reports of phishing attempts in 2019 with 50% of reported data breaches attributed to phishing attacks. In a security focus group of lawyers and conveyancers conducted by InfoTrack in 2018, most participants had experienced multiple phishing attempts as had their clients, most have gone unreported.
In the case of property transactions, hackers are targeting all parties – buyers, sellers, lawyers, conveyancers and agents. They’re also targeting various stages of the transaction including exchange/deposit and settlement.
Here’s an example of a common hacking scenario:
- A hacker phishes information to hack into the seller’s email account and monitors the progress of the transaction
- The seller sends their bank account details to their real estate agent for the deposit funds
- Soon after the seller’s email, the hacker sends another email to the agent instructing that the original account details were incorrect and directing the funds to a fraudulent account
- The agent then deposits the funds into the fraudulent account based on the fake instructions.
Real life property fraud cases
There have been several headline-making fraud cases in the past year affecting buyers, sellers, lawyers and agents. It’s known that many successful hacks go unreported to avoid reputational damage for the professionals involved.
Here are recent high-profile fraud cases:
May 2019 – Football journalist Mike Sheahan lost $40,000 when private emails between Sheahan’s secretary and his daughter were hacked by a foreign party and account details were compromised.
November 2018 – A home seller lost $90,000 when his real estate agent sent his deposit proceeds to a fraudulent account based on directions from a falsified email.
June 2018 – Hackers broke into a conveyancer’s email account and updated bank details in the online settlement workspace to redirect $250,000 into a fraudulent account.
February 2018 – An email scam targeting homebuyers with a message that appeared to be from the real estate agent and contained false account details resulted in over $200,000 in losses.
Fraud has lasting damages
According to a survey by Webroot of 600 IT decision makers, a cyber attack costs an Australian SME on average $1.89 million. A successful hack in a property transaction can cost your client their funds and result in costly litigation for your firm. But it’s not only the monetary impact that you should be worried about; there’s also a serious risk to your brand and reputation.
The legal and property markets are becoming increasingly competitive, and your professional reputation is one of your greatest assets and differentiators. If your firm is caught up in a property scandal there can be a lasting impact on your brand that can create distrust among existing clients and raise red flags for prospective ones.
Why professionals are switching to Securexchange
It’s clear that email is no longer a safe way to communicate bank account details for property transactions. Even if you are vigilant with your cyber security, you can’t control the actions of the other parties in a transaction. The risks of using email are far too high and a successful hacking attempt can lead to serious and lasting damage for everyone involved.
That’s why InfoTrack worked with our clients to develop Securexchange, a secure website that stops the need to share trust account details or electronic contracts via unsecured emails, protecting the reputation of all professional parties involved in the property transaction. Securexchange brings together verified parties in a tightly secured environment to exchange details in real-time, offer transparency on progress of the exchange, and streamline communications.
InfoTrack has been servicing the property industry for the past 19 years and as the dominant provider of property related searches and e-conveyancing solutions in Australia, we’ve worked with the legal industry to build a solution that is secure, complimentary to use and is backed by an InfoTrack guarantee.
Securexchange has over 250 verified property lawyers and real estate agents now using. Create an account today.
By John Ahern, CEO InfoTrack.*