Share this article on:
Opinion: “As the world becomes more interconnected and technology-dependent, settlement agents find themselves facing a growing risk of cyber attacks that could compromise the security of their clients and cause significant financial damage to both them and their clients,” writes Thomas Jreige, tactical cyber security and intelligence expert.
Settlement agents (aka conveyancers) are the unsung heroes of the real estate industry, responsible for ensuring that all the documents, funds, and other important details related to a property transaction are in order before closing the deal.
As the world becomes more interconnected and technology-dependent, settlement agents find themselves facing a growing risk of cyber attacks that could compromise the security of their clients and cause significant financial damage to both them and their clients.
One of the main reasons that settlement agents are such attractive targets for cyber criminals is because of the vast amount of sensitive personal and financial information they collect, store, and transmit, not to mention the significant volumes of money transacted as part of the property settlement. In many cases, settlement agents use outdated technology and processes, making them more vulnerable to cyber attacks. The current lack of guidance and inconsistent views on how personally identifiable information (PII) is collected only add to the confusion and the risk of data breaches.
Cyber criminals can use a wide range of tactics to target settlement agents, including social engineering attacks, in this case, phishing attacks, designed to trick people into revealing their personal and financial information.
Settlement agents can unwittingly compromise the entire transaction if they fall victim to a phishing scam. For instance, in April 2022, a purchaser in Western Australia lost a whopping $732,000 due to their email account being hijacked and used to compromise the transaction process.
But the situation is not all doom and gloom.
Settlement agents can take proactive steps to protect themselves and their clients against cyber threats. How? Implementing multifactor authentication, encrypting sensitive data, and keeping software up to date can go a long way in mitigating cyber risks. But even with these technical controls in place, settlement agents must also address the people and process elements of their business, which make up more than 80 per cent of the organisation when it comes to dealing with information assets. Any flaws in human actions or processes regarding information will result in significant losses and in potential data breaches, exposing the organisation from a reputation and financial perspective.
Another significant measure is investing in cyber security insurance. While some insurance underwriters negotiate with the industry to provide a group policy for settlement agents, it may not be enough.
Cyber security insurance can help cover the financial losses and reputational damage that can result from a cyber attack. It can also provide coverage for statutory penalties if ever imposed for not reporting cyber incidents correctly. At present, a master policy agreement exists for settlement agents in Western Australia, but conveyancers in NSW require professional indemnity insurance through approved insurers as listed on the NSW Fair Trading site. No matter the state you operate in, insurance should be reviewed by each settlement agent to ensure it covers their business adequately within the bounds of their risk appetite.
As always, as a settlement agent, you should get independent advice for your business.
Settlement agents play a critical role in the buying and selling of real estate properties, handling vast amounts of sensitive personal and financial information.
Cyber criminals, on the other hand, are constantly on the lookout for valuable data they can use to commit fraud or sell on the dark web.
Therefore, it is vital that settlement agents take proactive steps to protect themselves and their clients against cyber threats, including investing in cyber security insurance.
Failure to do so could result in devastating financial losses and irreversible reputational damage.
Thomas Jreige is a tactical cyber security and intelligence expert.
Comments powered by CComment