Should Property Professionals Worry About Cybercrime?
Cybercrime is an increasing risk for property companies, with the threat that at some stage during the purchase or sale of a property, hackers may try to steal details and persuade people to transfer funds to a fraudulent account. Studies suggest that UK small businesses are targeted with around 65,000 attempted cyber-attacks each day, so it’s a prevalent problem that property professionals need to be aware of.
How does cybercrime impact letting and estate agents?
Security typically means locks and bolts or burglar alarms for property professionals, but cybersecurity is just as important for your clients as well. As a business in the property industry, you’re responsible for sensitive customer details, such as their banking information or addresses, or the business may be subject to a payment card industry service agreement.
A common scenario that property professionals face is email hacking, where cybercriminals intercept emails between property firms and clients to scan them for passwords or financial details or divert emails to ask for up to date account details.
Similarly, if you have a website or are reliant on computer networks to conduct your business, these can be vulnerable to attacks if they’re not properly managed. If sensitive data is mishandled within your business, you could be facing fines of up to four per cent of your annual sales, under GDPR ruling. With letting and estate agents overseeing so much personal information, it’s unsurprising that these businesses are such a high target for cyber-criminal activity.
Financial fraud is a particularly prominent problem in the private rented sector, as online transfers of money between landlords and tenants pose a risk for scams and cyber-attacks. It’s a common scam for hackers to pose as landlords and request payments to a different account. Identity theft is also a threat within this industry, with personal data used by fraudsters to carry out attacks. This is a serious problem that could leave those who have been attacked finding it difficult to get loans or a mortgage later on.
How can agents protect against cybercrime?
There are various steps agents can take to protect themselves against data breaches. Firstly, it’s critical that all files are password-protected and that a client’s personal information is not stored on a device that can be taken out of the building, so that there’s less risk of it getting lost. Professionals should never release personal information over the phone or through the post, and unless it’s an individual that has been verified, they shouldn’t be contacted electronically.
It’s important that employees use information carefully and only when the situation necessitates it. Businesses also need to have secure antivirus software installed on all computers and ensure that any website plug-ins are up to date. Bank details should also be checked in person or over the phone, rather than by email which are more vulnerable to hacking.
Despite the threat that property businesses are under, an alarming number of them don’t have a cybersecurity strategy in place. In fact, over half of all small businesses don’t have a strategy to protect sensitive data from theft.
Prevention is the best course of action, so all members of staff should be educated on the latest threats. Cybersecurity should also be a part of every aspect of decision-making, from the onboarding process and beyond. It plays an important role in running a business, particularly when you’re dealing with the information and details of clients and tenants.
Professionals should track violations, whether they are caught in advance or after a successful breach, and generate alerts across the company when something is detected. It’s important to keep track of any attempts that have been made on business data.
Businesses should regularly review their plans for emerging threats and stay up to date with the best practices for mitigating such risks, including having cyber insurance in place to protect the business against the financial implications of a cyber-attack.
Conclusion
There have been many high-profile cases where businesses have been caught out by cyber-attacks and had data or identity information stolen or mishandled. Companies should never become complacent about cybersecurity and there should always be a plan in place to protect client and tenant information from cybercriminals. A thorough security strategy will help to mitigate the risks that online businesses face in today’s increasingly digital world.