Police forces in England, Wales and Northern Ireland recorded more than 6,000 cases of Covid-related fraud and cybercrime during the pandemic. Data from Interpol revealed that ransomware incidents have increased by more than a third, with phishing and fraud claims increasing by 59%.
Paul Offley, Compliance Officer at The Guild of Property Professionals, warns that cybercriminals have adapted their approach and have found ways to exploit businesses by seeking out remote working security gaps.
He says: “While working remotely has been an integral part of keeping people safe during the pandemic, it has also opened up opportunities for cybercriminals looking to infiltrate networks through more vulnerable IT systems. If large corporate entities and government bodies are susceptible to being hacked, how much more vulnerable are independent agents or remote workers who typically have weaker technological defences.
"With insurers inundated with cybercrime claims, there has been a substantial increase in cyber insurance premiums, along with insurers requiring more data and ensuring that stricter risk management procedures are adhered to."
Offley notes that as a profession with access to highly sensitive data, it is essential for estate and lettings agents to have procedures in place that will safeguard their systems from a cyber-attack.
He advises: “Apart from deposits, rentals and other money collected by agents, there is also a significant amount of sensitive data that should be protected such as client’s addresses, account details, alarm records and passwords to access homes, not to mention passport details and the like. Access to this kind of information is what has made the industry a target among cybercriminals.
"With the threat of cyber-attack growing within the sector and agents more reliant on technology than ever before, it is essential that property professionals do whatever they can to prevent and protect themselves against cybercrime. “Another consideration should be cyber liability insurance, which would provide some peace of mind if an incident does occur. In fact, with eight out of ten businesses in the UK experiencing a cybersecurity breach in the past year, cyber liability should be more than a consideration, it is essential."
According to Mint Insurance Brokers, many of the cyber incidents are ransomware cases involving sensitive data being downloaded from inboxes and client folders. If a breach occurs, businesses are required to report it to the Information Commissions Office (ICO) and complete a full investigation to identify how the breach took place and what personal data has been compromised. Cyber Liability policies include instant response cover, which is important to help mitigate any further threats.
10 rules agents should practice to reduce the risk of a system breach
1: Regular password updates on all devices.
2: Password complexity – use different passwords for different accounts.
3: Never share passwords.
4: Two Factor Authentication where appropriate.
5: Staff training to be aware of phishing emails and the damage they represent. One in every 3,722 emails in the UK is a phishing attempt. Around half of cyber-attacks in the UK involve phishing.
6: Software updates.
7: Ensure files are encrypted.
8: Monitoring of mobile and home working procedures
9: Never, under any circumstances, should a payment be made to a new bank account without verbal confirmation that the account details are genuine.
10: Cyber Liability Insurance