October 15, 2018 by Jason Contant
Brokers scoping out new leads for selling cyber should consider this new opportunity in the professional class: real estate agents.
Real estate agents move large sums of money when houses are selling. There is also typically a time cluster when these house purchases close, such as lunch time on a Friday, said Andy Holmes, chief underwriting officer with London, UK-based CFC Underwriting.
“These are smart criminals, they understand those patterns,” Holmes said in an interview with Canadian Underwriter Thursday. “They also understand real estate agents use common systems available to that sector, so they are exploiting vulnerabilities in those systems and in the business models. So, at the time of house purchase, the actual closing funds are redirected to the criminal’s account.”
In these scenarios, a seller-solicitor may be wondering where the funds are, while the real estate agent has indicated they transferred it. Only then is it realized those funds have gone missing.
“They are untraceable and effectively the house purchase falls through because of that,” Holmes said. “It’s not just a technology impact, there’s real life impacts on these transactions.”
CFC has seen a “little cluster” of cyber claims related to real estate agents recently, Holmes said. The insurer does not have a physical presence in the Canadian market; rather, it uses a network of brokers in Canada.
Any sector where large sums of money are moving are vulnerable to social engineering fraud. This type of fraud is one in which a criminal tricks a victim into giving out confidential information or funds. For example, a business owner may receive an email, purportedly from their company chief executive officer or chief financial officer, asking to transfer money to an account operated by the cybercriminal.
Insurance brokers themselves could even be targeted, as they are potentially moving large sums of money from clients to insurers. “We’re vulnerable as a business as well, because we are holding premium money.” Lawyers as well may be moving money and hold sensitive information.
“They are targeting those [industries], so they can fraudulently direct the money to themselves,” Holmes said. “We are seeing a massive increase in the social engineering trend within cyber.”