Home About Us The Settlement Process Services & Costs Blog Contact Us
Join our email list
Subscribe

Blog

Aug 28, 2018

EMAILS ARE LESS SECURE THAN POSTCARDS

What if your bank sent your password, pin number or account details to you on a postcard, with the details open to anyone who looked at it?

How many people realise that emails are an even less secure form of communication than a postcard? At least with a postcard, someone actually has to read it to breach the security.

With emails, if the security is breached, computers can be programmed to search for specific commonly used word phrases to narrow down the search for simpler avenues to fraud.

What has this to do with buying or selling houses? The very large sums of money that change hands in property transactions (often 5 or 6 times what you earn in a year) makes them the target of scammers using computers and one of the great vulnerabilities people face is via unsecure or poorly secured email systems.

Your system might be quite secure, you may have gone to some lengths to do that, although it is unlikely, and your bank, settlement agent, solicitor and real estate agent should all have gone to considerable trouble to secure their systems, but it only takes one poorly secured email system or public wifi to give the prospective scammer the opportunity.

Last year, a settlement agent in Perth sent their buyer client an email requesting the buyer transfer funds required for settlement to their trust account, providing their bank account details in the email. A scammer intercepted the email and changed the bank account details before sending the near identical email on to the buyer. The buyer acted on it almost immediately, transferring over $500,000 to the bank account contained within the altered email. The scammer received the funds and immediately transferred them overseas, from which they’ve never been recovered.

Once this became known in the industry, most settlement agents immediately stopped emailing bank details and we now send letters to our clients advising we would never send banking details via email. Typically we now phone these through and ask people to ring us when they are actually making the payment.

So what other risks are there? There are many more answers than we have space for today, so let me reframe the question, by posing another. How well do you understand online computer systems, to better understand the risks?

If you leave valuables lying around in a visible place that is not locked, that’s a very obvious security breach. We can see it and understand the risk immediately.

It never occurred to most people that sending banking details was a security breach but now that we know, we all need to take appropriate actions and we need to understand that we don’t know what other similar cyber-security risks we may face, other than to take steps to find out what they might be and mitigate the risks as best as possible.

But we do need to understand that fraud is the thing probably best enabled by online computer systems. Eternal vigilance is your best approach.

This information should not be construed as legal advice or as specialist cyber-security advice. Readers are encouraged to learn all they can about cyber-security, seek professional advice about measures they should take and ACT ON IT.

A similar article was published in The Kalgoorlie Miner on Sat 18 August 2018

Return to Blog

Independent • Local • Thorough