During the end of 2017 in Australia, cybercriminals started to target the real estate sector which is considered as a comparatively weak industry in terms of IT security.
According to a report released by the ACCC (Australian Competition and Consumer Commission), Australia lost around $22.1 million (US$16.5 million) in 2017 due to email compromise scams. The FBI assesses the worldwide loss to be almost in billions after the email breaching actually started to take hostage of individual data five years ago. This scam, suspected to have initiated in Nigeria, used a malicious network of fake bank accounts to siphon off money from multiple privilege email accounts beyond tracking and recovery.
Why Real Estate?
Real estate is a lucrative target for the hackers because the process of buying a home involves a huge amount of scheduled transfers between the buyer and the builder. These confidential and sensitive discussions happen mostly over emails and thus hacking emails is the best option to steal information and track monetary transactions.
How did it happen?
The scammers initiated the fraudulent act by sending a single test email and then pull out of the system for a month. Afterwards, the log for the initial intrusion erases automatically, and the scammer stealthily infiltrates a privileged account. They make the list of entries for payment schedules which are going to happen from the prospective buyers. Besides, they also tend to set email rules so that they can select/ choose the accounts, manipulate them, forward messages or obscure others.
If there is any settlement supposed to take place, the hacker instantly becomes the middleman, shoots emails to both the parties. Once he realizes that the hour is right, he simply replaces his own bank account details against the legitimate ones. The money transferred in a similar fashion to a fraudulent bank account by money mules is normally done in part to other mules. After that, they exchange the money for U.S. dollars, Euros or even British pounds. Later on, they are converted back to Australian dollars and accumulated into a single account. This is done only to perplex the investigators.
ARCON | Privilege Access Management (PAM) is a comprehensive solution that helps in securely managing critical systems from illegitimate access. With its robust access control features and real-time threat analytics, an organization’s IT environment becomes secure from malicious actors be it within the periphery or from outside.
ARCON is a leading enterprise risk control solutions provider, specializing in risk-predictive technologies. ARCON | User Behaviour Analytics enables to monitor end-user activities in real time. ARCON | Privileged Access Management reinforces access control and mitigates data breach threats. ARCON | Secure Compliance Management is a vulnerability assessment tool.