Cybercrime is a massive, global threat and one that affects South Africa disproportionately to its economic strength. Recent research by cybersecurity company, Surfshark, placed South Africa 6th in the worldwide list of countries most affected by cybercrime.
According to Tony Clarke, MD of the Rawson Property Group, this statistic is of particular concern to the property industry, which now conducts the vast majority of its transactions entirely online. He urges buyers, sellers, landlords, tenants, agents and conveyancers to exercise extreme caution at all times, but particularly before actioning any high-value electronic payments.
“One of the most common ways cybercriminals target real estate transactions is by intercepting electronic communications between agents, conveyancers, buyers and sellers,” says Clarke. “They then use this stolen information to impersonate one of the parties involved in the transaction and redirect payment into their own accounts.”
Clarke says property sales aren’t the only transactions targeted, either.
“We very recently heard of criminals replicating holiday and residential rental agreement documents to steal money from people making accommodation bookings and rental deposits for their homes,” he says. “Everything appeared completely legitimate, with very convincing communication, documentation, and electronic delivery details. The victim had no reason to suspect the bank details supplied belonged to fraudsters and not the property’s rental agents, only discovering their mistake after payment was made.”
Once a payment is completed – be it for a property rental or a much higher value property purchase – it can be extremely difficult to freeze or reverse the transaction.
“These criminals are smart, and they are fast – that money will be long gone by the time you realise you were scammed,” he says. “Tracing its movements is often next to impossible. Prevention is definitely more effective than cure when it comes to cybercrime.”
So, how do you prevent becoming a victim of cybercriminals?
“The best strategy is to check and double-check every detail before making a payment,” says Clarke. “Don’t rely one hundred percent on any information received via email. Rather look up the phone number for your estate agent or conveyancer independently, call that – not the one from their email signature – and confirm the names of the parties you’ve dealt with and most importantly confirm any banking or transaction details with them in real time.”
It’s also a good idea to confirm that any property professionals you’re working with have the necessary professional credentials, including a valid Fidelity Fund Certificate.
“FFCs can be very easily checked on the PPRA website,” says Clarke. “Don’t trust anyone without a valid certificate, or with details that differ from those recorded by the PPRA.”
Using a more established service provider can also be a good safety measure, as Clarke says smaller operators seldom have the budget for top-tier digital security solutions and best-practice cyber-security training for employees.
“The new Cybercrimes Act definitely incentivises agents to do everything possible to secure against unauthorised access by cybercriminals,” says Clarke. “That includes strong business processes, secure email servers and protections that extend to communications sent from employees’ mobile devices. Unfortunately, these measures can be very expensive to set up and maintain properly, putting them out of reach for a lot of smaller players in the property industry.”
Of course, even the best security cannot guarantee 100% protection against unauthorised access or interception of communications by cybercriminals. That makes constant vigilance essential, no matter how stringent digital security measures may be.
“When you’re dealing with people’s life’s savings, as we so often are in property transactions, there’s just no excuse for taking unnecessary risks,” says Clarke. “The digital landscape is constantly changing and cybercriminals are becoming more and more sophisticated every day. It’s up to all of us to do whatever it takes to make sure our transactions are handled safely.
“That means educating ourselves on the risks, taking precautions to secure our communications, confirming all details before acting, and trusting our instincts. If something seems odd, there’s no harm in picking up the phone and asking about it – rather safe than sorry.”