Data drives business. Using technology more and more to manage data and complete transactions means digital security threats are increasing. Fraudsters target real estate transactions and use tactics such as social engineering to perform email phishing scams, distribute ransomware or commit wire transfer fraud. These actions allow them to capture sensitive information, access financial accounts, ransom encrypted data and steal settlement funds.
Cyber awareness is one of the most important ways we can help protect the security and privacy of information related to title insurance and real estate transactions. That's why Old Republic Title is committed to promoting National Cyber Security Awareness Month in October, an annual campaign to raise awareness of cyber security risks. Read on for steps title agents, real estate professionals and others involved in the transfer of real estate can take to avoid suffering at the hands of fraudsters.
Understanding Industry Standards and Regulations
Protecting non-public personal information (NPI) is the third pillar of the American Land Title Association's (ALTA) Best Practices, and a federal requirement of the Gramm-Leach-Bliley Act. Failing to establish a program that safeguards sensitive data could cripple a title agent's business. Now is the time to tighten security with a formal cyber security plan that incorporates encryption, security controls, firewalls and other key strategies to help protect NPI, data and business assets.
Think about how digitized the world is becoming. People of all skill levels enjoy the convenience, accessibility and simplicity of online services and mobile technology, making cyber attacks the obvious choice for today's hackers. Add to that the sheer volume of real estate settlement transactions taking place involving electronic communications platforms. The stakes are high and the potential payoffs for fraudsters are even higher. As a matter of fact, the FBI reports that financial loss from cybercrime exceeded $1.3 billion in 2016 alone! It's a trend that's not going away in today's tech-focused culture.
To help keep NPI out of the hands of hackers, it is important for title, mortgage and real estate professionals to be informed, and educate employees and customers about the risks of cyber security breaches. A single click on a malicious email, link or attachment could easily open the door to compromised private, highly sensitive personal information.
Tips to Help Protect Data and Strengthen Security
- Implement a privacy and security training program for employees to ensure they are well- trained and knowledgeable. Continually stress the importance of cyber security. Seek the guidance of a qualified information technology professional.
- Be sure all software, web browsers and operating systems are updated frequently and monitored.
- Provide firewall security for internet connection.
- Encrypt information.
- Regularly backup data that is stored on computers and/or networks.
- Use secure Wi-Fi networks and avoid public Wi-Fi networks.
- Use unique passwords and change them at least every three months.
- Consider implementing multi-factor authentication for access to certain emails and online accounts.
- Use a secure email server and avoid free email services.
- Set up a procedure with home buyers and sellers in the beginning of a transaction, using a document like a "Funds Transfer Agreement" to indicate how funds will be disbursed.
- Ensure that every party in a real estate transaction knows to communicate changes to funds transfer instructions by phone using the telephone number on the Funds Transfer Agreement or in person.
- Remind all employees of the importance of verifying wiring instructions.
Cyber Liability Coverage for the Future
Most title agents' errors and omissions policies provide little to no coverage for cybercrime. More and more title agents are reviewing their existing policies and investigating separate cyber liability insurance coverage to protect their business assets. Also called cyber risk insurance and data breach insurance, cyber liability insurance is designed to cover the cost of dealing with the fallout of a data breach. It does not undo the damage, but it can help pay for expenses incurred if an incident occurs.
You have likely seen news coverage of recognizable brands that recently have suffered from cyber hacks and data breaches. No one is safe from becoming a victim, but we can significantly reduce our risk by staying vigilant and taking necessary precautions now, before it's too late.