Tips dished on how brokers can mitigate cyber risks
Mortgage aggregator Connective has issued a cyber threat warning due to the surge in data breaches in Australia, reporting a 50% increase in cyberattacks on its brokers and clients over the past year.
Daniel Oh (pictured above), Connective group counsel, urged brokers to remain vigilant and shift their focus from merely protecting data and systems to proactively mitigating cyber threats.
“Threat actors pose a significant risk in our industry due to the highly sensitive data we capture, hold and send on a regular basis,” Oh said. “Even the smallest cyber security incident can have devastating impacts on both the business and clients.
“Brokers need to equip themselves with the right tools to avoid a worst-case scenario. Business growth should not come at the expense of the privacy of brokers or their clients. It could lead to loss of client confidence and the ability to operate the business day-to-day, among other issues.”
In 2022, Australians lost a record $3.1 billion to scams, marking an 80% increase on total losses over the previous year, with small businesses accounting for $13.6 million in losses, a 95% increase.
In a recent discussion between Connective and cybersecurity company CyberCX, the importance of brokers understanding and managing their digital footprint to protect themselves and their clients from cybercriminals was highlighted.
“Cybercriminals are becoming increasingly sophisticated in their operations,” Oh said.
“With the industry moving towards becoming fully digital and a wealth of critical information already managed online, brokers are encouraged to be aware of what information is being shared online and know exactly what each of the tools and apps they are using are doing. Delete any unused apps or accounts and stay up to date with their operating system and apps.”
Connective said human error is one of the most significant cybersecurity threats today and encouraged brokers to prioritise training and education for themselves and their staff to safeguard their businesses.
“Every day, brokers and staff interact with technology, make decisions and handle sensitive information,” Oh said. “As a result, the potential for human error will always be present – and it’s often the simple mistakes and lapses in judgement that lead to cyber security incidents.
“Brokers are encouraged to increase cybersecurity awareness among staff and put in place mandatory training to decrease the vulnerability to threats. The goal for brokers should be to make their system harder to get into and this takes a collective effort from everyone in the company.”
Connective said brokers can significantly reduce the chances of being caught up in a cyberattack by understanding the threats and following these steps:
- Enable multi-factor authentication (MFA) to verify the identity of digital users, requiring them to provide at least two pieces of evidence to confirm their identity.
- Stay vigilant against phishing attacks, the primary method hackers use to steal data and gain system access. Activate MFA, use a reputable email provider with strong spam filters, and be cautious when clicking on email links. Disable push notifications on your mobile device to reduce the risk of clicking on potentially harmful links.
- Keep your software updated to patch vulnerabilities. Accept prompt software updates, including those for your operating system (e.g., Microsoft or iOS on your iPhone).
- Stay updated through trusted sources and provide cybersecurity training for yourself and your staff. Ensure clients know you won't request fund transfers via email and advise them to verify account details with a phone call before proceeding with any transactions.
- Protect client data to prevent security breaches and data loss. Avoid gathering sensitive information through email, retain only essential data, and regularly delete outdated records while minimising data duplicates.
Get the hottest and freshest mortgage news delivered right into your inbox. Subscribe now to our FREE daily newsletter.