Coalition, one of PBI Group’s cyber carriers, publishes a bi-annual report on claims activity.  Very interesting read, below are some highlights. The entire report can be found here.  The 2 areas of specific concern for Real Estate agencies are Fund Transfer Fraud (FTF) and Business Email Compromise. (BEC)

Fund Transfer Fraud

FTF is when bad actors are able to steal money from the insured often via wire transfer. This is continuing to gain popularity amount cybercriminals because it is very lucrative and they have a high success rate.

Funds transfer fraud is among the easiest ways to monetize cybercrime. Unlike ransomware, which requires more sophisticated attack techniques and specialized malware,FTF is most often perpetrated through phishing and email compromise followed by social engineering. Once a criminal has access to a mailbox they are able to manipulate contacts connected to that mailbox to modify payment instructions or otherwise make fraudulent payments. Some FTF incidents don’t involve a security failure at all — criminals will send spoofed emails, doctored invoices, and even make phone calls that appear to be legitimate enough to convince a victim to wire funds. Funds transfer fraud losses can be significant, but you can recover losses in many cases if you move quickly.

Average Funds Transfer Fraud Loss

We recommend our policyholders take the following actions to maximize the chances of recovery:

  1. Notify Coalition’s claims team of the loss as soon as possible, and ideally within 72 hours of the
    transfer. Coalition’s security & incident response team will spring into action.
  2. Immediately notify your bank of the fraudulent transfer, and request a clawback of the funds. This
    may require an interbank agreement between your bank and the receiving bank.
  3. File a report with the FBI at
  4. File a report with your local police department.
  5. Be the squeaky wheel and repeatedly inquire with your bank and the receiving bank on the status of
    the recovery.

Ways to limit your chance of an FTF.

Defined procedures for handling new requests and changes in payment requests are the primary defense. These procedures should include calling the requesting party on a known good number seeking to confirm the request. Never use the contact information provided in an email requesting a change. Verification procedures like defined two-party approval for transfers or required reviews for payment detail changes help combat the issue. If an FTF does occur, quick action is essential — the sooner an incident is reported to Coalition, the more likely we
can help by canceling transactions or clawing back funds before the attackers can withdraw them.

Business Email Compromise

Any business that uses email (i.e., all of them) is susceptible to business email compromise (BEC). Once an attacker gets access to your email it’s game over. Business email is a treasure trove of sensitive information that criminals use to pretend to be people in your company, redirect money, and deploy ransomware. In our last claims report, we noted that your email
provider matters when it comes to your organization’s security. In H1 2021, Microsoft 365 email users were 6.3x as likely to have a claim as Google Workspace users — nearly double what we reported in H1 2020.

Business email compromise can also lead to a wide array of losses for organizations — everything from ransomware to funds transfer fraud to data breaches. In almost every case, digital forensics work is required to understand the scope of the damage.

Business Email Compromise 3

Interested in PBI Group generating a Cyber Liability or E&O insurance quote for your real estate agency? Click here.