Broker-rapper hack underscores ‘closer client contact’ need

On Monday (12 December), a court magistrate gave aspiring Sydney-based rapper Abdel Ghadia an 18-month jail sentence with a 10-month non-parole period, after he pleaded guilty to two counts of ‘handling proceeds of crime upwards of $100,000’.

Mr Ghadia had appeared before court after telling police he had ‘woken up to find $760,000’ in his Commonwealth Bank account.

It had landed there after Ms Tara Thorne – an Instagram nutritionist – and her husband Corey deposited $759,314 into ‘the wrong account’ in their process to purchase a residential property on Sydney’s Northern Beaches in 2021.

According to A Current Affair, which followed the story this week, the couple assumed they were liaising with their established mortgage broker (and former Wallaby player) Adam Magro, of Avalon Mortgage Solutions, via email.

However, Mr Magro claimed his email account had been hacked and cloned by a scammer - an increasingly common issue in the broking industry.

The Thornes said they were told to transfer their house deposit into an account (reportedly unbeknownst to be Mr Ghadia's bank account), who subsequently embarked on a spending spree that included $700,000 worth of gold bars, gold coins and expensive new clothing prior to police raiding his home and arresting him.

The court, however, concluded there was no evidence Mr Ghadia had any involvement in the transfer of money.

When The Adviser spoke to Avalon Mortgage Solutions owner Adam Magro, he replied that his thoughts were with the Thornes and he emphasised what a devastating thing it must be to lose your entire savings in this way.

“Also, as your readership will be the industry, I would add how important it is to ensure that brokers introduce all the appropriate cyber-safety protocols around multi-factor authentication, data security and safety if providing funds transfer details to clients.”

Not as uncommon as first thought

The issue of home deposits being intercepted is not unfamiliar to the third-party channel, as brokers have found themselves the target of cybercrime.

As discussed during a 2022 Elite Broker podcast between broker Catherine Denney, the Sydney-based broker explained: “The other thing actually that's caught me out is I've recently had an issue with cybercrime, where a client's email was hacked and the cyber hackers overrode my email.”

“They impersonated me with a fake email and got her to deposit a large sum of money into their bank account.

“It was crazy!

“Luckily she and I were in very close contact throughout the process leading up to settlement and we picked up on it two hours after it happened and we were able to get the money back.

“So it was a good news story in the end,” Ms Denney explained.

According to the Nook Money broker, this is “a big issue” that brokers face, particularly given the boom in property buying over the past few years (which has made those involved in property transactions, such as brokers and real estate agents) prime targets.

“I've now amended my process so that as soon as a client exchanges contracts, they get a phone call from me,” Ms Denney added. 

“I ring every client who's involved in that purchase - if it's a couple, [I] ring both - and we have a conversation where I explain the risk and we talk about not trusting bank account details in an email and what have you.

“That's something I've had to adjust to,” Ms Denney explained.

Questions brokers should ask

Ever tightening cybersecurity laws for mortgage service providers and lenders should help prevent email hacks and data breaches, but questions should always be asked, according to Major General (Ret’d) Dr Marcus Thompson, former head of the Department of Defence’s Information Warfare Division.

Speaking to The Adviser earlier this year, he suggested brokers ask their aggregators or web providers the following questions to ensure they are adequately protected.

These questions include:

1. What are our targetable vulnerabilities and how might a threat target our vulnerabilities? 
2. What thresholds exist to disconnect systems and/or users? 
3. Do we have multifactor authentication for our systems?
4. Are we compliant with the ASD Essential Eight, CPS 234, ISO 27001, etc?  
5. Is our data encrypted (both in transit and at rest)?
6. Is data being backed up?
7. What security breach reporting thresholds have been set (chief executive, board, ACSC, law enforcement, etc)? 
8. Do we have a baseline for the security of our systems? 
9. What is/are our response contingency plan/s? 
10. Who has authority to activate the contingency and incident management plan(s)? 

Lurking threats of cyber attacks

“The first step to having strong cyber protections in place is to understand that there is a threat, and what information would be particularly at risk/vulnerable to attack due to its inherent value,” Dr Thompson explained.

“The time to be thinking about a response is well before a response is required,” he explained.

“Once an incident occurs, it’s too late to be thinking about that.”

Dr Thompson’s warnings have followed multiple incidents of malicious cyber attacks in the financial services sector, with studies revealing last year that the industry suffered the highest number of data breaches between January and July 2021.

Home buyers have also been targeted by scammers and lost hundreds of thousands of dollars.

Dr Thompson and The Adviser’s parent company Momentum Media director, defence, security and aerospace, Phil Tarrant discussed these issues at the Better Business Summit 2022, and examined why brokers have a large target on their backs as they increasingly operate in a digital environment, and how they could build cyber-resilient brokerages.

[Related: How this new-to-industry broker has hit the ground running]