Cyber-attack threatens Domain real estate


By Mikayla Fanto

Real estate online portal Domain was hit by a cyberattack yesterday allowing hackers access to personal information including email addresses and phone numbers.

The attack was a phishing cyber-attack that sent an email telling recipients they inquired for a property and could secure the rental by paying the deposit.

Domain chief executive Jason Pellegrino said in an email seen by Sydney Morning Herald and The Age there is a risk that some personal information may have been attained by the unauthorised third party.

Domain asked users to be wary of suspicious emails claiming to be from rental agents offering property deals.

Phishing attacks use fraudulent emails to steal malware or to install personal data as well as misleading people to transfer money or hand over data.

Mr Pellegrino said Domain did have security measures in place and has implemented further security preventatives.

“We appreciate this can be concerning information to hear, and we are sorry for any stress or negative impact this causes you,” Mr Pellegrino said.

“Unfortunately, since COVID, scams like these have been on the rise. It is disappointing for us to find out that after such a challenging past twelve months for many of us some see this as an opportunity to take advantage of others.”

Domain is 60 per cent owned by Nine Entertainment Co. and the attack follows the cyber-attack on Nine in March.

Mr Pellegrino said the investigation into this attack shows only a small number of people engaged with this email.

“Clearly, people are becoming more aware of how to spot suspicious online behaviour and taking protective measures not to engage in such activity,” he said.

Ransomware attacks have cost the Australian economy $1.4 billion in 2020 and attacks are often motivated by financial gain.

Shadow minister for cybersecurity Tim Watts said in an article by The Australian Financial Review the government needs a system to allow businesses to report these attacks and to take action against ransomware.

“The starting point is establishing a mandatory notification scheme for entities that want to make ransomware payments,” Mr Watts said.

“Australia is at its best on the international stage when we’re bringing ideas and forming coalitions. We should be bringing together a bigger coalition of states making it clear this ransomware is putting an intolerable burden on the economies and societies of countries around the world.”