Enhancing Cybersecurity Resilience in the Real Estate Industry: Mitigating Phishing and BEC Attacks

Authors

DOI:

https://doi.org/10.34190/eccws.25.1.4832

Keywords:

BEC, Business Email Compromise, Phishing, Real Estate Cybersecurity, Social Engineering, Wire Fraud

Abstract

As real estate transactions continue to shift toward fully digital workflows, the sector has become an attractive target for phishing and BEC attacks that exploit trust, time pressure, and fragmented communication channels. This paper contributes to cybersecurity research by moving beyond high level discussions of email fraud and focusing directly on the real estate industry as a primary domain of analysis rather than a peripheral use case. The study synthesizes existing academic and industry literature with a structured examination of multiple real-world incidents drawn from residential, commercial, and cross border property transactions. By analysing these cases collectively, the paper identifies recurring patterns in attacker techniques, Organizational weaknesses, and decision-making failures that enable financial loss. Attention is paid to how human behavior, process design, and informal verification practices interact with technical shortcomings to create exploitable conditions. A clearly defined methodology outlines the case selection criteria, temporal scope, and analytic approach, allowing the study to be replicated or extended by future researchers. This methodological transparency strengthens the academic value of the work while grounding the findings in observable evidence rather than assumptions. Based on the cross-case analysis, the paper proposes a practical, sector specific framework that aligns cybersecurity controls with the operational realities of property transactions, including third party coordination, legal timelines, and high value fund transfers. The findings offer practical relevance for cybersecurity professionals, real estate practitioners, and policymakers by translating incident analysis into concrete risk reduction strategies. At the same time, the paper advances scholarly understanding by presenting an industry focused model for addressing cyber enabled financial crime in trust-based transaction environments.

Author Biographies

Oludolamu Ademola Onimole, Independent Researcher

Oludolamu Onimole is a Cyber Operations Analyst specialising in cloud security, cyber defence, and threat operations, with research interests in phishing, business email compromise, cybersecurity operations and cybersecurity resilience.

Etinosa Imafidon, Flexmore Tech Ltd, Edinburgh, Scotland

Etinosa Imafidon is a cybersecurity researcher and practitioner with expertise in cyber resilience, security governance, and threat mitigation. His work explores practical approaches to defending organizations against phishing, Business Email Compromise (BEC), and other emerging cyber threats in an increasingly complex digital landscape.

Lucas Potter

Lucas Potter is a biomedical engineer specializing in the integration of biology, medicine, and engineering to design and optimize medical technologies. Throughout his academic career, Lucas has contributed to various research projects, focusing on areas such as biocybersecurity, virtual surgical planning, and the security risks associated with (IoT) health devices

Xavier Palmer

Xavier comes from multiple disciplines, with work focused largely in biomedical contexts. He is fond of positive and creative projects that foster curiosity and helpful conversations around technologies that interface with biology

Downloads

Published

2026-06-15

Issue

Vol. 25 No. 1 (2026): The Proceedings of the 25th European Conference on Cyber Warfare & Security (ECCWS 2026)

Section

Academic Papers

License

Copyright (c) 2026 European Conference on Cyber Warfare and Security

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.