How the Pandemic Spurred Cybercrime

cybercrime illustration

© SurfupVector - AdobeStock

With many people spending more time online during the throes of the pandemic, cybercriminals took advantage of that additional dependence on technology to conduct an internet crime spree. The result was that 2020 was a record year for cybercrime, with a reported 792,000 complaints filed with total losses of nearly $4.2 billion, up from 467,000 and $3.5 billion in losses in 2019, according to the FBI’s 2020 internet Crime Report.

Deanne Rymarowicz, associate counsel with the National Association of REALTORS®, told members of the Risk Management Issues Committee during the virtual REALTORS® Legislative Meetings that one-third of all cybercrime over the last five years occurred in 2020. These include compromised email accounts, identity theft, and real estate fraud. Compromised email alone accounted for $1.8 billion in losses, more than a third of all reported cybercrime losses.

2021 REALTORS Legislative Meetings logo

While the trend is alarming on the face of it, the rise in the number of reported crimes, in one regard, offers a positive message. People have become more aware of the risk and “so more people are reporting crimes,” Rymarowicz noted. Specifically, on real estate–related crimes, the FBI reported 13,638 victims in 2020, with $213 million in losses, but the dollar volume of losses for real estate wire fraud was down 3.7 % from 2019. “So that is some good news,” she said. “People are becoming more attuned to the risks. The word is getting out.”

Overall, confirmed data breaches were down 19% in 2020 and the number of individuals affected fell by 66%.

While no one is invulnerable, here were the top ten states listed by the number of cybercrime victims in 2020, according to FBI data:

California—69, 541



New York—34,505





New Jersey—14,829


Chris DeRosa, NAR’s member information and e-commerce product lead, pointed out that the nature of remote work has made it easier to fall victim to online predators in a business situation. By comparison, when you receive a suspicious-looking email in an office with colleagues, “it’s easier to ask your coworkers sitting near you if they received something similar” before clicking on it, she said.

But the sheer volume of information people are putting online about themselves makes them more vulnerable to phishing scams and other fraud. “REALTORS® are very public people and social media makes it easy for hackers to learn about you,” said DeRosa. “With the right logos and branding, information on listings and clients, photos, and domain names that are very close [to your real one], someone could easily convince the target user that the communication and request is legitimate.”

DeRosa highlighted important steps to help protect yourself, your business, and your clients:

  1. Don’t reuse passwords.
  2. Establish and follow a data retention and destruction policy.
  3. Check with an attorney and an accountant about how long to hold records.
  4. Be sure you understand how third-party services you use protect your data.
  5. Don’t hesitate to pick up the phone to verify the identity of anyone asking for information or money.

Virus and firewall protection software have limits to their value, DeRosa said. “Everyone should start out with a free tool when they see an unusual online request: common sense. Ask yourself ‘Does this make sense?’ ” she said.

Additional questions worth asking yourself: Would this person normally email you with that request? Does your bank ask you to send them your password? Does this sound like someone you have been working with or is it a request out of the blue? Were you expecting this attachment from your client or colleague?

Even though there are companies offering to help you recover lost data or funds, it’s far more important to take steps to avoid getting scammed in the first place. “None of the breach recovery steps will recover your reputation,” added DeRosa.