Cybercriminals are targeting brokers like you, and you could come under attack and not realise until it’s too late.

MFA and Mercury Access

Given the increasing nature of this kind of fraud, and the associated risk to your clients’ information, from Monday 6th September 2021, all users of Mercury who are Credit Representatives and their admin staff must enable MFA on their Mercury account.

We strongly recommend that ACL holders also set up MFA to help protect their business.

How to help protect your business and clients from attacks?

This month we became aware of an incident where an attacker was able to impersonate a broker over email, which led to the broker’s client depositing money into the criminal’s account rather a lender’s settlement account, resulting in the loss of the client’s funds. This fraud was possible because the criminal was able to gain access to the broker’s email account and impersonate the broker.

The risk of this happening to you can be removed by simply adding Multi-factor authentication (MFA) to your email provider and Mercury accounts.

Multi-factor authentication is one of the most effective controls you can implement to protect yourself against an attacker gaining access to a device or network and accessing you and your clients’ sensitive information.

Enable MFA