At PEXA, we endeavour to provide you with the latest cyber-security updates and guidance. PEXA’s Security team is home to industry experts with more than 50 years of combined experience, committed to the security of property transactions facilitated by our members.
Generally, our advice is focused on what you should or shouldn’t do in certain scenarios, such as when encountering attempted email phishing, maintaining your technology and more.
But what about PEXA and what we do and don’t do? Cyber-criminals are using sophisticated means to target members and clients – sometimes falsely presenting as PEXA to extract information or facilitate malicious activity.
To help you combat this threat, re five things PEXA will never do, regarding you and your security.
PEXA will never email you from unofficial addresses
Whether it’s a message from our Support Centre, a PEXA Direct Specialist/Partner or another member of our team, our official correspondence will only ever be delivered from email addresses ending in “@pexa.com.au”.
If you receive an email you believe to be suspicious, please:
PEXA will never send you an email advising you to click a link to log in to the platform
If you receive an email with a link prompting you to login to PEXA, please disregard. After your initial PEXA account creation, we will never directly email you with a link to our login page or request your login credentials.
PEXA will never request files or information from you via a third-party service
Recently, we’ve observed malicious emails being sent to practitioners, purporting to be from PEXA via third-party file services, asking the recipient to open/download files.
Such scams are an ongoing cyber-threat affecting Australian organisations. Please note, PEXA does not use third parties to source files or information from you.
PEXA will never ask for your MFA code
If you receive a text message, phone call or email requesting your MFA code, please ignore this. Never share your MFA code with anyone – and we’ll never ask for it.
PEXA will never call you from unverified phone numbers
Please be mindful of taking phone calls related to Workspaces from unknown sources.
For those with an account manager, their contact should be saved in your records.