Cybercriminals are on the hunt for new victims. In recent years, reports showed that banks, medical institutions, and government organizations were among the constant targets of hackers worldwide. However, it appears that they've recently discovered that there is much to be gained by infiltrating the art world. Back in May 2024, artists and collectors were shaken when auction house Christie's confirmed that its website had been hacked. Though cybersecurity experts were able to fix the problem, this didn't change the fact that the breach shut out collectors who were potentially to place bids on $850 million worth of art work.
No industry or institution is safe from cybercrime, so galleries, museums, auction houses, and for-profit, privately owned art fairs should consider having safety measures in place to protect their data and prevent financial losses. Here's how to create a strong cybersecurity culture in the art world.
Prevent Internet Fraud
Internet fraudsters use a variety of tactics such as impersonation or sending phishing scams to achieve their goals. Lately, scammers have been targeting art galleries since they have a wealthy clientele, and their digital systems are filled with collectors’ personal information. Back in 2017, a few galleries and collectors became victims of an email deception scam wherein criminals were able to hack into an art dealer's email. After seeing a PDF invoice of an art sale sent by the dealer to a client, the hackers would send another invoice through the same email address, along with a message telling them to disregard the previous invoice and send the money to another account. Once the money has been wired, the scammers move the money to avoid detection before moving on to the next victim.
Experts say that art galleries’ reliance on email as the sole means of communication with their clients can make them vulnerable to art fraud. In an interview with Artsy, lawyer Joseph V. DeMarco said that taking preventative measures, such as confirming all wire transfers face to face or over the phone, can help to thwart cyber thieves. Having more than one person authorize a sizable money transfer should also be considered to prevent a massive financial loss. He also advised that galleries should include in their contracts that they would never change their wire information without verbal consent. “Amend your sales agreements, documents, and policies to bring the odds of this happening to zero,” DeMarco urges.
Using advanced technology to fight cybercrime should also be a priority in the art world. Legal cases involving artificial intelligence prove that Generative AI introduces new cybersecurity risks. Fraudulent emails made with AI are now free of mistakes and have professional writing styles, so art institutions should integrate email security and antiphishing tools into their systems, and adopt email security protocols like SSL/TLS for HTTPS.
Train Staff on Best Cybersecurity Practices
If you own an art gallery or work in an auction house, keep in mind that training staff on cybersecurity basics can go a long way to prevent hacking or phishing scams. First, encourage everyone to use strong, unique passwords for all emails, software, and systems, then regularly change passwords, including the one for the Wi-Fi. Keep all antivirus software up to date, and be wary when opening emails. Never click on links or download attachments since doing so may infect your device with a malware virus, which can spy on you or steal sensitive data. Finally, if you get a suspicious email related to a sale or wire transfer, better call the dealer or client to confirm matters before finalizing the transaction.
Safeguard your gallery or auction house from threat actors looking to intentionally harm your digital systems. Create a strong cybersecurity culture in your institution to prevent massive losses, and protect clients and the art world from scammers and hackers.