The Growing Threat of Phishing Attacks on the Mortgage Industry
Loan officers and mortgage managers continue to click on links in seemingly routine emails, ultimately giving bad actors full access to lenders’ systems and mortgage transactions. Mistakes like this can cost businesses millions of dollars and expose the sensitive data of millions of customers.
Phishing schemes continue to be the most common form of attack on the mortgage industry, as hackers have many ways to interfere in a mortgage transaction, according to a panel of mortgage executives speaking at of the Mortgage Bankers Association Technology 2022 Solutions Conference & Expo in Las Vegas this week.
And these hackers are getting smarter every year.
Michele Buschman, Chief Information Officer at American Pacific Mortgagesaid hackers will insert themselves into a mortgage transaction and impersonate a real estate agent, title escrow company, or the LO, and send an email asking the borrower for a wire transfer, or send them a link that needs to be clicked.
“It only takes one person in the transaction to have their email account compromised and they are able to impersonate the LO signature or the lenders logo,” Buschman said. “They make it so real that it’s hard for a consumer to identify that it’s fake.”
David Townsend, CEO of Agent National Title Insurance.Co., a national title insurance underwriting company, said most of the time the weak link in a phishing scheme is the realtor.
“Believe it or not, many real estate agents still use AOL email,” Townsend said. “Unsecured emails are most prevalent among real estate agents and they have their emails on their panels, so it’s easy to get this easily identifiable information.”
These emails can easily be spoofed and used for phishing schemes.
Adam Chaudhary, President of FundingShielda fraud prevention solutions fintech, said data is patchily distributed among lenders, title and production systems, and real estate companies, providing plenty of opportunities for hackers.
“You have multiple parties coming to a close table with different levels of security and with one motivation to shut the thing down as fast as they can…which presents cybersecurity challenges,” Chaudhary said. .
He noted that real estate agencies have expressed their intention to better track cybersecurity breaches among lenders and their vendors.
Chaudhary said that Freddie Mac recently sent FundingShield a letter asking the fintech to disclose any cyberattacks that may impact customers.
“We sit at the center of the ecosystem, providing protections across the landscape for lenders contracting third-party services,” Chaudhary said. “They want us to disclose if we know of a cybersecurity breach or a data breach, even if we believe it may happen.”
Freddie Mac did not immediately respond to a request for comment.
Buschman also noted that phishing attempts have increased significantly at APM since Russia invaded Ukraine in March. However, she added that she could not say for sure if there is a correlation.
In March, cybersecurity experts pointed to an increase in cyberattacks, with some speculating that those attacks came from Russia or China.
To prevent hacks, the panel recommended creating a “human firewall” by educating consumers and everyone involved in the mortgage transaction about the potential for spoofed emails.
The panel also said that multi-factor authentication and fixing outdated systems is a must.