The next wave of servicing regulation is coming – Are you ready?

Join this webinar to learn what servicers need to know about recent and upcoming servicing compliance regulations and strategies experts are implementing to prepare for servicing regulatory audits.

Inside Look: RealTrends 2021 Brokerage Compensation Study

Steve Murray, senior advisor to RealTrends, gives an exclusive first look at the 2021 RealTrends Brokerage Compensation Report.

Logan Mohtashami on trends in forbearance exits

In this episode of HousingWire Daily, Logan Mohtashami discusses several hot topics in the housing market, including recent trends in forbearance exits and future homebuyer demand in the midst of inventory shortages.

How lenders can prepare for increasing regulatory pressures

As compliance becomes an increased focal point for mortgage lenders and investors, staying ahead of state and federal regulations can be the difference between a flourishing business and one mired in fines.


MBA Tech: Here are the biggest cybersecurity threats to mortgage companies right now

Ransomware and wire fraud are low-hanging fruit for criminals

It’s every company’s worst nightmare: someone has gained access to your data and locked you out. Now they want money to restore your access, but be careful — there’s no guarantee you’ll get it back, even if you pay.

Cybersecurity experts on several panels at the MBA Technology Solutions Conference in Detroit on Monday outlined the greatest risks the mortgage industry is facing right now and what companies can do to prepare.

Among the worst things that could happen? A ransomware attack.

This extortion scheme has morphed in recent years, with individuals or companies offering ransomware-as-a-service, which puts another layer of criminality between you and your data.

“The thing about ransomware is that it pays [criminals] really well, and it’s just so much easy money,” said Thomas Dryden, CIO of Berkadia. “They aren’t harvesting data and then selling it. That kind of fraud is a lot of work compared to the minimal work of locking you out and collecting money.”

Dryden was part of a panel reviewing successful cyberattacks. In an online anonymous poll of the audience, 28% of respondents indicated they had experienced a general cybersecurity breach and it had only impacted their company, while 11% said they had experienced a breach that impacted their customers as well.

All of the panelists, which included Dryden, John-Thomas Gaietto, executive director of cybersecurity at Richey May, and moderator Alex Wood, chief information security officer at Pulte, thought the percentage was probably higher than the audience would like to admit.

For ransomware in particular, the consequences of an attack can be costly.

The attack often starts with an employee responding to a phishing scheme, the “gateway event” that leads to many different types of security breaches, Dryden said. Company software will display a ransomware message with a countdown clock, and the amount of ransom goes up as the clock winds down.

Companies then have to decide if it is better to pay to get access to their data, or try recreate the data, assuming that’s an option. But even paying the ransom isn’t a guarantee.

“In the early days of ransomware attacks, it was at least a little more ethical. With ransomware-as-a-service, they are willing to encrypt your data and just move on — it is getting getting nastier and nastier,” Dryden said.  

He warned the audience that if they carried cybersecurity insurance, keeping the amount of the deductible secret was vital — otherwise the thieves will know exactly what the company’s cost threshold is, and will set their ransom accordingly.

At this point in the process, the importance of secure system backups will become blindingly obvious to the affected company. Unfortunately, that hindsight often comes too late. Even companies who have been meticulous in doing backups may not be testing those backups.

“Companies think they are backing up everything, but it’s amazing how often you may uncover failure in backup activities,” Dryden said.

And sometimes the backups get encrypted, too.

In fact, company leaders may wake up one day to find they can’t even use company phones, faxes or email systems to communicate with internal staff — much less external partners — about the incident.

The other rising cybersecurity threat that the panel identified was wire fraud. Criminals gain access to the email system of a real estate agent, title company or lender and identify the date of an upcoming closing. On that date they insert themselves into the process to change the parameters of the deal — emailing borrowers or title companies to send money to a different account or changing the amount they were supposed to send.

Because the attackers first compromise the email system, they can delete sent emails so that the real company has no idea what is going on.

“Wire fraud has low overhead,” Wood said. “It’s super easy but offers huge potential returns. We are seeing that it’s Realtors who tend to get compromised, especially the mom and pop shops who may not have a lot of security.”

Wood said Pulte approaches this growing problem by communicating with the buyer throughout the process about the potential hazard around the wire transfer. They not only instruct borrowers on their process but they include warnings on the disclosures about this type of fraud. If Pulte sends wire instructions by email they follow up immediately with a phone call to make sure the borrower received the right instructions and know that they should not be getting any further instructions that are different.

Gaietto said establishing these kinds of business processes for wire transfers is crucial.

“Given how risky it is, companies may just eliminate wire transfers over email altogether,” Gaietto said. “Then they can tell borrowers, ‘We won’t be emailing wire instructions to you on what kind of wire or where to wire.’”

But what if the worst happens? Read our follow-up coverage to find out what the experts say you should do next.

Most Popular Articles

Treasury removes restrictions on investment properties

The Treasury Department and FHFA announced Tuesday that they are suspending certain requirements that were added in January to the Preferred Stock Purchase Agreements (PSPAs) between Treasury and Fannie Mae and Freddie Mac.

Sep 14, 2021 By

Latest Articles

Natural disasters and forbearance: What borrowers and mortgage servicers need to know

The United States is grappling with a sharp rise in natural disasters, including wildfires, an active hurricane season, floods, tornadoes and mudslides. The mortgage industry needs to be proactive in examining programs to help borrowers recover.

Sep 17, 2021 By
3d rendering of a row of luxury townhouses along a street

Log In

Forgot Password?

Don't have an account? Please