Loan officers and mortgage executives alike continue to click on links in seemingly routine emails, ultimately giving bad actors complete access to lenders’ systems and mortgage transactions. Such mistakes can cost companies millions of dollars and expose sensitive data from millions of customers.
Phishing schemes continue to be the most prominent form of attack on the mortgage industry because hackers have many avenues of planting themselves into a mortgage transaction, according to a panel of mortgage executives speaking at the Mortgage Bankers Association’s Technology Solutions Conference & Expo 2022 in Las Vegas this week.
And those hackers are getting smarter every year.
Michele Buschman, chief information officer at American Pacific Mortgage, said that hackers will insert themselves within a mortgage transaction and pretend to either be a real estate agent, a title escrow company, or the LO, and send an email asking the borrower for a wire transfer, or will send them a link that needs to be clicked on.
“It takes just one person in the transaction to have their email account compromised and they are able to mimic the signature of the LO or the lenders logo,” said Buschman. “They make this look so real that it’s difficult for a consumer to identify that it’s a fake.”
David Townsend, CEO of Agent National Title Insurance.Co., a national title insurance underwriting company, said that a lot of the time the weak link in a phishing scheme is the real estate agent.
“Believe it or not, a lot of real estate agents are still using AOL emails,” Townsend said. “Nonsecure emails are most rampant among real estate agents and they have their emails on their signs, so it’s easy to get this readily identifiable information.”
These emails can easily be spoofed and used for phishing schemes.
Adam Chaudhary, president at FundingShield, a fraud preventions solutions fintech, said that data is disparately distributed among lenders, title and production systems and real estate companies , which presents ample opportunity for hackers.
“You have multiple parties coming to a closing table with different levels of security and with a single motivation to close the thing as fast as they can…that presents cybersecurity challenges,” Chaudhary said.
He noted that housing agencies have voiced an intention to better track cybersecurity breaches among lenders and their vendors.
Chaudhary said that Freddie Mac recently sent FundingShield a letter asking the fintech to disclose any cyberattacks that may have impacted customers.
“We are so centrally located in the ecosystem providing protections across the landscape to lenders that are contracting third-party services,” said Chaudhary. “They want us to disclose if we have any knowledge of a cybersecurity breach or data breach, even if we think it may happen.”
Freddie Mac did not immediately respond to a request for comment.
Buschman also noted that phishing attempts have noticeably increased at APM since Russia’s invasion of Ukraine in late February. However, she added that she couldn’t confidently state whether there is a correlation.
In March, cybersecurity experts pointed to an increase in cyberattacks, with some speculating that these attacks were coming from Russia or China.
To avoid hacks, the panel recommended creating a “human firewall” by educating consumers and everyone involved in the mortgage transaction about the potential for spoofed emails.
The panel also said that multi-factor authentication and patching outdated systems is a must.