Cybersecurity Advice for Lenders | Simple Tips for Increased Protection
In our last blog post, we discussed an alarming new trend of phishing scams plaguing the mortgage industry. Attackers pose as mortgage agents and send borrowers new wiring instructions via email. Borrowers are at risk of losing money and having their personal information stolen. Lenders are at risk of losing the confidence of borrowers.
While it’s difficult to keep up with the constant technology updates, there are a few simple actions that can help lenders protect against cyberattacks. Keeping in mind that the Gramm-Leach-Bliley Act makes it the obligation of the lender to fully disclose information-sharing practices to customers and to safeguard sensitive data entrusted to them, lenders should take on the following responsibilities:
Require company-wide software updates. According to Mortgage Compliance Magazine, “Software and app publishers regularly release updates to fix known vulnerabilities… when an update is released hackers can identify the vulnerabilities of older versions and then use those to get into machines and programs that are not regularly updated.” By requiring regular updates on all devices from which business is conducted (both company-owned and personal), you are protecting your company from being low-hanging fruit for hackers.
Educate borrowers about the latest scams. In many cases like the one discussed in our last blog, the borrower is the last line of defense in mortgage scams. Often by design the lender is unaware that an attack is taking place. Thus, it is extremely important that borrowers be aware of common scams and be wary of any communication that is contrary to arrangements previously discussed with their mortgage agent.
Use cloud technology for transfer of sensitive information, NOT email. Ken Perry, President and Founder of The Knowledge Coop, commented that “transmitting private borrower data by email is foolish at best” and that “email is the easiest way to get a virus.” A system that allows users to access information from any device using a password-protected login is an ideal way to transfer sensitive data and avoid email. A cloud-based system also provides defense against ransomware by storing copies of information in off-site servers.
Janus AMC is committed to helping you protect borrowers’ information. Place your trust in us to keep you updated on the latest in mortgage industry cybersecurity.