{"id":463,"date":"2021-09-13T11:52:47","date_gmt":"2021-09-13T11:52:47","guid":{"rendered":"http:\/\/blog.effi.com.au\/blogs\/?p=463"},"modified":"2021-09-13T21:25:44","modified_gmt":"2021-09-13T21:25:44","slug":"how-big-a-threat-has-cybercrime-become-for-mortgage-industry-and-what-can-we-do-to-prevent-it","status":"publish","type":"post","link":"http:\/\/13.210.238.202\/blogs\/2021\/09\/13\/how-big-a-threat-has-cybercrime-become-for-mortgage-industry-and-what-can-we-do-to-prevent-it\/","title":{"rendered":"How big a threat has cybercrime become for mortgage industry and what can we do to prevent it?"},"content":{"rendered":"

Underneath the glossy casing of the digital world is a world of forgetting passwords and cybercrime. Cybercrime really goes back to the birth of computers. As soon as computers were created, people were tinkering with them. But the boom in cybercrime dated back to the mid-90s when credit cards came on the internet, e-commerce started and of course online banking. Today, it has gone global.\u00a0<\/span><\/p>\n

But here\u2019s the thing: Back in those early days, it was more about people downloading malicious software and getting infections, things that impacted the network and took out availability. But over the last 20 years, it has moved on to being much more commercial: <\/span>taking money<\/span><\/i>. And that\u2019s a reflection of the fact that we\u2019re using technology much more as a core way of managing data and businesses.\u00a0<\/span><\/p>\n

Businesses in the finance space are having it really bad being subjected to attacks almost frequently. A senior computer network manager for a global financial services company named Peter says they are seeing tens of different hacking attacks every week \u2013 completely <\/span>bombarded from all directions.<\/span><\/a>\u00a0<\/span><\/p>\n

We can hear some people protesting “we can always push thinking about it tomorrow”. We can tell some of you are secretly thinking it. But did you know? There\u2019s been a ton of incidents where attackers were able to <\/span>impersonate brokers over email<\/span><\/a>, leading to either a lender or a client depositing money into the attacker\u2019s account. Ah yes, now it seems fair that mortgage brokers need to be more vigilant and to strengthen our cybersecurity.\u00a0\u00a0<\/span><\/p>\n

What can you do to make things as safe and secure as possible? Here are a few pointers from the top cybersecurity trainer \u2013 <\/span>Teri Radichel<\/span><\/a> to help you avoid falling prey to cyber attacks. Let\u2019s read it with a forensic attitude in mind and attempt to extract the facts, shall we?<\/span><\/b><\/p>\n

Cybersecurity problems are the result of an overly complex process<\/b><\/h2>\n

The length of time a process drags on with endless rounds of paperwork is a security risk. Some mortgage brokers are used to exchanging documents and bank statements\u2026.<\/span>via emails<\/span><\/i>. The more paperwork gets shuttled around multiple times in your email, the more chance that something would go to the wrong place and get in the wrong hands. Certain processes even require customers to give their sensitive data<\/span>…over the phone <\/span><\/i>instead of into a secure portal. This leaves a massive loophole where attackers can get around and take advantage. On top of that, the repeated requests for documents can really stress people out. When people are stressed, they tend to make mistakes.\u00a0<\/span><\/p>\n

The solution: streamline the process<\/b><\/p>\n

The way many mortgage brokers do loan processing could use some serious streamlining. One of the best ways is by using a secure portal such as Effi to capture documents, simplify the process, eliminate unnecessary and duplicated steps, which in turn, reduce the points of potential data exposure. Not only it gives your customers a better sense of security but also helps them avoid an inordinate\u00a0 amount of stress.\u00a0<\/span><\/b><\/p>\n

Broken portals lead to business and cybersecurity risk\u00a0<\/b><\/h2>\n

Now we know, having a secure portal is much better than sending documents via emails. However, in some cases, the portals are cumbersome, chunky and even completely unusable so people resort to using emails or some other less secure workarounds. The most common way emails get hacked is through Phishing Schemes. It is usually done by sending out an email that looks legitimate and has people enter credentials to \u201cverify\u201d information, which is then stolen. It may also ask the recipient to download something which ends up being malicious malware.\u00a0<\/span><\/p>\n

Let\u2019s talk examples: Microsoft took down a major <\/span>business email compromise (BEC) operation<\/span><\/a> in which the attackers were able to gain entry into inboxes to find information about financial transactions. They then sent <\/span>spoofed emails<\/span><\/a> to trick people into wiring money to the wrong place. Not cool!<\/span><\/p>\n

\"Phising\"Phishing<\/span><\/p>\n

This is a phishing page that looks similar to the Microsoft sign-in page with the username prepopulated. Once the user entered their password, they were presented with a \u201cFile not found message\u201d.\u00a0<\/span>The obtained password would allow hackers to access your inbox and redirect financial-themed emails to their controlled email addresses. <\/span><\/p>\n

If you\u2019re working with a number of mortgage applications, the attacker has access to any document in your email account, to trick your customers into sending data or money to them. I don\u2019t think I need to explain the severity of the damage it created. <\/span>According to the FBI\u2019s 2020 Internet Crime Report<\/span><\/a>, BEC scams are the costliest scam as losses reached a total of nearly USD $2 billion last year.\u00a0<\/span><\/p>\n

The solution: the portal needs to be secure and work properly<\/b><\/p>\n

The best you can do to avoid epic failures like this one is to choose a platform for your business carefully and to educate your team about security. This is the one time when you shouldn\u2019t trust your guts. Test all of the functions and make sure your portal is working properly. Train your team to strictly use the system so they won\u2019t use the alternative and unsecure ways to get the job done quickly. Leveraging a third-party secure portal such as Effi that is well-versed in handling documents securely will greatly offset your risk.\u00a0<\/span><\/b><\/p>\n

Gaps in transaction communications<\/b><\/h2>\n

You don\u2019t want your clients to be getting emails from people they have never heard of or had no prior contact with, asking for information, paperwork and eventually bank accounts. We are talking about hundreds of thousands of dollars at risk here. Some customers would question the legitimacy of these requests because there is no way for them to know if it\u2019s truly someone sent by you or a hacker who adopted a cunning disguise. So how do we avoid this situation?<\/span><\/p>\n

The solution: Being crystal-clear from the get-go.\u00a0<\/b><\/p>\n

You should take the extra step to ensure your client does not give out information to an imposter. Gather the names, phone numbers and emails of the people who will contact your customer, provide that information in an email or via a text message then call your customer to confirm the accuracy of the contents. Better be safe than sorry! Or the best way is via a secure portal where your customer can log in and find all the appropriate contacts safely.\u00a0<\/span><\/p>\n

Checking all of your security measures can save you a lot of pain down the line. We are not here to judge your processes \u2013 only to tell you that there\u2019s a mortgage broker platform that embraces all security measures. At Effi, if it looks like a duck, swims like a duck, and quacks like a duck, then it probably is a duck. Nothing escapes our eagle eyes as we monitor all such incidents and verify that none of your data is connected in any way to security breaches.<\/span><\/p>\n

Alright, are we done here? Cool \u2013 Go forth and sign up with Effi! At Effi, we take security and privacy seriously both in our product and our organisation to protect the data that you entrust us with. You own your data and we never use it beyond the service we provide you. Get your 14-day free trial today!<\/span><\/p>\n","protected":false},"excerpt":{"rendered":"

Underneath the glossy casing of the digital world is a world of forgetting passwords and cybercrime. Cybercrime really goes back to the birth of computers. As soon as computers were created, people were tinkering with them. But the boom in cybercrime dated back to the mid-90s when credit cards came on the internet, e-commerce started …<\/p>\n

How big a threat has cybercrime become for mortgage industry and what can we do to prevent it?<\/span> Read More »<\/a><\/p>\n","protected":false},"author":6,"featured_media":464,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"spay_email":""},"categories":[9],"tags":[],"jetpack_featured_media_url":"https:\/\/i2.wp.com\/13.210.238.202\/blogs\/wp-content\/uploads\/2021\/09\/cybercrime.jpeg?fit=900%2C884","uagb_featured_image_src":{"full":["https:\/\/i2.wp.com\/13.210.238.202\/blogs\/wp-content\/uploads\/2021\/09\/cybercrime.jpeg?fit=900%2C884",900,884,false],"thumbnail":["https:\/\/i2.wp.com\/13.210.238.202\/blogs\/wp-content\/uploads\/2021\/09\/cybercrime.jpeg?resize=150%2C150",150,150,true],"medium":["https:\/\/i2.wp.com\/13.210.238.202\/blogs\/wp-content\/uploads\/2021\/09\/cybercrime.jpeg?fit=300%2C295",300,295,true],"medium_large":["https:\/\/i2.wp.com\/13.210.238.202\/blogs\/wp-content\/uploads\/2021\/09\/cybercrime.jpeg?fit=768%2C754",768,754,true],"large":["https:\/\/i2.wp.com\/13.210.238.202\/blogs\/wp-content\/uploads\/2021\/09\/cybercrime.jpeg?fit=900%2C884",900,884,true],"1536x1536":["https:\/\/i2.wp.com\/13.210.238.202\/blogs\/wp-content\/uploads\/2021\/09\/cybercrime.jpeg?fit=900%2C884",900,884,true],"2048x2048":["https:\/\/i2.wp.com\/13.210.238.202\/blogs\/wp-content\/uploads\/2021\/09\/cybercrime.jpeg?fit=900%2C884",900,884,true],"jetpack-portfolio-admin-thumb":["https:\/\/i2.wp.com\/13.210.238.202\/blogs\/wp-content\/uploads\/2021\/09\/cybercrime.jpeg?resize=50%2C50",50,50,true]},"uagb_author_info":{"display_name":"Effi Author","author_link":"http:\/\/13.210.238.202\/blogs\/author\/effi-author\/"},"uagb_comment_info":0,"uagb_excerpt":"Underneath the glossy casing of the digital world is a world of forgetting passwords and cybercrime. Cybercrime really goes back to the birth of computers. As soon as computers were created, people were tinkering with them. But the boom in cybercrime dated back to the mid-90s when credit cards came on the internet, e-commerce started…","_links":{"self":[{"href":"http:\/\/13.210.238.202\/blogs\/wp-json\/wp\/v2\/posts\/463"}],"collection":[{"href":"http:\/\/13.210.238.202\/blogs\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/13.210.238.202\/blogs\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/13.210.238.202\/blogs\/wp-json\/wp\/v2\/users\/6"}],"replies":[{"embeddable":true,"href":"http:\/\/13.210.238.202\/blogs\/wp-json\/wp\/v2\/comments?post=463"}],"version-history":[{"count":4,"href":"http:\/\/13.210.238.202\/blogs\/wp-json\/wp\/v2\/posts\/463\/revisions"}],"predecessor-version":[{"id":478,"href":"http:\/\/13.210.238.202\/blogs\/wp-json\/wp\/v2\/posts\/463\/revisions\/478"}],"wp:featuredmedia":[{"embeddable":true,"href":"http:\/\/13.210.238.202\/blogs\/wp-json\/wp\/v2\/media\/464"}],"wp:attachment":[{"href":"http:\/\/13.210.238.202\/blogs\/wp-json\/wp\/v2\/media?parent=463"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/13.210.238.202\/blogs\/wp-json\/wp\/v2\/categories?post=463"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/13.210.238.202\/blogs\/wp-json\/wp\/v2\/tags?post=463"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}