May 2019 – Over the past several years, cybersecurity has become an increasingly important issue facing financial services companies of all shapes and sizes. This is especially true for mortgage lenders, given the considerable amount of non-public information they collect from borrowers and are charged to protect. Bad actors are focused on using social engineering and phishing attacks to defraud consumers, stealing credentials from trusted individuals in an effort to impact the origination workflow and gain access to borrowers’ non-public information.
Social engineering is the use of deception to manipulate an individual into taking an action desired by the attacker. One of the most common forms of social engineering is phishing, wherein an attacker crafts a convincing digital message to attempt to get a user to respond and take action. Recent research found that nearly 83% of all companies were either targeted or became victims of a phishing attack in 2018. This past September alone, 286 different brands were utilized in targeted phishing campaigns in an attempt to defraud consumers.
In 2018, the primary goals of attackers using phishing as a primary attack method were:
- Business email compromise (BEC)
- Wire transfer fraud
- Theft of password credentials
Mortgage banking entities should take steps to improve their cybersecurity in order to reduce the risk of phishing and minimize its impact on their organizations. Multi-Factor Authentication, also known as MFA, should be implemented by any lender that is using cloud-based email. The use of MFA reduces the risk of business email compromise and credential theft.
There are also a number of low-cost control measures that can be deployed to counter domain spoofing, including Sender Provider Framework (SPF), DomainKeys Identified Mail (DKIM), and Domain-based Message Authentication, Reporting and Conformance (DKIM) email authentication protocols, but these solutions tend not to be implemented within mortgage lenders’ environments.
SPF is one of three email authentication solutions that is designed to help detect phishing and email fraud, while DKIM is an additional layer on top of SPF that cryptographically signs each email that is sent from an organization’s domain. These solutions in effect act as a certificate of authenticity for a company’s email recipients. Lastly, the Domain-based Message Authentication, Reporting and Conformance protocol (DMARC), which is the most recent email security standard to have been released, is designed to not only act as a certificate of authenticity, but also to provide instructions to the email server regarding what to do when fraud is detected.
By ensuring that your email domain is secured using SPF, DKIM and DMARC security protocols, you can greatly reduce the risks associated with email communications and limit any potential impacts on your business workflow.
About Richey May Technology Solutions
A division of Richey May, Richey May Technology Solutions offers a full spectrum of technology solutions, from cloud services and cybersecurity to marketing technology, and from governance, risk, controls and privacy to technology management consulting.
For more information, visit https://richeymay.com/technology/.
