Keeping Home Loan Documents Safe from Hacking

Cyber CrimeYour clients provide tons of personal financial data to mortgage companies during a real estate transaction. So how do you know your clients’ preapproval and home loan documents are protected, and what safeguards does their lender take? Many mortgage lenders have systems in place to keep sensitive financial data safe from hackers.

One of the best ways to help prevent personal data theft is continuous communication and education. Mortgage companies work to ensure their customers are aware of the prevalence and risk of online hacking and theft. The first step is to make home buyers aware of where cyber criminals are lurking and how to avoid them. Evelyn Freitas, a Loan Originator at Envoy Mortgage in Northern California, says that her company sends emails to customers reminding them to never wire funds without double-checking all information with their loan processor over the phone. Plus, Envoy loan processors have a disclaimer in their email signatures—written in red—that serves as yet another reminder. Additionally, loan applicants are sent videos throughout the transaction process educating them about loan document safety.

Mortgage lenders also have many electronic safeguards in place to protect sensitive customer data. For instance, they may use secure mail for collecting any non-public personal information, encrypted internal portals with password protection where clients can apply and upload their documents online, or a rigorous employee logon and password verification process with two-factor authentication. According to Freitas, Envoy has a clean desk policy stating that all file cabinets must be locked and documents must not be left out where they could be read or stolen. Mortgage companies may employ data protection policies with encrypted computers and phones, or even add their company logo to programs like Office 365 so employees know they are accessing the correct information. Many may also have cyber incident management policies in place to protect clients in the event of a security breach.

Lastly, many mortgage lenders require their employees to attend annual training where they learn to recognize phishing scams and understand the importance of cyber security. Freitas states that Envoy requires that employees forward all suspicious emails to the IT department for investigation. Their IT department also periodically sends employees training emails disguised as phishing attempts. The goal, of course, is for the employee to spot the red flags and report the email to IT. If an employee believes the training email is legitimate and responds to it, the employee is notified of their error and sent to additional cyber security training. Mortgage lenders know the importance of informing employees whenever something new happens in the world of data hacking and cybercrime, so they may send security updates keeping them up to date on any new issues.

Advise your clients to talk to their mortgage lender about their data security practices. A good lender should have strong systems in place to ensure the privacy and safety of all customers.

Learn more about keeping your clients safe from scammers.