What Cyber Risks do Mortgage Brokers Face?

The global pandemic of 2020 prompted a worldwide shift to remote work, inducing corporations to change their business models almost immediately with very little planning. Cybercriminals saw opportunities where other organizations saw crises. Over 60% of companies were victimized by a ransomware attack over the last year, resulting in an average of six days of downtime. This is double the amount of productive time lost to cybercrime the year before. In addition, email threats increased over the same period by over 60% as cybercriminals took advantage of higher levels of technology use across the globe. No organization is exempt from this threat, although there are certain industries that are more vulnerable than others. The financial industry is especially attractive to hackers; mortgage brokers, in particular, should heed warnings to be wary and take steps to improve security by creating a cybersecurity plan and obtaining cyber liability insurance

Why the Mortgage Industry is a Target

Financial organizations play a vital role in the world economy. The mortgage industry is a crucial part of serving private consumers who want to own their own homes, investors purchasing a rental property, and corporate clients buying land or buildings for multiple families or businesses. In this process, mortgage companies collect a great deal of sensitive information from their clients, including tax returns, banking account data, financial statements, and credit information. Cybercriminals can block access to this information, demand a ransom for its return, or outright steal consumer information for their dishonest use. To further complicate the situation, many firms rely on outdated, legacy processing software that was not designed with cybersecurity for mortgage brokers as a priority. These issues make the mortgage industry a key target for cybercriminals.

How Security is Breached

Hackers frequently breach security through the use of phishing emails, which bait employees to click on links that download malware or other viruses that allow unlawful entrance to the network. Mortgage brokers should watch for any emails from an unknown origin, but especially those that

  • notify the user of suspicious activity
  • ask for confirmation of personal information
  • include a phony invoice
  • claim problems with account or payment information
  • solicit payment using a link
  • offer a refund, award, or free merchandise

How to Improve Security

To improve security, mortgage brokers should first conduct a risk assessment, identifying potential flaws in critical applications and data access. Most mortgage companies don't have adequate cybersecurity policies. Results of the risk assessment should be used to create a cybersecurity plan which should at a minimum include the following:

  • client data protection
  • regular software patches
  • employee training
  • access control policies
  • firewall installation
  • data encryption
  • third party management
  • cyber liability insurance
  • incident response policy.

The importance of the mortgage profession to individuals, corporations, and the worldwide economy makes it a target for cybercrime. Mortgage lenders need to be aware of the risk and take steps to preserve the integrity of the industry.

About Axis Insurance 

At Axis Insurance Services, we aim to help our customers identify their exposures and protect themselves. Founded in 1999, we offer insurance programs to a wide variety of professionals and industries including attorneys, real estate, healthcare, architects, and more, and also have a wholesale division. We pride ourselves on offering flexible insurance coverage tailored specifically to each customer’s needs. To learn more about our solutions, contact us at (877) 787-5258 to speak with one of our professionals.


Mortgage banker insurance, Cyber Risk Insurance

Recent Posts


See all