Internet Security: Phishing Attacks – NMP Skip to main content

Internet Security: Phishing Attacks

Kevin Origoni
Feb 20, 2014

Question: Recently, our firm came under a “phishing attack.” Our IT people fixed the problem, but we really don’t know what happens in a phishing attack. Can you explain it in layman’s terms? Also, How can we prevent this kind of cyber attack? Answer: Phishing is the act of attempting to acquire information such as usernames, passwords,and credit card details (and sometimes, indirectly, money) by masquerading as a trustworthy entity in an electronic communication. Today's spear-phishing attacks are highly targeted, technically sophisticated, and represent a real threat to data security. Attackers can leverage information gleaned from social media to tailor messaging to individual targets, and can convincingly imitate legitimate senders. A successful attack compromises the target's device with malware and can be used by a criminal to gain access to the entire network - often with serious financial repercussions for the business. It’s apparent that residential mortgage lenders and originators have non-public personal information at their fingertips and it would be disastrous to have that information in the wrong hands.  How can you prevent phishing attacks on your computer? You can start by avoiding and not opening emails that contain subject lines that read: 1) Invitation to connect on LinkedIn  2) Mail delivery failed: returning message to sender 3) Dear (insert bank name here) Customer 4) Important Communication 5) Undelivered Mail Returned to Sender In sophisticated and large infrastructure environments, there is technology like firewalls and web-blockers in place that can prevent certain emails from filtering through to you, the user. Certainly, your organization should implement an Information Security Plan. This is an extensive document that ensures regulatory compliance and contains practical, preventive steps to warding off a cyber attack. However, in smaller, less-sophisticated environments, or even at your home network, you should be cognizant that your personal computer is the gateway to information that someone else may want. It’s imperative that you keep your PC’s anti-virus updated, and avoid suspicious emails that invite you to click on a hyperlink. Kevin Origoni is director/IT and Internet security for Long Beach, N.Y.-based Lenders Compliance Group.
Published
Feb 20, 2014
CRA Impact May Not Be As Profound As Feared

CFPB Director Rohit Chopra tells MBA conference changes shouldn’t be difficult

Regulation and Compliance
May 17, 2022
A UDAAP Expansion

The CFPB’s new memo about consumer complaints

Regulation and Compliance
May 17, 2022
Builders, Lenders Praise Biden Plan To Improve Housing Supply

'Housing Supply Action Plan' seeks to improve affordability by increasing housing inventory over the next five years.

Regulation and Compliance
May 17, 2022
Trigger Leads Could Be Outlawed In Mortgage Industry

N.Y. congressman says selling the information increases risk of fraud, ID theft.

Regulation and Compliance
May 17, 2022
Georgia Governor Signs New Mortgage Licensing Law

Lessens impact on hiring of out-of-state employees with criminal records

Regulation and Compliance
May 10, 2022
10,000 NAHB Members Sign Letter To Biden Seeking Housing Market Help

The letter cites rapidly rising interest rates, rising home prices and rents, and the rising cost of lumber and building materials for significantly decreasing housing affordability.

Construction
May 02, 2022