The Growing Threat Landscape

Today, more than ever before, headlines flood newsfeeds about recent data breaches and cyber-attacks targeting various industries. The FBIⁱ reports that there were over 859,000 complaints of suspected internet crime and reported losses exceeding $16 billion, a 33% increase since 2023. Due to the sensitive personal and financial data, the mortgage space has become an increasingly active target for cybercriminals.

The troubling reality is that an estimated 91% of cyberattacks begin with a seemingly innocent phishing email, as reported by StationXⁱⁱ. There is a vulnerability that stands out in our digital defense systems: the human element.

Research shows that attacks targeting people and exploiting human error account for more than 90% of successful cyberattacks. The 2025 IBM Cost of a Data Breach Reportⁱⁱⁱ places the average cost of a single data breach at a staggering $4.4 million, which can be devastating for smaller mortgage companies and brokerages.

Primary Threats to Financial Professionals

The financial services sector remains in the crosshairs, being identified as the most targeted industry as of late 2022, accounting for 27.7% of all phishing attempts.ⁱⁱ For mortgage professionals, these attacks frequently appear as business email compromise schemes designed to redirect wire transfers, often resulting in financial losses. Equally troubling are sophisticated phishing campaigns targeting login credentials for loan origination platforms, which can provide attackers with access to sensitive borrower information.

Ransomware attacks are another threat on the rise, with cybercriminals deploying malicious software that can lock mortgage professionals out of underwriting and processing systems until a ransom is paid. Additionally, malware concealed in attachments from someone impersonating borrowers has become increasingly common. In 2017, Equifax was involved in one of the biggest cybersecurity breaches in U.S. history that resulted in the compromised data of 147.9 million individuals and $13.4 million in watchdog fines. The scale of these threats only continues to grow with cybercriminals launching approximately 3.4 billion phishing emails each day, translating to over a trillion malicious messages yearly.ⁱⁱ  

The Human Element in Cybersecurity

While cybersecurity challenges are significant, the human element in mortgage organizations represents not just a potential vulnerability but also a powerful line of defense when properly equipped and supported.

According to a report by Proofpoint, 71% of working adults took a risky action, such as sharing a password, clicking links from unknown senders, or prviding credentials to an untrustworthy source, and 96% of them acknowledged that they were doing something risky.^iv  This vulnerability is particularly pronounced among remote workers, with 80% of information security professionals reporting increased security threats following the shift to remote work environments. Of these threats, phishing attacks have seen the most dramatic rise, with 62% of security professionals saying phishing attacks had increased more than any other type of threat.

Regular, engaging training sessions that simulate real-world phishing attempts have proven particularly effective in raising awareness of these types of attacks. About 32% of employees are susceptible to falling for phishing scams when they aren’t properly trained. For mortgage professionals who regularly handle sensitive financial documents and personally identifiable information, these educational investments provide crucial context for understanding how their specific workflows might be targeted. As Radian Group's Chief Information Security Officer, Donna Ross, stated in an interview with PROFILE, "Security should not be the best-kept secret in the company. Our job is to be at the forefront and not be invisible." Security awareness should be a visible, integrated part of daily operations rather than an afterthought.

Key Protection Strategies

The National Cybersecurity Alliance recommends four fundamental security practices that mortgage professionals should implement:

1. Use strong passwords and a password manager. Rather than reusing passwords across multiple platforms, you should create unique, complex passwords for each system and store them securely in a reputable password manager.
2. Turn on multifactor authentication (MFA). Even if a password is stolen, MFA adds an extra layer of protection for accessing sensitive information.
3. Recognize and report phishing. Stay alert for suspicious emails, especially those requesting wire instructions or login details.
4. Update your software. Outdated software can often contain known vulnerabilities that attackers can exploit. By ensuring that all operating systems, mortgage processing platforms, and security tools remain current, financial professionals can help reduce cyberattack risks.

Additional Best Practices

Beyond these practices, mortgage professionals can implement comprehensive email security measures. This includes being vigilant about messages containing common phishing trigger words such as:

• Invoice
• Required
• Verification
• Request

Many successful phishing attacks use these words to create a false sense of urgency or legitimacy.

Strong account management practices are equally important. Using unique passwords for each platform or account helps prevent credential stuffing attacks, where compromised passwords from one service are used to access others. Regular password updates and periodic reviews of access permissions help ensure that only authorized individuals can access sensitive data.

Device security deserves particular attention, especially with the increased prevalence of remote work. Encrypting all devices that contain client information helps protect personal information if hardware is lost or stolen. Similarly, implementing comprehensive workstation defenses, including anti-virus software, anti-spam protection, and regular security updates, creates multiple layers of protection against evolving threats.

Responding to Security Incidents

Even with the best preparation, security incidents may still occur. When suspecting a breach or encountering suspicious content, promptly contacting IT security personnel without attempting to investigate independently is essential. Following your company’s established incident response protocols can also help prevent further damage and help contain potential breaches before they affect client data or financial transactions.

The Path Forward

Mortgage professionals handling sensitive data and financial transactions must recognize that cybersecurity awareness is no longer optional; it's a responsibility. With phishing attacks increasing by more than 150% yearly since 2019ⁱⁱ and the financial industry being highly targeted due to its access to financial resources and personal data, vigilance must become second nature.

To support your ongoing security efforts, we encourage you to download and share Radian's Cybersecurity Tips and Checklists document. These quick and ready-to-implement strategies can serve as a valuable reference for both individuals and teams seeking to help improve their preparedness against evolving cyber threats.

 

 

---

ⁱThe FBI’s figures encompass losses from real estate investments, rental and timeshare property fraud, and related internet crimes.

ⁱⁱSmith, Gary. “Top Phishing Statistics for 2025: Latest Figures and Trends.” StationX. https://www.stationx.net/phishing-statistics/.

ⁱⁱⁱIMB. "Cost of a Data Breach Report 2025." https://www.ibm.com/reports/data-breach

^ivProofpoint. "2024 State of the Phish – Today’s Cyber Threats and Phishing Protection." https://www.proofpoint.com/us/resources/threat-reports/state-of-phish

© 2025 Radian Group Inc. All Rights Reserved.  550 East Swedesford Road, Suite 350, Wayne, PA 19087. The content presented is intended to convey general information and is for informational purposes only and does not constitute legal advice or opinions. Radian Group Inc. and its subsidiaries and affiliates make no express or implied warranty respecting the information presented and assume no responsibility for errors or omissions.