WARNING – Email Virus Targeting Mortgage Brokers
In recent days the credit bureaus and Federal law enforcement have seen a sudden and significant increase in the number of mortgage professionals falling victim to computer hackers resulting in data breaches and cases of identity theft. One example includes an e-mail claiming to be from UPS attempting to verify the user’s address for a delivery. Here’s an example of one form of the virus email…
“UPS Delivery Problem NR.5660
UPS_Invoice_7892.zip
From: <Redacted>
Sent To: <Redacted>
Subject: Attachments:
From: Postal Manager Rogello Jewell [mallto:pan:el@ups.com] sent Sat 3/6/2010 10:27 AM
Subject: UPS Delivery Problem NR.5660
Dear Customer!
We were not able to deliver postal package you have sent on the 25th of January in time because the addressee’s address is incorrect. Please print out the invoice copy attached and collect the package at our office.
United Parcel Service of America.”
When the user clicks on the link, a “key logger” virus is installed (this happens in the background and is not noticeable to the user.) This virus then tracks and records every key stroke made on that computer and sends the information to the hackers. Once the hackers have the users logins and passwords they have access to all user data including banking, credit card and credit reporting.
These hackers appear to be specifically targeting mortgage brokers and seem to have knowledge of the mortgage banking industry and practices. They have also been able to defeat the security certificate by “guessing” at secret questions that are far too easy or by using the Internet to research common answers to the secret question. Once they solve the secret question, they are able to gain full access to that users credit reporting account (in addition to any/all information accessible by that user.)
To reduce the chance of falling prey to this virus and scam, (and to comply with Federal Laws and repository regulations regarding the protection of consumer credit data) Every user should immediately complete the following steps…
1. Verify that all computers utilized are running anti-virus and anti-spyware software.
2. Update all antivirus and anti-spyware software to insure you are using up-to-date virus detection models.
3. Each computer should also be running an appropriate firewall service – with the default to block any unknown program or access. (i.e. Windows Defender or ZoneAlarm)
4. Once updated, run a full antivirus/antispyware scan of your entire computer(s).
5. Once confirmed that your computer is not infected, change your Credit Technologies password (and any other secure passwords to private information).
6. Review any secret question/answer combination to insure the answer cannot be researched and located through the internet.
Additional best practices that can limit your risks of contracting a virus include,
- Whenever possible limit personal internet usage on corporate computers
- Never open any e-mailed link or attachment that you were not expecting, even if you recognize the sending party.
- All computers should be set to automatically update antivirus software, and routinely install Microsoft Critical Updates (preferably automatically).
At the first sign of trouble – have your computer checked again and immediately contact your administrator or IT professional. After an infection is found and removed a full review needs to be completed to locate any private information that may have been compromised. Any credit card numbers should be cancelled, all passwords changed, etc immediately.
Thank you for your immediate attention to this issue.
