Sending Sensitive Information and Email Security
Email has been an essential form of communication for years. Practically everyone has an email address and with the mobile technology that exists today, accessing your email has never been easier. Unfortunately, it’s also easier for hackers to access your email accounts too. Through convincing phishing scams and viruses, information breaches are not uncommon in today’s world. That is why it is as important as ever to protect your private information.
For this reason, we’ll be covering some best practices and what you can expect from Mortgage Center to make sure your information stays secure.
Email Security Best Practices
Preview link URLs before clicking them
Scammers may take you to malicious websites using links sent in an email. These websites might ask you for personal information or account information that the scammer collects.
A good habit to get into is hovering over links in an email to see where the link is taking you before clicking on it. All browsers will show you a preview of the link’s URL (web address) in the lower left corner of the window. If the URL isn’t referencing a site you recognize, don’t click or enter any sensitive information on that website.
If the link in the email shows a shortened URL (those typically start with goo.gl, bit.ly, amzn.to, tinyurl.com, etc.) there are tools online to unshorten them and show you a preview of the website before visiting it. Do a quick Google search for “unshorten URL” to find a website you’re comfortable with, should you ever need to see what the URL is.
Use a spam filter
Utilize a spam filter in your email account to have your email automatically route suspicious emails to a different folder. Modern day email clients have built in spam filters that help keep users from interacting with spam emails by accident.
Create a strong password and keep it safe
Use a strong password that you don’t use anywhere else. A good password includes uppercase and lowercase letters, numbers, symbols and are not generic passwords with your name or email address in them.
Never enter your password on a webpage from an email unless you are sure that the website you’re on is legitimate. Reset password emails that you receive when you haven’t requested a password change could be phishing attempts.
If you weren’t expecting an email from an individual or company, use caution when responding or clicking any links within the email. Scammers will use trustworthy company names as a phishing tactic to get you to input sensitive information like your password and account information. Look at the senders email address to try to determine if it is coming from who they claim to be.
Senders email address
Check out the sender’s email address, not display name. Scammers will try to disguise themselves as a creditable company by changing their display name to whatever company they are impersonating. Take a look at the email address attached to the display name to see if it is coming from a familiar email address.
Scammers can also make email addresses that look like they could be legitimate, but may have a typo or numbers and additional words added to them. When in doubt, reach out to the company or person the email is supposed to be from to confirm that the email, or links within, are secure before providing any sensitive information.
Pay attention to grammatical errors in the text of the email, URLs or sender’s email address. These tend to be an easy giveaway for phishing attempts. Scammers will add additional letters and numbers to URLs to make them seem legitimate at first glance.
How to Properly Send Sensitive Information
Never send your private and financial information in an unencrypted email. In the mortgage industry, we refer to this type of information as Nonpublic Information (NPI). Some examples of NPI are:
- Your social security number and driver’s license;
- Your birthdate and mother’s maiden name;
- Your account numbers and information;
- Your income, tax records and financial statements;
- Your insurance statements.
A good way to think about your NPI is protecting any type of documentation someone could use to identify you specifically. Financial records and non-public information should not be sent as embedded images or attachments in an email. Hackers can find these in your email account if it ever becomes compromised.
Mortgage Center will always alert you that we need further documentation and will request sensitive information with a link to our encrypted file system. Should you receive an email from us requesting documentation, follow the link that will open a secured website that begins with “https://mortgagecenter.sharefile.com.”
You will have to verify your email address, first and last name before being able to upload your documents. Once you have, click “Continue” and upload, or drag and drop, any files that you need to submit.
Use the Link in Our Email Signatures
If you have already been communicating with someone on our team, you can use the “Send Files Securely” link available in our signatures. The website, process for logging in and submitting files, is the same as outlined above.
Do your best to keep your email account secure and protect your information from falling into the wrong hands.
Mortgage Center will always make sure that sensitive information you send us is protected, but your email keeps attachments and images as well. We want to make sure that you know how to send documents securely to help keep your personal information protected at all times.
If you have any questions or concerns about sending and receiving important documents, please call us at 800-353-4449 .
If you receive a suspicious email from someone claiming to be affiliated with Mortgage Center, please delete it and report it to our team by emailing Support@MortgageCenter.com.
Last Updated: August 2020
« Return to "Blog"