Wednesday, June 17, 2009
In Dedham, MA, Delroy G. Henry pushed his way into the Citizens Bank as it opened. He showed what appeared to be a pistol and wanted the employees to gather in a corner. As he was looking for the vault, the branch manager sent a text message to the Norwood branch manager and said what was happening. That triggered a call to the police who happened to be at a construction site 300 feet away.
Henry was exiting the bank a few minutes later and found about a dozen local and state police officers waiting for him.
Maybe cell phones, used responsibly, have a good place in the bank and need to be handy.
And in Peabody, MA, an FBI investigation resulted in Jeffrey Gautreaux being indicted on 17 counts of bank fraud, one count of access device fraud, and two counts of aggravated identity theft. Gautreaux, a Bank of America teller, sold confidential customer information to others who used the information and stole from the customer accounts. The balance information he could provide allowed "cherry picking" for maximum gain. Gautreaux was employed there from November 2004 to February 2006. He was selling this information and it was being accessed for about a year starting in July 2005.
Accounts that were affected were based in Massachusetts, New Jersey, and New Hampshire. Unauthorized amounts taken from accounts ranged from $2,800 to $38,100. Gautreaux's share was $270,000. Gautreaux could serve up to 30 years in prison followed by five years of supervised release and a $1 million fine on each count of bank fraud. He could also serve 10 years in prison, three years of supervised release, and a fine of $250,000 for the access device fraud charge and two years in prison for aggravated identity theft.
Some of this information may serve as good examples in your next security seminar.
Henry was exiting the bank a few minutes later and found about a dozen local and state police officers waiting for him.
Maybe cell phones, used responsibly, have a good place in the bank and need to be handy.
And in Peabody, MA, an FBI investigation resulted in Jeffrey Gautreaux being indicted on 17 counts of bank fraud, one count of access device fraud, and two counts of aggravated identity theft. Gautreaux, a Bank of America teller, sold confidential customer information to others who used the information and stole from the customer accounts. The balance information he could provide allowed "cherry picking" for maximum gain. Gautreaux was employed there from November 2004 to February 2006. He was selling this information and it was being accessed for about a year starting in July 2005.
Accounts that were affected were based in Massachusetts, New Jersey, and New Hampshire. Unauthorized amounts taken from accounts ranged from $2,800 to $38,100. Gautreaux's share was $270,000. Gautreaux could serve up to 30 years in prison followed by five years of supervised release and a $1 million fine on each count of bank fraud. He could also serve 10 years in prison, three years of supervised release, and a fine of $250,000 for the access device fraud charge and two years in prison for aggravated identity theft.
Some of this information may serve as good examples in your next security seminar.
Wednesday, June 10, 2009
Let's see, 1 + 1 = Dumb
Joseph Wade Northington, 27, of Roanoke, VA went to North Augusta, S.C. last January. When he returned to Virginia he was visiting a friend. The friend recognized Northington as the man he saw in the media, as a suspect in a bank robbery in North Augusta. The authorities were notified.
Northington had a scar on his face and this was a match for the suspect. But what nailed him was MySpace. Northington updated his MySpace page to say "One in the head still ain't dead!!!!!! On tha run for robbin a bank Love all of yall."
He has plead guilty and is now facing a fine of $250,000 and prison for seven years to life.
In Phoenix, AZ Jonathan Hock, 20, has been arrested for sexual assault. The victim was his girlfriend of two weeks. She told police she had passed out and wasn't aware she had been assaulted, until friends of hers said they saw it on the internet. Hock had planted a webcam in her bedroom and drank with her until she passed out. He streamed the video of the rape to the web, and provided commentary about it. When the prosecutor says "film at 11" he means it and Hock will have a difficult time explaining this. The video has been taken down.
And last, remember years ago when email and voice mail users were cautioned not to provide a message of "I'm on a week of vacation and out of town" because it was like painting a target on their property? Israel and Noell Hyman were on their way out of town. Being Twitter posters, they posted messages like "preparing to head out of town," "another 10 hours of driving ahead," and "made it to Kansas City." Isreal now believes these messages were used as clearance for the burglars who stole his video editing equipment from their home in Mesa, AZ.
While many people do think about their email auto-response messages, voice mail messages and not allowing newspapers or mail to build up while they are out of town, they are not considering the affects of social networking.
Technology has to be used wisely. In the first two parts of this post, this was a great result. In the third part, users need to think outside of the box and consider what their messages may say to a thief.
Joseph Wade Northington, 27, of Roanoke, VA went to North Augusta, S.C. last January. When he returned to Virginia he was visiting a friend. The friend recognized Northington as the man he saw in the media, as a suspect in a bank robbery in North Augusta. The authorities were notified.
Northington had a scar on his face and this was a match for the suspect. But what nailed him was MySpace. Northington updated his MySpace page to say "One in the head still ain't dead!!!!!! On tha run for robbin a bank Love all of yall."
He has plead guilty and is now facing a fine of $250,000 and prison for seven years to life.
In Phoenix, AZ Jonathan Hock, 20, has been arrested for sexual assault. The victim was his girlfriend of two weeks. She told police she had passed out and wasn't aware she had been assaulted, until friends of hers said they saw it on the internet. Hock had planted a webcam in her bedroom and drank with her until she passed out. He streamed the video of the rape to the web, and provided commentary about it. When the prosecutor says "film at 11" he means it and Hock will have a difficult time explaining this. The video has been taken down.
And last, remember years ago when email and voice mail users were cautioned not to provide a message of "I'm on a week of vacation and out of town" because it was like painting a target on their property? Israel and Noell Hyman were on their way out of town. Being Twitter posters, they posted messages like "preparing to head out of town," "another 10 hours of driving ahead," and "made it to Kansas City." Isreal now believes these messages were used as clearance for the burglars who stole his video editing equipment from their home in Mesa, AZ.
While many people do think about their email auto-response messages, voice mail messages and not allowing newspapers or mail to build up while they are out of town, they are not considering the affects of social networking.
Technology has to be used wisely. In the first two parts of this post, this was a great result. In the third part, users need to think outside of the box and consider what their messages may say to a thief.
Friday, June 05, 2009
P Poor Prior Planning
In Daytona Beach, FL Tuesday, police arrested two bank robbers who went into he Riverside National Bank and demanded money from a teller. Randall Fredric Walker 38, and Jason Warren Dietrich 35, began their getaway in a Jeep Cherokee. The vehicle however, ran out of gas. The two robbers then fled on foot. Police found the vehicle, which was registered to Dietrich and that lead them to both robbers.
I suppose if they're not smart enough to have gas in the getaway car, we can understand why they'd think robbing a bank was a good idea.
In Daytona Beach, FL Tuesday, police arrested two bank robbers who went into he Riverside National Bank and demanded money from a teller. Randall Fredric Walker 38, and Jason Warren Dietrich 35, began their getaway in a Jeep Cherokee. The vehicle however, ran out of gas. The two robbers then fled on foot. Police found the vehicle, which was registered to Dietrich and that lead them to both robbers.
I suppose if they're not smart enough to have gas in the getaway car, we can understand why they'd think robbing a bank was a good idea.
Wednesday, June 03, 2009
Quality Family Time
They say that eating dinner together, as a family, is quality time. Whoever said that hasn't met the Clements family in Anaheim, CA. They are accused of robbing banks together.
Last January 27 a branch of Bank of the West was robbed. An armed man kidnapped a teller at her home. She was forced to drive to her branch where she called another teller over to her car. The first teller was told to get money from the vault and return to the car, which she did. Both tellers were then driven away and the armed man fled.
A three-month joint investigation between the Anaheim police and the FBI resulted in the arrests of Charles Clements, 48, his wife Tammy, 45, and her son Bryan Bradley, 28. Charles Clements was arrested on suspicion of robbery and kidnapping. Tammy was arrested for investigation of robbery and harboring a felon. Bradley was booked on suspicion of robbery and conspiracy.
The family plotted this robbery by studying the work patterns of the branch employees. It should always be recommended that employees break a pattern of driving the same way, at the same time, to and from work. Opening and closing practices for a branch should not be obvious and should be changed regularly, as well as tested. While bank robberies like this can't all be prevented, they can be made more difficult in hopes that the robbers would move on instead of trying this one.
They say that eating dinner together, as a family, is quality time. Whoever said that hasn't met the Clements family in Anaheim, CA. They are accused of robbing banks together.
Last January 27 a branch of Bank of the West was robbed. An armed man kidnapped a teller at her home. She was forced to drive to her branch where she called another teller over to her car. The first teller was told to get money from the vault and return to the car, which she did. Both tellers were then driven away and the armed man fled.
A three-month joint investigation between the Anaheim police and the FBI resulted in the arrests of Charles Clements, 48, his wife Tammy, 45, and her son Bryan Bradley, 28. Charles Clements was arrested on suspicion of robbery and kidnapping. Tammy was arrested for investigation of robbery and harboring a felon. Bradley was booked on suspicion of robbery and conspiracy.
The family plotted this robbery by studying the work patterns of the branch employees. It should always be recommended that employees break a pattern of driving the same way, at the same time, to and from work. Opening and closing practices for a branch should not be obvious and should be changed regularly, as well as tested. While bank robberies like this can't all be prevented, they can be made more difficult in hopes that the robbers would move on instead of trying this one.
Thursday, May 28, 2009
New Types of Credit Fraud
Investigators are finding that credit fraud is happening in some new ways. In Sacramento, CA one man was found to have "created" unused Social Security numbers. For people who had poor credit, he would sell them one of these numbers and associates at a furniture dealer would create credit histories for them so they could now obtain new loans.
In related news, people who are victims of identity theft are finding that their chances of a loss are increasing. In 2007 only 15 percent of the victims saw unauthorized charges on their debit or credit cards. In 2008, 39 percent saw fraudulent charges.
The Identity Theft Resource Center monitors the effects of identity theft and recently published a report on this.
The most common use of an identity theft victims name is to open new credit accounts. This happens in approximately two-thirds of the cases. Consumers trying to repair the damage of identity theft pay on average $739 for photocopies, police reports, travel and similar expenses, to $951 when they have an existing account with fraudulent transactions. Hours taken to handle all of this ranges from 58 when dealing with cases involving current accounts of theirs, and 165 hours when new credit was opened in the victims name.
The majority of victims discover their identity has been stolen when they receive a billing statement and see the charges, or a discrepancy on a credit report was discovered. About one-third find out they are a victim when a collection agency calls them or they are denied credit.
More information and the report is available on the Identity Theft Resource Center website.
Investigators are finding that credit fraud is happening in some new ways. In Sacramento, CA one man was found to have "created" unused Social Security numbers. For people who had poor credit, he would sell them one of these numbers and associates at a furniture dealer would create credit histories for them so they could now obtain new loans.
In related news, people who are victims of identity theft are finding that their chances of a loss are increasing. In 2007 only 15 percent of the victims saw unauthorized charges on their debit or credit cards. In 2008, 39 percent saw fraudulent charges.
The Identity Theft Resource Center monitors the effects of identity theft and recently published a report on this.
The most common use of an identity theft victims name is to open new credit accounts. This happens in approximately two-thirds of the cases. Consumers trying to repair the damage of identity theft pay on average $739 for photocopies, police reports, travel and similar expenses, to $951 when they have an existing account with fraudulent transactions. Hours taken to handle all of this ranges from 58 when dealing with cases involving current accounts of theirs, and 165 hours when new credit was opened in the victims name.
The majority of victims discover their identity has been stolen when they receive a billing statement and see the charges, or a discrepancy on a credit report was discovered. About one-third find out they are a victim when a collection agency calls them or they are denied credit.
More information and the report is available on the Identity Theft Resource Center website.
Wednesday, May 13, 2009
Social Engineering Provides High-level Access
While this happened in the UK, the question we need to ask ourselves is, "could this happen in my bank?"
A security consultant at Siemens Enterprise Communications, Colin Greenless, used his social skills to not only enter a financial services firm that is listed on the Financial Times and Stock Exchange, but set up office. Being traded on an exchange, you know this wasn't a small company.
A man walking into a bank may be questioned. But a man carrying a clipboard may be able to just walk on through. He obviously has a purpose for being there. Greenless used his social skills to establish a temporary office in a meeting room on the third floor for several days. He had access to many more areas and floors of the building. He had access to store rooms, filing cabinets, confidential data left on desks, and he entered the company's data room, IT and telecoms network.
Greenless posed as an IT staffer. He noted that of 20 employees he called, 17 gave him their usernames and passwords which provided access to the closed network. How do you get in a locked door? You follow another employee while you have a coffee cup in each hand. Your "fellow employees" hold the doors open for you. By the time he was done, Greenless was even on a first name basis with one of the guards. At one point, Greenless even brought in another consultant who was able to do more analysis on the company's network.
You have to ask, what access does a person get to your facilities, and how? What verification procedures are in place to ensure that a person really belongs there? This should be a wake up call to some and a training scenario for others.
While this happened in the UK, the question we need to ask ourselves is, "could this happen in my bank?"
A security consultant at Siemens Enterprise Communications, Colin Greenless, used his social skills to not only enter a financial services firm that is listed on the Financial Times and Stock Exchange, but set up office. Being traded on an exchange, you know this wasn't a small company.
A man walking into a bank may be questioned. But a man carrying a clipboard may be able to just walk on through. He obviously has a purpose for being there. Greenless used his social skills to establish a temporary office in a meeting room on the third floor for several days. He had access to many more areas and floors of the building. He had access to store rooms, filing cabinets, confidential data left on desks, and he entered the company's data room, IT and telecoms network.
Greenless posed as an IT staffer. He noted that of 20 employees he called, 17 gave him their usernames and passwords which provided access to the closed network. How do you get in a locked door? You follow another employee while you have a coffee cup in each hand. Your "fellow employees" hold the doors open for you. By the time he was done, Greenless was even on a first name basis with one of the guards. At one point, Greenless even brought in another consultant who was able to do more analysis on the company's network.
You have to ask, what access does a person get to your facilities, and how? What verification procedures are in place to ensure that a person really belongs there? This should be a wake up call to some and a training scenario for others.
Tuesday, May 12, 2009
Clear the Building before Security Leaves
In Missouri City, Texas, a robbery attempt was made at a Compass Bank branch on Tuesday, April 14. The robber concealed himself in the Men's room until 6:15, well after closing time. Only two female employees were left in the branch.
While the teller drawers hadn't yet been secured, the thief demanded they open the safe. They said they could not as another person was needed for that access. The thief then used a Taser device on one of the women eight times in an attempt to get the safe open. The teller was essentially tortured with eight Taser discharges.
It is important that banks have effective opening and closing procedures. If a security guard was present when the bank closed, the building should have had a thorough walk-through to ensure there were no persons hidden like this. Security should remain as long as employees are present, whenever possible. If clearing the building was the responsibility of the two remaining women, perhaps the walk-through should be conducted earlier when defenses would be better. This man could have easily remained hidden until the morning as well. That is why clearing the building first thing each morning is equally important. Employees need to be reminded and tested on any "all clear" and duress codes used by the branch.
In Missouri City, Texas, a robbery attempt was made at a Compass Bank branch on Tuesday, April 14. The robber concealed himself in the Men's room until 6:15, well after closing time. Only two female employees were left in the branch.
While the teller drawers hadn't yet been secured, the thief demanded they open the safe. They said they could not as another person was needed for that access. The thief then used a Taser device on one of the women eight times in an attempt to get the safe open. The teller was essentially tortured with eight Taser discharges.
It is important that banks have effective opening and closing procedures. If a security guard was present when the bank closed, the building should have had a thorough walk-through to ensure there were no persons hidden like this. Security should remain as long as employees are present, whenever possible. If clearing the building was the responsibility of the two remaining women, perhaps the walk-through should be conducted earlier when defenses would be better. This man could have easily remained hidden until the morning as well. That is why clearing the building first thing each morning is equally important. Employees need to be reminded and tested on any "all clear" and duress codes used by the branch.
Dual Controls
Xu Chaofan was sentenced to to 25 years in prison. Xu Guojun was sentenced to 22 years. They were convicted of racketeering, money laundering and visa fraud. Their wives were charged with passport fraud and with helping their husbands launder money. Their wives were sentenced to eight-year prison terms.
It started as far back as 1991. Xu Chaofan became vice president of a branch of the Bank of China. These bank managers were allowed to approve loans and asset transfers with a single signature. There was no requirement for dual control. In all, the bank lost $482 million as the men went to Las Vegas and Macau where they bet millions at the baccarat tables and spent as much as $4,000 a night on meals.
In 2001 auditors detected an accounting problem. As the theft began to unravel the men went to Plan B. They had false identification papers, married Americans and began naturalization proceedings to stay in the U.S. The two men have been in the North Las Vegas detention facility for five years already as the international case required extensive diplomatic coordination and translations in Mandarin and Cantonese, as well as the cooperation of investigators in Hong Kong, China and the U.S. Lanny A. Breuer, chief of the Justice Department's criminal division, said "We will not allow foreign nationals to abuse their countries' financial systems and then sneak into the United States to live richly off their ill-gotten gains."
Much of this prosecution was made possible because a third perpetrator who was also a bank manager, Yu Zhendong, agreed to plead guilty and assist in the investigation. He was living in Los Angeles but has since been returned to China. He is serving a prison sentence there.
This case exemplifies why dual controls are necessary and that when a problem is hidden and allowed to continue, it only grows in size.
Xu Chaofan was sentenced to to 25 years in prison. Xu Guojun was sentenced to 22 years. They were convicted of racketeering, money laundering and visa fraud. Their wives were charged with passport fraud and with helping their husbands launder money. Their wives were sentenced to eight-year prison terms.
It started as far back as 1991. Xu Chaofan became vice president of a branch of the Bank of China. These bank managers were allowed to approve loans and asset transfers with a single signature. There was no requirement for dual control. In all, the bank lost $482 million as the men went to Las Vegas and Macau where they bet millions at the baccarat tables and spent as much as $4,000 a night on meals.
In 2001 auditors detected an accounting problem. As the theft began to unravel the men went to Plan B. They had false identification papers, married Americans and began naturalization proceedings to stay in the U.S. The two men have been in the North Las Vegas detention facility for five years already as the international case required extensive diplomatic coordination and translations in Mandarin and Cantonese, as well as the cooperation of investigators in Hong Kong, China and the U.S. Lanny A. Breuer, chief of the Justice Department's criminal division, said "We will not allow foreign nationals to abuse their countries' financial systems and then sneak into the United States to live richly off their ill-gotten gains."
Much of this prosecution was made possible because a third perpetrator who was also a bank manager, Yu Zhendong, agreed to plead guilty and assist in the investigation. He was living in Los Angeles but has since been returned to China. He is serving a prison sentence there.
This case exemplifies why dual controls are necessary and that when a problem is hidden and allowed to continue, it only grows in size.
