Thursday, December 24, 2009
Ho Ho Hold Up
Tis not the season for Santa to be naughty. But in Nashville, TN, a man dressed as Santa robbed a Sun-Trust branch. Santa had his red sack with him as he went in the bank. He pulled a handgun out of the sack and told everyone not to move. He then told a teller to fill the sack with money because he had to pay for his elves.
It doesn’t seem that a “no hat” policy would have worked here. Santa had a hat, sunglasses and a beard in addition to the traditional red and white suit.
Tis not the season for Santa to be naughty. But in Nashville, TN, a man dressed as Santa robbed a Sun-Trust branch. Santa had his red sack with him as he went in the bank. He pulled a handgun out of the sack and told everyone not to move. He then told a teller to fill the sack with money because he had to pay for his elves.
It doesn’t seem that a “no hat” policy would have worked here. Santa had a hat, sunglasses and a beard in addition to the traditional red and white suit.
Thursday, December 17, 2009
Can't un-do the Crime
In an unusual twist of events, the PNC Bank in West Newton, PA received an envelope with money. This wasn't so much a deposit as was a return of money stolen. This bank had been robbed earlier in the month. The FBI suspects it was either the repentant robber or an acquaintance of his who packaged up about 80 percent of the "undisclosed sum" and sent it back. (Tis better to give then to receive, right.)
The FBI says that while the return of the money was the right thing to do, it doesn't un-do the crime. They are looking for evidence in the money and envelope that may help lead them to the criminal who robbed the bank in the first place.
In an unusual twist of events, the PNC Bank in West Newton, PA received an envelope with money. This wasn't so much a deposit as was a return of money stolen. This bank had been robbed earlier in the month. The FBI suspects it was either the repentant robber or an acquaintance of his who packaged up about 80 percent of the "undisclosed sum" and sent it back. (Tis better to give then to receive, right.)
The FBI says that while the return of the money was the right thing to do, it doesn't un-do the crime. They are looking for evidence in the money and envelope that may help lead them to the criminal who robbed the bank in the first place.
Tuesday, December 01, 2009
Text Message - Read it to say "We want to rob you"
Do thieves use technology to rob your customers? If it works, you bet they do. Bankers must remind customers to be ever vigilant. It is one thing to know that an email is a spam and a scam when you don't do business with the sender, but when you get a text message from your bank that says there is a problem, it is not as easy to discount. In Nampa, Idaho, people are receiving text messages concerning their accounts with Mountain Gem Credit Union. They are asked to call a toll-free number. There can't be any harm in that, right?
If the call is placed, your customer may be asked for confidential information that may be used for identity theft and access to their account, and may be charged an exorbitant amount for the "toll-free" call.
What should banks be telling their customers?
- Will you ever contact them via text messaging, if so, when and why?
- How can they easily verify your number?
- Do you post warnings of such scams on your website? (Hint: you should.)
- If they receive a message, how can they verify authenticity?
- If they release information and later believe it may be a scam, what should they do? What guidance do you provide?
One reason this is important is because of the volume of financial crime. The Computer Security Institute's 14th annual security report is due out this week. Here is a peek at what it says:
- Products to protect computer users are fine, but awareness programs are lacking. This can apply to the corporate world as well as the consumer.
- Financial fraud claims are at 19.5 percent in 2009, as compared to 12 percent last year.
- Malware infection are at 64 percent in 2009, and were just over 50 percent last year.
- Denials of service are at 29.2 percent in 2009, and were 21 percent last year.
- Password sniffing incidents are at 17.3 percent, compared to 9 percent last year.
The survey showed significant dips in wireless exploits, 7.6 percent but down from 14 percent in 2008, and instant messaging abuse is also down to 7.6 percent, from 21 percent in 2008. But just because some threats are down, doesn't mean you don't need to prepare for them.
25 percent of the survey respondents said non-malicious incidents caused by insiders were the cause of the majority of their losses. So you also need to protect yourself from the inside out. Average losses per incident cost respondents $234,244. That is a significant cost which is more in line with a breach or theft than text messaging attacks, especially at smaller community organizations. But that begs the question, what amount is an acceptable loss? With adequate prevention, hopefully this number will be zero and scammers will move on to an easier target. When your customer gets burned, they may cease electronic banking in an effort to protect themselves in the future. That mentality will drive your costs back up.
Prevention is a key toward fewer losses and lost accounts, and communication is a major part of prevention.
Do thieves use technology to rob your customers? If it works, you bet they do. Bankers must remind customers to be ever vigilant. It is one thing to know that an email is a spam and a scam when you don't do business with the sender, but when you get a text message from your bank that says there is a problem, it is not as easy to discount. In Nampa, Idaho, people are receiving text messages concerning their accounts with Mountain Gem Credit Union. They are asked to call a toll-free number. There can't be any harm in that, right?
If the call is placed, your customer may be asked for confidential information that may be used for identity theft and access to their account, and may be charged an exorbitant amount for the "toll-free" call.
What should banks be telling their customers?
- Will you ever contact them via text messaging, if so, when and why?
- How can they easily verify your number?
- Do you post warnings of such scams on your website? (Hint: you should.)
- If they receive a message, how can they verify authenticity?
- If they release information and later believe it may be a scam, what should they do? What guidance do you provide?
One reason this is important is because of the volume of financial crime. The Computer Security Institute's 14th annual security report is due out this week. Here is a peek at what it says:
- Products to protect computer users are fine, but awareness programs are lacking. This can apply to the corporate world as well as the consumer.
- Financial fraud claims are at 19.5 percent in 2009, as compared to 12 percent last year.
- Malware infection are at 64 percent in 2009, and were just over 50 percent last year.
- Denials of service are at 29.2 percent in 2009, and were 21 percent last year.
- Password sniffing incidents are at 17.3 percent, compared to 9 percent last year.
The survey showed significant dips in wireless exploits, 7.6 percent but down from 14 percent in 2008, and instant messaging abuse is also down to 7.6 percent, from 21 percent in 2008. But just because some threats are down, doesn't mean you don't need to prepare for them.
25 percent of the survey respondents said non-malicious incidents caused by insiders were the cause of the majority of their losses. So you also need to protect yourself from the inside out. Average losses per incident cost respondents $234,244. That is a significant cost which is more in line with a breach or theft than text messaging attacks, especially at smaller community organizations. But that begs the question, what amount is an acceptable loss? With adequate prevention, hopefully this number will be zero and scammers will move on to an easier target. When your customer gets burned, they may cease electronic banking in an effort to protect themselves in the future. That mentality will drive your costs back up.
Prevention is a key toward fewer losses and lost accounts, and communication is a major part of prevention.
