Security Spotlight: Poor planning, surprise SWATting, and more! 

Best Laid Plans...

Real Charges for fake robbery plot

Veteran bank robber Otis McAllister was serving a 37-year federal prison term in Greenville, IL for a series of bank robberies he plead guilty to in 2006. With nothing but time on his hands, Otis hatched a plan that he hoped would reduce that time - a plan that backfired and earned him more time at FCI Greenville. Soliciting the aid of two relatives, Otis planned a heist targeting a St. Louis County bank. His goal was not a bank robbery at all but a set up to have the two men arrested by reporting the robbery to federal authorities and in turn reaping the reward of a reduction in his own sentence. When the case went to trial, defense lawyers for McAllister's patsies argued since it was an imaginary crime with imaginary players, their clients were not guilty. But phone calls, letters, emails, a gun and other evidence pointing to the planned robbery incriminated Otis McAllister and his willful accomplice, Ray Bassett. Bassett confessed to his role in the scheme and also admitted to robbing a bank with McAllister in 2000. Otis was convicted on solicitation to commit a crime of violence in the same federal court that awarded his current sentence. Bassett was found guilty of bank robbery conspiracy and gun charges (not on attempted robbery). The planned heist might have been fake but the charges are very real. Anthony McAllister - the only one of the trio who was allegedly unaware of the pseudo plan - was acquitted of conspiracy and attempted bank robbery.

Things don't always go as planned

No matter how much time, effort and creativity they exhaust in planning a bank robbery, some criminals just can't pull it off. From an unnamed wanna-be bandit in Tehran who tried to rob a bank disguised in a cloak of invisibility to Albert Bailey, who thought he would have better luck if he called ahead to have the stolen cash ready when he arrived, check out ten of the worst bank robbery plans reported.

Swatting, stealing and shooting

Cybercrime reporter is physically "Swatted"

One of cybersecurity's most renowned journalists is a bullseye target for cyber attacks in retaliation for his Krebs on Security blog that has helped track and take down criminals with his investigative reporting that includes publicized detailed criminal evidence. He doesn't just write about what the crooks are doing, he displays the evidence on his site. Following a DDoS (distributed denial-of-service) cyber attack, the threat against Krebs reached beyond cyber space to his personal space last month when he was "swatted." Swatting is when someone tricks authorities into dispatching law enforcement units based on a false report. Krebs opened the door to his home and found himself surrounded by a SWAT team with guns drawn on the reporter, who thankfully had the foresight to report this potential threat to authorities last year when he suspected he might be targeted by just such an attack. Your bank executives or other staff in positions of authority may be at risk for personal attacks from disgruntled customers. Conduct regular physical security training to make them aware of the risks and how to protect themselves from personal physical threats.

I know him!

Few people have ever heard of Steubenville, Ohio, until a recent highly-publicized violent crime case swarmed the news. While the locals are dealing with the aftermath of that crime, staff at a local Huntington Bank branch are recouping from a crime that hit even closer to home for them. A teller at the branch was approached by a man demanding cash. When she didn't give up the cash right away, the thief jumped over the counter and gathered the loot himself. Two people who saw the surveillance photos shown by the media identified Damion Sacripanti as the person in the photos due mostly to the appearance of a black eye the suspect was known to have. With this information police were able to focus their search on Sacripanti, who was arrested about 12 hours following the robbery. Sacripanti told authorities he used the cash to buy heroin in Steubenville. At the time of his arrest he only had $58 of the alleged $1,000 take left.

Not such a glory morning

While some early bird bankers may have anticipated a quiet Saturday morning when they arrived at their branch in Abington, PA at 6:45 AM on Saturday, March 23, they were greeted with anything but peace and quiet. As one of the employees went out to let another arriving employee inside the lobby door, an armed, masked man rushed them. The employees were able to quickly close and lock the door, but the glass door didn't stop the bullet fired at the door by the robber. As the door shattered, the man entered the bank and grabbed the employee inside, releasing the employee before escaping through a back door. The bank wasn't scheduled to open until 7:30 a.m. so we assume the vault was still locked and the teller drawers still secured since the bandit reportedly fled without any loot.

Man's best friend is bandit's worst enemy

It's one thing to watch a movie and see people get shot when you know it's all make believe. When it's real, that's a different story, even when it's an animal instead of a person that gets caught in the crossfire. In Buckeye, AZ police were tracking a bank robber when they sent a trained K-9 to chase him down. When the bank robber shot the dog, officers fired back. Thankfully the brave canine's leg was only grazed and he'll make a full recovery. The suspect was not so fortunate - he was killed in the incident.

Five ways to be "robbed"

In many ways banks and credit unions are very similar, especially when it comes to ways to steal from one. This article examines five common ways that your bank or credit union can lose money via fraudulent activity. This article is worth a read and should provide some excellent points when conducting security training for employees or customers.

Hot Topics from the Bankers' Threads

In the public accessible threads one banker has asked about retention - how long do you keep reports of entry, as an example? As is often the case, the conversation expanded to how many cameras might be used and the storage capacity to meet the needs of all this data. Weigh in on the discussion here, keeping in mind this discussion is in a public forum and should remain generic.

Last month's discussion on when banks train new hires continues.

We also have a "private" security forum for discussion of more private, sensitive topics. That is where security officers were discussing the Abington "morning glory" robbery mentioned in the security shorts section of this edition. Additional discussions are taking place on ID theft, security manuals, 314a matches and security procedures for the executive offices and more.

To comment in Bankers' Threads you must be a registered user. You can register here. If using your bank email account, you will be given access to the private forums. The Private area is a group of forums under the heading "Private - Financial Institution Personnel Only." The Private forums do not include access to Bankers Hotline or Compliance Action, premium content areas that require paid subscriptions to those respective publications.

If you are already registered for the Threads, but don't yet have access to the private forums, using your bank email address send a request for access to andyz@bankersonline.com. Please verify that you do not yet have Private access. Once your registration request is approved, you can access the Private Security forum here.

CrimeDex alerts get the word out

Police in Irvine, California, got March off to a strong start with a CrimeDex alert asking for help identifying an ID theft suspect wearing a blue wrist brace. They were closely followed by another ID assistance request from across the country in Rock Hill, South Carolina, where police were investigating a series of fraudulent ATM withdrawals. A California credit union reported on its investigation of an account takeover in which an elderly couple's accounts were drained of $60,000 when ID thieves gained fraudulent online access, diverted bank statements and sent out funds via ACH, bill-pay and transfers to PayPal accounts.

Counterfeiting, of course, continues to be a popular method for separating money from its lawful owners. The Purdue (Indiana) Federal Credit Union posted an alert warning of counterfeits of their Official Checks in circulation. Counterfeit credit cards were the subject of an alert from the Milwaukee Police Department. And counterfeit cash was reported by a sheriff's office in North Carolina.

Each month there are scores of new CrimeDex alerts with information you can use to help protect your institution from criminals. There are also plenty of ideas for fresh examples you can use in security training for your staff members. Keep up on the latest scams, crimes and other threats facing your bank and other businesses with a free subscription to BOL CrimeDex

Have you been visiting our BOL Facebook page? Make sure you check us out for lots of great information that can be useful to you and that you can share with others or use in your employee security training. For instance, our March 27th post concerns a robbery involving a hostage situation. You may recall a highly publicized robbery near Houston, TX that took place at the end of 2010. Two of the three robbers recently stood trial during which the witnesses gave a chilling testimony that any veteran bank employee could imagine - but hopes never happens to them. The post provides a link to the story. Spoiler alert: the two bandits were found guilty.

Are you using social media? We shared a story on March 26th of one woman who overheard what she felt was an inappropriate conversation by two men at a conference she was attending. She posted their picture in a tweet complaining about it. Thousands of people "liked," disliked and commented on the conversation and her Twitter posting; in the end, two people lost their jobs.

Does your position ever entail the collection of debts? If you are tasked with helping collect restitution or other payments you may be interested in the FDCPA post from March 19. A court ruled that while this collection letter contained all the required information it was supposed to, it was deceptive because of the way it was composed. Read about these topics and more on our Facebook page. Be sure to "like" the articles so we can continue to post more articles of interest to you!