Issued by FDIC
Security Spotlight: Disaster planning, an old twist on a new robbery, and more!!
Welcome to the July Issue of the Security Spotlight
Barry Thompson's Monthly Security Tip
Hurricanes...and other natural disasters!
We are entering the season when hurricanes and other natural disasters can strike. What should your institution do to prepare for these potentially catastrophic events?
I encourage all financial institutions to have a specific designated meeting place for staff in the event of a disaster, e.g., the main office or a disaster recovery location. Most financial institutions have solid buildings that will survive almost any event. The institution should keep non-perishable food and supplies on hand, and supplement its food supply in a disaster situation as soon as it can. If employees know they have a safe haven at your location, they are more likely to come there and bring their families. Partnering with a local licensed daycare center to set up emergency childcare for your staff is recommended. Providing for your employees will enable the institution to open for business as soon as possible after the event to accommodate customers who will need cash to purchase basic necessities. Staff members need to know that your institution stands behind them and will take care of them. In the wake of Hurricane Katrina, the institutions that recovered the fastest were the ones who had disaster recovery plans in place that included providing for their employees and their families.
Most Wanted: Captured and Released
Guilty until proven innocent...A shocking turn of events in an old bank robbery case highlights the importance of positive identification of bank robbery suspects. Gary Bush was arrested in November 2006, at his parents' home in Covington, VA, following two area bank robberies and three different bank tellers picking him out of a photo line-up – after Bush's photo had been shared in the local news. Despite his repeated claim of innocence throughout the trial, neither a jury in Petersburg nor a judge in Prince George believed him, and Bush was sentenced to ten years in prison. For more than nine years, Bush sat in a jail cell and hoped for a miracle. That miracle arrived when, less than a year before his release date, Christian Amos turned himself in for robbing the two banks that Bush was convicted of robbing. On May 17, 2016, Amos – prompted by his guilty conscience – dialed 911, reached a communications officer with the Prince George County Police Department, and said he wanted to turn himself in for committing some bank robberies. When he provided his name to the dispatcher, she told Bush, "We're not looking for you." He said, "I know you're not because I've never been caught." The remorseful 63-year old Amos – who had no idea an innocent man had been serving time for the crimes he committed – is now himself behind bars, sentenced to 12 years. Bush, 67, is a free man after nearly a decade in prison. He returned to his family home near Covington on geriatric parole and hopes to win a formal exoneration from the Virginia Court of Appeals.
Check our Bank Robbery page for photos and information on the latest unknown bank bandits, many of them with sunglasses, hats or other head and facial coverings disguising their identity. Enforcing a no hats, hoods and sunglasses policy can help reduce the number of bandits who target your bank. Purchase No Hat Cling signs for all of your branches from the Banker Store.
Hot Topics from the Bankers Forums
Security topics were limited to the private forums in June, with no new discussions posted in the public Security forum. If you have a non-sensitive question or topic to share, you can post it for discussion here. You'll find active discussions on sensitive security topics in our "Private Security Forum," where bankers discuss issues out of public view. There's also a private forum that invites participation by bankers, regulators and members of law enforcement.
The private forums are the place for security officers to discuss hot topics like fraudulent bill pay checks, password requirements and how often they must be changed, telecom relay services, ATM skimming, and more. If you're a registered user of BOL's Discussion Forums, but don't see the Private - Financial Institution Personnel Only forums near the top of the Forums list, use your bank email address to send an access request to firstname.lastname@example.org. Once your request is approved, you can access the Private Security forum here.
Highlights from June's BOL CrimeDex inbox — Summer has officially arrived, and there's no letup in fraud, scams, robberies or any of the other nefarious goings-on that BOL CrimeDex alerts cover. Here are some of the highlights (and low) that appeared in our inbox in June.
- The San Diego DA's office sought leads on deposit accounts for suspects involved in a worker's compensation fraud case.
- Newark, Delaware, police asked for help locating accounts of two women involved in a Publisher's Clearinghouse scam that defrauded an elderly woman of over $50,000.
- Montgomery County, Maryland, police asked for help in identifying a "felony lane" ID theft suspect who cashed checks at remote drive-up lanes using an ID stolen from a locked car.
- Police in Morgantown, Pennsylvania, sought information about credit card skimmers similar to one they located in an area store.
- Brookfield, Wisconsin, detectives reported three incidents in which a suspect identified himself as a family member of an elderly victim, claiming he had been arrested and needed money wired to a bail bondsman.
- The Polk County (Florida) Sheriff's Office asked financial institutions with accounts of a suspected endangered person to contact a detective if they have evidence of any account activity.
- Pooler, Georgia, police asked for assistance in identifying any accounts associated with two individuals suspected of involvement in a credit card fraud totaling over $100,000.
- And in our "wouldn't you think this looks suspicious" department, Newport, Kentucky, police asked for help tracking down an individual who has been "buying random gift cards from AAA locations" with some purchases "around $11,000 for each transaction."
In addition to the invaluable assistance that BOL CrimeDex alerts can provide in identifying criminal suspects are the scores of examples of behavioral "red flags" that a security officer can use to drive home the security message to staff members in training sessions. If you have access to our private forums, read the "CrimeDex Service FREE" notice in the second thread of the "Private - FI Personnel Only" forum.
Throughout the month, we share news-related incidents on Facebook that can be informative examples for training employees on security issues and more. Summer is heating up and so is security-related activity in the financial industry. We shared some great posts last month. If you missed them, you can still catch up on these June news events:
- It was a late start to the month, with our first post on June 9. The incident we shared is an important reminder that when preparing your robbery response procedures and you have more than one branch, you may want to include a plan for multiple robberies in one day.
- When a bank robbery occurs, you don't know the mindset of the suspect; some of these criminals aren't afraid to die. Your goal should be to get them out of the bank as quickly as possible without anyone getting hurt. Our June 13 post emphasizes that the police are better equipped to stop the robber than a bank employee is.
- More and more states are allowing their citizens (a.k.a. your customers) to carry weapons, concealed or open carry. What is your bank's policy on weapons in the branch? Read the second June 13 post, which highlights the risk of banks' allowing customers to bring weapons into the branch.
- Our June 14 post about an armored truck robbery outside the bank is a reminder that your robbery response plan should cover external events as well.
- Also on June 14, we posted a link to "10 Scams Targeting Your Bank Customers" from the FDIC. Educate bank customers and staff to help mitigate these threats. Check out the June 27 post that follows to see why it's important to do so.
- On June 21, we shared two links to stories that are prime examples of how good photos can lead to valuable tips and arrests. Don't forget to check those camera angles to get the best shots!
- When educating your customers about scams, remind them that mobile devices are also at risk. Our June 23 post has some great information to share with your customers about mobile malware.
- On a related note, we shared the FBI's 2016 Internet Crime Report on June 23, which highlights the latest online fraud trends and how losses happen so you can prevent them.
- In the future, Girl Scouts may have more to offer than just cookies. Read the link we shared on June 26 about Girl Scouts and cybersecurity.
- And our June 27 post provides an unfortunate reminder that even educated, wealthy and "fraud-savvy" customers can fall for today's sophisticated scams.
Read about these and other informative topics on our BOL Facebook page. After you catch up on those June postings, check out the page throughout the month for new posts. Be sure to "Like" the articles so we can continue to post more articles of interest to you, and share our page with your fellow Security Officers and bankers, and ask them to "Like" us so they, too, can keep current on the latest news!
First published on 07/05/2017