Issued by FDIC
Security Spotlight: Vendor fraud management, armed robber on the lam, and more!
Welcome to the October Issue of the Security Spotlight
Barry Thompson's Monthly Security Tip
Vendor fraud, a key fraud category that should be on your watchlist, may be committed by vendors acting alone or in collusion with your employees. Vendors and employees may work together on the purchase of goods or services at a higher price, for which the employee is compensated by the vendor. Or employees may accept misappropriated funds from vendors for facilitating fraud. We recommend you provide your bank's vendors with contact information for your security or fraud department. If someone in your financial institution is asking for kickbacks or special consideration from a vendor/supplier and it is against your ethics policy to do so, this may be the only way you find out it.
Hero or Hostile Hindrance?
A violent takedown robbery involving an off-duty police officer shooting has the FBI searching for a dangerous, armed suspect – and has an LEO defending his heroic efforts. Malcolm Lorenzo Jones entered a Key Bank branch, pointed a handgun at the ceiling, ordered everyone in the bank to the floor, and demanded money from a teller. While waiting for the money, Jones went back to the door to let his accomplice – his brother Nelson Jones – in to give him a hand with the heist. He also inadvertently gave access to off-duty police officer Carl Rauschenberger, who happened to be going into the branch at that time. Jones fired at the officer and a shootout ensued, with Jones leaping behind a bank counter, and the two brothers running away. While no bank staff or customers were injured during the exchange of gunfire, Malcolm was reportedly wounded during the shootout, and is currently being sought by the FBI, who believes he may be in Chicago. Nelson Jones was subsequently arrested. A $10,000 reward has been offered for information that leads to the arrest of 21-year-old Malcolm Jones. Anyone with information is urged to contact Cincinnati Crime Stoppers at 513-352-3040.
In the wake of the robbery, Rauschenberger was hailed by prosecutors as a hero who acted properly. The bank's reaction was less enthusiastic. Rauschenberger told prosecutors that the bank called him and told him that they no longer wanted his business because he had traumatized the bank customers and employees. A bank spokesperson denied that allegation when questioned by local reporters. When prosecutors again questioned the bank about Rauschenberger's written statement – saying he received a call from the head of Key Bank security informing him that the patrons and employees of the bank were very traumatized by the events of the holdup and exchange of gunfire, and asking him to refrain from doing business at that bank – the bank's spokesperson responded "We have nothing further to add. We are reaching out to our client to discuss the matter further." What would your bank's response be in this situation?
Check our Bank Robbery page for photos and information on the latest unknown bank bandits, many of them with sunglasses, hats or other head and facial coverings disguising their identity. Enforcing a no hats, hoods and sunglasses policy can help reduce the number of bandits who target your bank. Purchase No Hat Cling signs for all of your branches from the Banker Store.
Hot Topics from the Bankers Forums
Security topics last month were limited to the private security forums. If you have a non-sensitive question or topic to share, you can post it for discussion here. You'll find active discussions on sensitive security topics in our "Private Security Forum," where bankers discuss issues out of public view. There's also a private forum that invites participation by bankers, regulators and members of law enforcement.
The private forums are the place for security officers to discuss topics like banks in a holding company sharing information; staff, internal controls and the "2 weeks absence" rule; a drive-thru robbery; mutilated currency issues, and more. If you're a registered user of BOL's Discussion Forums, but don't see the Private - Financial Institution Personnel Only forums near the top of the Forums list, use your bank email address to send an access request to email@example.com. Once your request is approved, you can access the Private Security forum here.
Could your bank or customers be the victim of scams like these? —
In early September, Montgomery County, Maryland, police posted an alert about a $180,000 counterfeit check paid from a HELOC at a major regional bank. Apparently, the individual to whom the check was payable has also been involved in other fraud events. One wonders whether a timely check of the signature on that check would have prevented the paying bank's loss -- and a lot of aggravation. Meanwhile, on the west coast, Pasadena, California, police posted photos of a suspect involved in a washed-check fraud at a Bank of America office. Other alerts posted in September included:
- Columbia County, Florida, Sheriff's Office's attempt to identify suspects who opened new Walmart credit card accounts using stolen IDs, and purchased popular consumer electronic hardware that was later sold for cash.
- An alert from the Santa Barbara, California, Sheriff's Department seeking account information for a kidnapping suspect and victim.
- A warning from Ray City, Georgia, police about "motion picture" money -- "prop" $20 and $100 bills sold to studios for use in movies -- that was being passed to businesses in the area.
- A Naperville, Illinois, police report of an elderly woman who was scammed into using MoneyGram to wire $2,425 for what she believed was bail money to get her grandson out of jail. The report included photos of a suspect who picked up the funds at a MoneyGram location in a West Haven, Connecticut, Walmart. Is your financial institution alerting its older customers about scams like this?
- SunTrust Bank (Florida) posted a photo in a request for help identifying a thief who has been depositing fraudulent checks into a SunTrust account.
- An alert from the San Diego field office of the Secret Service reporting the recovery of a skimming device from a gas pump in La Mesa. Card issuers handling fraud cases reflecting activity at that location in transaction history may be looking at counterfeit card activity.
- And, speaking of skimmers, an investigator at a Wisconsin bank reported that the Badger State has a new law providing for criminal penalties for possession or use of a skimmer and providing civil immunity for unknowing sellers of fuel or owners or servicers of ATMs if their pumps or ATMs are used to "host" skimming devices.
In addition to the invaluable assistance that BOL CrimeDex alerts can provide in identifying criminal suspects, there are scores of examples of behavioral "red flags" that a security officer can use to drive home the security message to staff members in training sessions. If you have access to our private forums, read the "CrimeDex Service FREE" notice in the second thread of the "Private - FI Personnel Only" forum.
Throughout the month, we share news-related incidents on Facebook that can be informative examples for training employees on security issues and more. Bank robberies, counterfeit cash, embezzlement and more of what keeps you up at night (and gets you out of bed in the morning) hit the headlines in September. We've highlighted some of the most notable posts from last month:
- Some bank robbers are skilled at more than just robbing banks. The post we shared on September 5 is a reminder to be alert for unexpected confrontations.
- The September 6 post about three Federal Home Loan Bank of Dallas executives who are accused of defrauding the FHLB of $1.2M (in travel expenses) going back to 2008 highlights the need for internal fraud controls.
- Despite the rise in digital payments, cash remains a viable method of payment – and target for fraud. How long has it been since your frontline staff has been trained in detecting bogus bills? Our September 7th post provides tips on detecting counterfeit currency.
- Consumers aren't the only ones at risk for ID Theft. We share some excellent tips on September 11 on how commercial customers can prevent ID theft.
- Bank robbers will often request a specific amount of cash. In the interest of time, the suspect in our September 11 bank robbery post was willing to settle for less.
- Your employees and customers (and your bank) may have a lot of questions in the wake of the Equifax breach. On September 14, we shared a link to some answers from the CFPB.
- On September 14, we posted a story in which the domino effect that started with a gunshot led to a flood, pot, skimmed cards and counterfeit bills.
- In the "things that make you go hmmmm" category, what went through one man's mind after he was jailed for fraudulent checks and then used one of those for bail? Read this incredible story in our September 15 post.
- Adults aren't the only ones stupid enough to rob banks. Our September 19 post is the story of a 15-year-old pursuing a career in bank robbery.
- Does your bank robbery training include first aid for general wounds and/or or pepper spray? A story we shared on September 20 highlights why it should.
- In bygone days, the media reported bank robbers' getting away with an "undisclosed amount of money." Today, many news articles include the bandit's take, as was the case when the robber in a September 21 post we shared was armed with a knife and made off with $50K.
Visit our BOL Facebook page to catch up on more posts from last month and all the latest news. Be sure to "Like" the articles so we can continue to post more articles of interest to you, and share our page with your fellow Security Officers and bankers, and ask them to "Like" us so they, too, can keep current on the latest news!
First published on 10/03/2017