Skip to content

Security Spotlight: CIP tips, Froggy bandit, fun facts on Facebook, and more!

Welcome to the March Issue of the Security Spotlight

Barry Thompson's Monthly Security Tip

Secure CIP Procedures

Before anyone even heard the term "ID theft," and from the time we conducted our first ID theft workshop, we have advised our clients not to rely on common data to identify an accountholder. But, despite regulatory pressure, many firms in the industry think a cyber attack won't happen to them. Hopefully, the Equifax breach will be the impetus for changing their CIP procedures and practice what we've been preaching for nearly 20 years. Call center staff should avoid relying on the following PII when verifying a customer via telephone, chat, or any other method:

  • Name
  • Address
  • Social Security Number
  • Telephone Number
  • Mother's Maiden Name
  • Employment
  • Past Addresses
  • Financial Account Numbers
  • Children's Names
  • Family Information
  • Birth dates
  • Family pet names

While some customers may get frustrated by the requirement to provide more complex answers, the key to more secure CIP procedures is to base challenge questions and answers on information that no-one else has easy access to on public files or social media and hasn't likely been exposed to a breach.

Most Wanted

Armed, dangerous...and froggy – The popular idiom "If you're feeling froggy, go ahead and jump!" is often used figuratively to describe someone who is hesitant to move forward with a task or goal. A prolific bandit who is suspected of pulling off six bank heists in Oregon didn't hesitate when he literally jumped over bank counters to rob tellers at knifepoint, earning him the moniker "Froggy Robber." Since October, the suspect has hit six banks in and around Portland, and a Wells Fargo bank branch in downtown Vancouver, between 9:30 and 11:00 a.m. The suspect is described as Hispanic, 20s or mid-30s, about 5'3" to 5'5" tall and weighing 130 to 160 pounds. He is considered armed and dangerous. A $30,000 reward is available to anyone who has information leading to the identification, arrest and conviction of the Froggy Robber. The Oregon Financial Institutions Security Task Force (an organization of Oregon banks and credit unions) is contributing up to $10,000 of the reward, with an additional 10,000 offered by the FBI, and another $10,000 from Wells Fargo. Anyone with information about the suspect's identity or location should not hesitate to contact the FBI in Portland at 503-224-4181 or submit a tip at

Check our Bank Robbery page for photos and information on the latest unknown bank bandits, many of them with sunglasses, hats or other head and facial coverings disguising their identity. Enforcing a no hats, hoods and sunglasses policy can help reduce the number of bandits who target your bank. Purchase No Hat Cling signs for all of your branches from the Banker Store.

Hot Topics from the Bankers Forums

You'll find security-related discussions covering sensitive topics in our Private Security forum, where bankers discuss issues out of public view. Discussions last month included included security training and internal access lists. There's also a private forum that invites participation by bankers, regulators and members of law enforcement.

If you have a sensitive question you'd like to get input on, post it now in one of the private forums. If you're a registered user of BOL's Discussion Forums, but don't see the Private - Financial Institution Personnel Only forums near the top of the Forums list, use your bank email address to send an access request to Once your request is approved, you can access the Private Security forum here. If you have a non-sensitive question or topic to share, you can post it for discussion in our Public Security forum.

CrimeDex Alerts

The robbers and crooks and other ne'er-do-wells just keep coming!
It's not uncommon to hear people say that February, the shortest month of the year, always seems longer than all the others. It may be the weather and our yearning for spring. This year it could also be the huge number of BOL CrimeDex alerts that hit our inbox! Over 500 alerts were posted. BOL CrimeDex subscribers can filter the alerts they get, to help them focus on local threats. Here's a sampling of the alerts we received:

  • Early in the month, a New York City detective posted a photo of an unknown male suspect wanted in connection with account takeovers in which he receives customer information from a complicit bank employee and produces counterfeit checks for cashing, apparently at Atlantic City casinos. The detective asked for help identifying the suspect.
  • Santander Bank sought help identifying suspects in surveillance photos (we congratulate the bank on its camera angles) in two separate cases. The suspects are allegedly involved in ID theft and account takeovers.
  • A Georgia sheriff's office posted an alert reporting the arrest of two individuals who were caught with counterfeit credit and debit cards (the banks associated with the BINs on the cards were contacted), offering assistance to any agencies investigating the two suspects.
  • Florence, KY police reported two subjects who had used counterfeit cash to purchase goods at a Walmart in Louisville and returned the items at a Walmart in Florence, then bought more items at the Florence Walmart with counterfeit cash and returned to a Walmart in Cincinnati, OH.
  • The U.S. Postal Inspection Service and Southeast Michigan Financial Crimes Task Force asked for help locating bank accounts in the names of four individuals involved in an investigation.
  • Here's one we haven't seen often -- The Fraud Bureau of the Iowa Insurance Division asked for help with information on three individuals allegedly involved in life insurance fraud. One of the individuals was reported to have died while visiting Africa, but there is information suggesting that he's still alive. Over $500,000 in insurance payments were made based on what appear to have been false reports of his death.
  • Burlington, NC police asked for help identifying a male suspect responsible for attaching a skimming device on a credit union ATM in Graham, NC, and using information obtained with that device to withdraw funds from other ATMs of the same credit union in the area.
  • NYPD detectives posted an alert asking for the identity of a suspect who made unauthorized withdrawals at credit union ATMs in New York and on Long Island using cloned debit cards created with information obtained from compromised U.S. Post Office POS terminals.

BOL CrimeDex subscribers use their subscriptions to identify suspects in surveillance images, gather information they can use in prosecuting thieves and scammers, and learn about criminals and scams in their area. They also pick up information they can use in their security training sessions. If you have access to our private forums, you can find instructions on how to sign up for CrimeDex alerts as a BOL Group member in the second thread of the "Private - FI Personnel Only" forum.

Facebook Blog

Throughout the month, we share news-related incidents on Facebook that can be informative examples for training employees on security issues and more. The busy month of February kicked off with our first post on the first of the month. In case you missed it, following are the details and highlights from some of the most notable posts last month:

  • We began the month on February 1 with a link about a 74-year-old bank robber who stabbed a bank employee and was sentenced to 19 years in prison.
  • We posted a follow-up to a story from last summer about a bank robber who ran from the scene of his crime naked, throwing money away as he fled. Surprisingly, he was found not guilty. Get the details in our February 2 post.
  • Check out the February 5 post for some interesting and "fun facts" about bank robberies.
  • Next up is a post on February 6 that will leave you shaking your head. If all bank robbers did this, we would see a quick decline in crime.
  • With tax season underway, read how banks are contributing to the decrease in tax-related ID theft in the February 9 post.
  • On February 13, we shared a story that is a great example of how training and preparation lead to an arrest within ten minutes of a bank robbery.
  • For a funny outtake from an episode of stupid criminals, see our February 15 post.
  • The February 16 post provides helpful data for training and discussions with your staff, management or the board on where your state ranks in ID theft cases.
  • And our February 20 post is a reminder for staff and customers that adults aren't the only ones at risk for ID theft. Keep reading for more posts about armed robbers, cash rewards, and gangs stealing from banks.

Check out these and all our Facebook posts. And check back throughout the month of March for new posts. Be sure to "Like" the articles so we can continue to post more articles of interest to you. Share our page with your fellow Security Officers and bankers, and ask them to "Like" us so they, too, can keep current on the latest news!

First published on 03/01/2018

Briefing type: 

Banker Tools View All

A collection of useful resources for various areas of the bank which have been developed by members of the BankersOnline staff or have been created and contributed by users of the BankersOnline site.

Banker Tools

Penalties View All

Banker Store View All

From training, policies, forms, and publications, to office products and occasional gifts, it’s available here:

Banker Store

hot right now

image description

Looking for effective, convenient training on a particular subject?

BOL Learning Connect offers more than 200 courses ON-DEMAND or on CD ROM from AML to Reg Z and every topic in between.

Search Briefings

Briefing Archives