Issued by FDIC
BankersOnline Security Spotlight
A policy your bank should consider is to never allow staff members to accept personal gifts from account holders.Stalkers many times begin by giving gifts to staff members.Tellers are especially vulnerable to someone who thinks friendly service really means "I like you or I love you."By not permitting the acceptance of gifts, you can help avoid this problem and keep your tellers safe.
Don't forget to set your clocks back an hour on Sunday, November 6th, when Daylight Saving Time ends. Remember to adjust your vault times, check desktops, laptops, cell phones, cameras, security VCRs and any timed device that may not reset automatically.
Training WebinarsFFIEC Supplement to Authentication Guidance
November 3 —
by Paul Carrubba and Dan Fisher
The FFIEC has published a Supplement to the 2005 Guidance entitled "Authentication in an Internet Banking Environment." All financial institutions are expected to comply with this new Guidance beginning in January 2012 when the examiners have been directed to formally assess financial institutions under the enhanced expectation outlined in the Supplement. This webinar will assist your organization in understanding the requirements of the Guidance and will aid your organization in developing an updated security process to implement and comply with the new requirements.
Consumer and Small Business RDC Mobile Capture . . . Deposits on the Move!
November 16 —
by Paul Carrubba and Dan Fisher
If your financial institution is about to offer or considering extended remote deposit capture for small businesses and consumers, you need to be aware of the unique added risks involved in that market. Regulators will expect you to have completed a thorough risk analysis and prepared a risk mitigation program for the expanded client base. This webinar will review the risks that consumers and small businesses present, and provide the information you need to ensure you'll be able to analyze and manage the risks to protect your institution.
Managing and Reporting Fraud
by Susan Orr
Fraud losses have been around since the beginning of time. The difference between now and then is that there are more ways to steal from a financial institution today. You must have a program in place to combat fraud losses. You must be proactive and not reactive, which is not to say you don't need to react quickly when you hear of a new way money can be lost. This program is about defining your key strategies to help you detect, control and prevent fraud losses.
in the Banker Store
"Social Engineering" - What The Red Flags Missed
Identity Theft Prevention Review and Update
Identity Theft and Data Security
Welcome to the November issue of Security Spotlight
In this month's Security Spotlight, read about bandits fulfilling their needs, cartoon-like capers, culturally diverse crimes, and terroristic threats. Barry Thompson shares a seasonal security tip as we approach the holidays. There is good news about alerts & counterfeits, and a recent CrimeDex alert makes a strong case for online bill pay (find out how you can get FREE access to CrimeDex).
Stealing for Sustenance
Hungry after his heist...Note to aspiring bank robbers: fleeing a bank robbery after your heist generally means getting as far away as possible as quickly as you can.Stopping for lunch next door to the bank you just robbed may not be the best laid plan. It definitely didn't work in 56-year-old Henry Elmer's favor. Elmer visited the Wells Fargo bank located in a mini-mall in Yuma, AZ, produced a box-cutter knife, demanded cash, and "fled." It's unclear if his plan was to stay close to the bank because he thought it was the last thing anyone would expect or if he just got hungry. But Elmer went across the parking lot and sauntered into a nearby pizza parlor, ordered a beer and pizza (paid for with some of the bank's money) and calmly sat down to have lunch. And did we mention that the bank and the pizza parlor are located next to the Yuma Police Station? Police located Elmer within ten minutes, before he'd gotten a chance to eat his pizza. So the-rob-a-bank-near-a-police-station and then-have-lunch-nearby getaway plan is a fail. Yuma police arrested and charged the hungry bandit on a variety of robbery and theft-related charges.
I must pay the rent!
There is an old vaudeville routine where the villain says to the damsel in distress "You must pay the rent!" The damsel cries, "But I can't pay the rent!" and the villain says again "You must pay the rent!" The damsel repeats that she can't pay the rent, and then the hero steps in and says "I'll pay the rent!"When 21-year-old Matthew Joseph McInnis couldn't pay his rent, he felt his only option was to steal what he needed from the bank. He typed up a demand note, put on a sweater, hat and aviator->
Check our Bank Robbery page for photos and information on all the latest robbery suspects. 51 bank bandits with identities unknown fill our suspects gallery this month.One, in a bandana and obviously fake beard and mustache, looks like he was dressed for Halloween a bit early. Five of the robbers evidently didn't get the "wear a hoodie, glasses, or a ball cap" memo.Most look like they would blend in anywhere - but someone has to know these folks.Maybe you bank with one of these characters.Circulate these photos and help get these bad boys (and gals) off the streets.
Rub-a-dub Robber - In most cases, bank robbers will try to blend in so they don?t stand out from the crowd. In Houston, TX, a female bank robber looked more like she was heading to a spa than pulling a heist when she walked into a Lonestar bank wearing a purple shower cap and pajamas. The unkempt crook was underdressed for the local discount store, much less a bank.Did we mention that aside from the comical outfit, instead of a hair dryer she was carrying a semi-automatic pistol?
Mr. Magoo Surrenders - The cartoon character Mr. Magoo is a short-statured retiree who gets into a series of sticky situations as a result of his nearsightedness, compounded by his stubborn refusal to admit his shortcomings (pun intended). An undisguised bank robber in California was dubbed the "Mr Magoo" bandit for his likeness to the cartoon character with thick glasses and short hair. Suspected of robbing a dozen banks, he would give the teller a note, warn them against giving him a dye pack, and sometimes thank them when he left. This real life Mr. Magoo, aka Scott Larson, came clean about his crimes and turned himself into the FBI in mid-October.
ID Theft - an International Crime -When it comes to cultural diversity, perhaps we could learn a few things from criminals. In October, a federal investigation dubbed "Operation Swiper" resulted in 111 indictments of people from five criminal enterprises in Queens, New York. Police were eavesdropping on thieves speaking Russian, Mandarin and Arabic as they made the biggest identity theft bust in U.S. history.The Feds' two-year investigation revealed enterprises with ties to larger syndicates in Africa, Europe, the Middle East and eastern Asia. Authorities seized $650,000 in cash, Apple computer products worth tens of thousands of dollars, $850,000 worth of computer equipment stolen from the Citigroup Building in Queens, seven handguns and a truck full of electronics, computers, designer shoes, watches and identity theft equipment. The alleged crime ring received blank credit cards from suppliers in Russia, Libya, Lebanon and China and hired "skimmers," who were waiters and retail shop workers, to collect data from genuine cards. That data was sent to a "manufacturer" who programmed the magnetic stripes of the blank credit cards. The thieves also used card printing machines to forge credit cards and state driver's licenses to match them.
Bomb threat for a fee - Elke Julia Martin was talking to a customer service representative from U.S. Bank when the call didn't go so well. Martin had just discovered she was being charged a new fee on her checking account. She accused the bank of "ripping her off." The call took a turn for the worse when Martin allegedly told the customer service rep she was going to go to the bank with a bomb to blow it up. Martin later told police she only said that she was thinking about it, but never said she was actually going to do it. Threatening the use of explosives is a felony punishable by up to five years in prison. State law says someone can be found guilty of the crime if a person "conveys any threat...concerning an attempt or alleged attempt being made or to be made to kill, injure, or intimidate any individual or unlawfully to damage or destroy any building, vehicle, or other real or personal property by means of any explosive material or destructive device commits the offense of threatening the use of explosives." Martin might want to brush up on the legalities of her threats before she makes them.
Loan denial met with a threat - Joseph Field applied for and was subsequently denied a loan at the Robins Federal Credit Union. When the 21-year old alleged Macon, GA gang member- dressed in black with a black bandana hanging from his back pocket, a known gang flag according to local police - was denied his loan, he reportedly threatened to return to the credit union with a .45 caliber Glock and "pick off" every employee in the branch. He refused to leave the branch at the request of the bank manager and police were called to the scene.Even while in police custody, he said he and his "homies" were going to return and shoot the employees if he didn't get a loan.Fields is charged with making terroristic threats, participation in a criminal street gang and criminal trespassing.
Splash and dash bandits -Copying the 2010 crime film "The Town," five men have been robbing ATMs and cash drawers and pouring bleach on them to cover their tracks. Four of the five have been arrested based on a tip the police received. The bleach wasn't successful in protecting them from identification. Police were able to link the men to the 62 locations they hit where $217,000 in cash, laptops, lotto tickets and two jukeboxes were stolen.
Robberies are dangerous, so are getaways - Two men robbed a ChoiceOne Bank branch in Ravenna, MI. They allegedly forced employees and customers into an office and ordered employees to open the vault. A customer at the drive-in saw what was happening and called 911. The men initiated their getaway in an SUV at high speed, reaching 100 MPH. Trevor Slot, a Walker court officer, was putting devices in the road to deflate the tires of the SUV when the thieves appeared to aim their vehicle for Slot, hitting and killing him before losing control of their vehicle and crashing. The two men got out of the SUV armed with weapons and fired at officers on the scene. Both suspects were shot to death.
Alerts & Threads
Have the Alerts and Counterfeit Alerts been fewer this year than last? Absolutely...and that is good news. In the first three quarters of 2010 we received 137 alerts. For the same period in 2011 we have received only 23. Six alerts came through in October, which included five counterfeit cashier's checks and one counterfeit bank money order.This is on par with October 2010 when there were also six reports involving counterfeit cashier's checks, official checks, Treasurer's checks and bank checks in general. There is no geographic pattern to this October's alerts which were from GA, VA, MI, LA and CO.
If you are looking for peer-to-peer discussions with other security officers, the public security forum has a discussion on the use ofvisitor logs, handling protest demonstrators in front of branches and more.
The Private Forum also has a security section where more sensitive discussions take place over things like bait money, backing up security camera videos, and blocking international debit card transactions.All these topics and a lot more are being discussed in the Private Security and Private +Law Enforcement forums.
To comment in the BOL threads you must be a registered user. You can register here. If using your bank email account, you will be given access to the private forums. If you are a current registered user for the threads, but don't yet have access to the private forums, using your bank email address send a request for access to email@example.com. Once your registration/request is approved, you can access the Private Security forum here.
Stolen mail and bogus ads (and everything in between)
New examples of familiar crimes and scams appear every day in Alerts from BOL CrimeDex. This month's collection includes a textbook example your bank can use to sell the security provided by online bill payment. Checks stolen from outgoing mail in a rural mail box were used to create counterfeits on a home computer. At least one of the counterfeits was cashed, according to an alert from the Postal Inspection Service. Meanwhile, police in Mamaroneck, NY posted an alert on an extensive counterfeit credit card operation in the Northeast. Bogus Internet auto sales ads are the subject of an alert from Millbury, CT police. Finally, an alert on a variation on the classic "short-change" scam carried out in the Sacramento, CA area can be used in training tellers to be on the watch for similar attempts at your bank.
BOL CrimeDex can help your bank recover losses through cooperation with law enforcement, retailers and other bank security professionals. Subscribers can also help avoid losses by using CrimeDex alerts as training examples for staff members.
CrimeDex is now FREE to registered members of the Bankers' Threads
Private Security Forum! Get the details and subscribe now!
Blogging on Facebook
Be sure to look at the Oct. 6, 2011 post about a bank robbery where the teller's counter was set on fire. Does your robbery reaction plan include a fire extinguisher?Read the details on our Facebook page.
Support the vendors who support BOL!Through their advertising and sponsorships on BOL and BOL Vendor Connect, companies offering banking products and services help
o make this site possible. When you're looking for a supplier, give your business to companies who support BankersOnline.com.
Find them now in our Sponsors or BOL Vendor Connect.
First published on 10/31/2011