Issued by FDIC
BankersOnline Security Spotlight
Two weeks after your initial morning glory robbery training, return to the branch, turn off the warning signals, and see if staff follow your procedures properly. For every member who follows the procedure properly, present a certificate stating you couldn't catch them. For every member who fails, provide a new security training program complete with a written exam.
Technological Advances to Improve Security: What's Available
by Susan Orr
The technology age has brought a plethora of products and services that have changed how we live, work, and play. Look at the technology and processes your institution has implemented: Websites, email, online banking, bill payment, merchant capture, mobile banking, and more! These technological advances come withincreased risks and the need for security and monitoring. This presentation will provide an overview of some of the products and services available to help financial institutions improve security, reduce risks, and increase productivity.
"Fifteen Million Reasons" to Follow Proper Safe Deposit Procedures
by Dave McGuinn
During 2011, numerous financial institutions experienced disappearance claims and significant lawsuits which resulted in over $15,000,000 in nationwide claims and expensive litigation. What did they do wrong? Most of these disappearance claims and lawsuits are a direct result of insufficient employee training, incorrect box drilling and safekeeping procedures, offering self-service boxes, unauthorized vault access, improper box relocations, flooded vaults, sloppy record retention and the news media coverage that inevitably follows. Regardless of the size of your safe deposit operation, this presentation provides a realistic and well-organized method of reviewing your procedures before a lawsuit occurs.Network and Internet Security Best Practices
by Susan Orr
Security breaches, identity theft, and data leakage dominate the headlines. At the same time, regulatory requirements and expectations increase, and those responsible for security try to keep pace. Along with protecting your customers from unauthorized access to their information and identity theft, you also need to protect your institution's intellectual and proprietary information and ensure that its reputation stays above reproach. In this presentation we will cover some of the threats facing institutions today and explore some of the methods for securing your network and protecting your valuable information assets.
in the Banker Store
The Baby Boomers' Nightmare
When Social Media Attacks
Is Your Bank Penetrable?
Welcome to the May issue of Security Spotlight
In this month's Security Spotlight, Barry Thompson has some tips on testing your morning glory robbery training.A couple of bank robbers provide two examples of what NOT to say or do after robbing a bank, and the FBI has reports of robberies on the rise in some regions. April CrimeDex alerts is chock full of robbers, thieves, and other ne'er-do-wells.
Some Things Are Better Left Unsaid or Undone
A.K.A: Also known as - A Northern California serial bank robber was questioned by authorities when he was traveling as a passenger in a car that was pulled over for running a red light in Sacramento.When the officers conducting the traffic stop asked the passenger to identify himself, he gave the authorities a fake name. When they questioned him again, he gave them another false name.The police decided to go with the second name he provided, which ended up matching the name of a person with an outstanding arrest warrant. The young man was arrested and taken into custody. While fingerprinting and booking him, his real identity was revealed as a suspect in six bank robberies throughout California. Oh, his REAL name is Jeremy Morton, he's 22 years old, and we're guessing he wished he had come up with a better alias to give police that day.
Just a little tip for would-be bank robbers out there. After robbing a bank and having one of those red dye packs explode in your hands, it's a good idea to keep a low profile. No one passed that little nugget of wisdom on to 36-year-old Sheldon Crogan.On a Tuesday morning, Crogan walked into an HSBC branch in Niagara Falls, gave the teller a note, threatened her with an unseen gun, and demanded money. The teller gave him some money and a dye pack.On his way out of the bank, unbeknownst to either of them, Crogan walked right past a plain clothes detective. The next morning Crogan was spotted by a local convenience store manager when he tried to shoplift some alcohol by hiding it in his hooded sweatshirt. The manager stopped Crogan as he was leaving the store and questioned him about stealing something. Crogan proudly showed his hands to the manager to prove he had nothing in them. But when the store manager saw his hands were stained by red dye he called police, who found the thief later that day walking down the street - still red-handed. Back at the station, Crogan came face to face again with the detective he passed outside the bank after the robbery. Crogan was charged with third-degree robbery in the bank heist, as well as petit larceny in the shoplifting case.
Check our Bank Robbery page for photos and information on the latest robbery suspects. Don't be shy about asking customers to remove hats, hoods and sunglasses - that request could deter bandits from targeting your bank. We have a sign for that! (available in the Banker Store)
Robbing and Skimming
Robberies rising in the Sunshine State - Various news reports are indicating bank robberies are on the rise in some areas. The FBI reported 49 bank robberies between October 1, 2011 and March 31, 2012 in southern Florida alone, up 25 percent from the same period last year. If the trend continues, the southern Florida region could see 100 robberies by the end of the fiscal year. The two prior fiscal periods reported 75 robberies in 2011 and 87 in 2010.
A rash of robberies in Houston - In Houston, TX, four bank robberies believed to be conducted by four different bandits took place over the weekend of April 23rd. The FBI reports it has responded to 49 robberies in the Houston area already this year, compared to only 25 this time last year. The FBI?s Shauna Dunlap says serial bank robbers might be responsible for many of the hold-ups this year, and that the public's help is probably their best tool for catching these bandits. Dunlap also noted that bank robbers aren't getting away with as much money as they probably expect to these days, and that the reward money for tips leading to their capture is often more than the robbers take from their heists.
All-in-one skimming - There is more than one way to rob a bank. ATM skimming is an increasing threat, and the thieves - and devices they use - are becoming more sophisticated. Checking for and detecting ATM skimming devices used to involve looking for the card reader overlay and then a hidden camera, often with a transmitter. Authorities in Southern California - with the help of a very observant customer - found an all-in-one device on a bank ATM that included the reader and camera built into one compact unit. We hope the customer who initially discovered the device was educated on looking for unusual signs of tampering at ATMs, including pulling on the card reader, as part of that bank's security awareness program. Hopefully your bank is educating its customers on ATM safety and awareness as well. You can get the details and see images of the all-in-one skimming device at Krebs on Security.
Alerts & Threads
Alerts and Counterfeits
In 2012 we have received 13 alerts. Eleven are Counterfeit Cashier?s Checks, one is a Counterfeit Official Check and the last is a Counterfeit Missouri Department of Revenue Check. What is very unusual is that in the same quarter of 2011 we also had 13 alerts. Last year each item was based on a notice from the FDIC. This year each item is based on a notice from the OCC.
Of the 13 items, only seven states are represented, with items from MA (2), ND (2), OH (3), TN (2), TX (1), WA (1), and WY (2).Massachusetts, Ohio and Wyoming haven?t had an alert since August/September 2010. North Dakota hasn?t had an alert in three years. This indicates that all banks need to be vigilant for counterfeit items. We are certain there are many tellers and customer service representatives working in banks in these states who have never seen a counterfeit item.Just because they haven?t seen one, doesn?t mean they won?t.
Stay on top of the alert notices by researching the Alerts and Counterfeits database, http://www.bankersonline.com/alerts/alertBrowse.php or by reviewing the alphabetical or chronological listing http://www.bankersonline.com/security/aandc.html.
Threads of Interest
If you are looking for peer-to-peer discussions with other security officers, the public security forum is available for general topics about security. Current threads include recent discussions on where security belongs in theorganizational chart, whether it is better to have a suspect arrested or repay the theft, and more comments on"How to Rob a Bank", with posts on fast track prosecutions. There is even a discussion on self-testing forsocial engineering. But don?t stop there. The Public Security forum also includes discussions on disaster management, annual reporting, and more.
The Private Forum area has two security sections where more sensitive discussions take place over topics like cash missing from Fed shipments and what you should be looking for, unusual emailsfrom regulators, and a lot more.These topics and more are being discussed in the Private Security and Private +Law Enforcement forums.
To comment in the BOL threads you must be a registered user. You can register here. If using your bank email account, you will be given access to the private forums. If you are already registered for the threads, but don't yet have access to the private forums, using your bank email address send a request for access to email@example.com. Once your registration request is approved, you can access the Private Security forum here.
Crooks, robbers and other slimeballs in April CrimeDex alerts
T.S. Eliot wrote that "April is the cruellest month." An assortment of robbers, thieves, and other ne'er-do-wells reported in April CrimeDex alerts did their best to prove him right. A California police department sought help in identifying a pair of ID thieves who opened a series of fraudulent credit card accounts and ran up over $22,000 in bills in a single victim's name. Banks in Ohio and Illinois were the direct victims of another ID thief who posed as various bank customers and withdrew cash from a series of accounts. A motorcyclist in full gear, including helmet and visor, used a stolen credit card to obtain $8,000 in fraudulent cash advances at bank drive-up windows in Riverside County, California (we wonder if a "no hats, sunglasses, hoods policy might have helped). A counterfeit debit card was used to make withdrawals of $1,000 (plus $6 in surcharges) at a New York City ATM. And a California credit union reported that fraudulent checks purportedly payable at Chase Bank but encoded with the credit union's routing number were being used to open new accounts in the San Jose area. The suspect claimed to work for "Angels in Home Care" but the checks misspelled "Angels" as "Angles." That would be a perfect object lesson in detecting phony checks.
On a positive note, a credit union shared information on a suspected "point of compromise": a diner in Glen Mills, Pennsylvania, where it appears a number of debit cards were skimmed.
BOL CrimeDex can help your bank recover losses through cooperation with law enforcement, retailers and other bank security professionals. Subscribers can also help avoid losses by using CrimeDex alerts as training examples for staff members.
CrimeDex is now FREE to registered members of the Bankers' Threads
Private Security Forum! Get the details and subscribe now!
Blogging on Facebook
Want to keep up to date on the latest news? Visit us on Facebook and "like" us so you can get all the latest posts on what's happening in bank security. When it comes to suspected fraudulent online transactions, there are some top states those transactions are likely to originate from. Do you know what they are? Find out in our April 20th post - the results might surprise you. The April 5th entry is enlightening as well. Two different robbers, two different robberies and one arrest.Read about these and more on ourFacebook page and post your feedback.
Support the vendors who support BOL!Through their advertising and sponsorships on BOL and BOL Vendor Connect, companies offering banking products and services help to make this site possible. When you're looking for a supplier, give your business to companies who support BankersOnline.com.
Find them now in our Sponsors or BOL Vendor Connect.
First published on 04/30/2012