Learning from Fraud

by BOL Guru Mary Beth Guard

From a $600 million loan scam to customer financial information illegally accessed from Ford Motor Credit, fraud is in the news. Here, we focus on what we can learn from the various types of recently-publicized fraud and discuss steps your institution should consider taking to protect itself.

You security pros are bound to have many more ideas for proactive responses that could be taken. I invite you to post them on the Security Forum of Bankers' Threads.

California State Workers' Info Accessed by Hackers
California State Controller Kathleen Connell just revealed that computer hackers have broken into a computer system that contains personal financial information of 260,000 state workers. The system that was hacked into contains payroll deduction information, including names and Social Security numbers. It is also thought to contain information about the workers' financial institutions. New stories indicate that authorities fear the information could be used to perpetrate I.D. theft.

What you can do:

Be especially vigilant when a loan application or new account application purports to be from someone who is a California state worker. Take special care to verify identity.
Spread the word within your institution.
Use this event as a learning experience to shore up security on your own network. While authorities are being close-mouthed about how the hackers got in, there may be a clue in this sentence: "Connell said the data operations manager assured her the system had been patched as of Friday afternoon." The hackers may have exploited a known security loophole in the server. A huge number of successful hacks result from security patches not being timely and properly deployed. Don't let it happen to you!

Loan Scheme Bilks Banks Out of $600 Million
This month, the U.S. Attorney's office in New York announced, along with the FBI, the uncovering of a loan scam that defrauded banks out of more than $600 million. Details of the scheme are found in this article. Basically, the borrowers lied about how loan proceeds were going to be used. They claimed the funds would be used to finance metal trades involving parties in four countries. Although they had "documentation" for the trades, the buyer and seller didn't really exist, nor did the metal.

The fraud was discovered when a smart bank officer went, in person, to check out one of the suppliers and found something quite different than what he expected.

What you can do:

Take nothing for granted. Trust, but verify.
Confirm the facts. Get up out of your chair and do a little reconnaissance.
Use the Internet to enhance your fact-gathering process.
Trace the proceeds. If the borrower tells you the funds from the loan are to be used for "X", make sure they're not used for "Y".
Control the disbursement of the loan funds, where appropriate, in order to make sure they're used for the purpose the borrower gave you.

ATM Fraud in the News
ABC news is talking about the millions of dollars lost in ATM fraud each year. Most of the losses fall on financial institutions because of the generous protections extended to cardholders by Reg E and contractual agreements.

What you can do:

Regularly inspect your ATMs in order to detect any tampering that may have taken place.
Educate your customers about what they can do to protect themselves. (The list of tips provided in the ABC story linked to above is a great starting point.)
Take error complaints seriously. Look for patterns. If you have multiple customers who complain of unauthorized withdrawals, be alert to common threads, such as l) the customer swears the card was never out of his possession; 2) several affected customers had all used the same ATM within a short time frame.

Thieves Access Database by Posing as Ford Motor Credit Personnel
An electronic impersonation allowed thieves to fool Experian's computer database into believing it was legitimately being accessed by personnel affiliated with Ford Motor Credit Co. As a result, the personal information of 13,000 consumers was downloaded from the consumer reporting agency and attempts to perpetrate identify theft are anticipated. The fraud was uncovered when Experian was contacted by numerous individuals who complainedd of unauthorized credit checks which appeared to have been made by Ford Motor Credit.

What you can do:

Alert your staff to these possible identity thieves. Read more about it.
If you receive an application for a new account or a loan and you pull a credit report from Experian that shows the credit report was also previously accessed by Ford Motor Credit in the last few months, be alert to the possibility that your applicant may be an impostor.
Take additional steps to verify identity. Consider calling the home of the applicant, using a phone number obtained from public records, rather than using what appears on the application.
Apply a higher degree of scrutiny to the identification documents presented by the individual.

South Carolina Counterfeit IDs
FBI has reported the theft of equipment and supplies used to produce driver's licenses and identification cards from two offices of the South Carolina Department of Public Safety in March, 2002. They believe that a number of counterfeit South Carolina driver's licenses and identification cards were produced.

What you can do:

Alert not only your new accounts personnel, but all others who would be in a position to deal with noncustomers. That would include handling cash advances on credit cards, cashing checks for noncustomers, handling monetary instrument purchases. With the fake IDs, it is likely the fraudsters will be counterfeiting checks and attempting to perpetrate other types of fraud. They may try to launder money by purchasing monetary instruments for cash, hiding behind a false identity.
Let your personnel know that the South Carolina IDs should have
- Diagonal, wavy gold lines with expirations no later than 2003. (These are the most easily replicated and were not used for such documents with expirations beyond 2003.)
- Holograms of both the South Carolina state seal and the outline of the state of South Carolina with "SC" in the middle.

Foreigners Obtain SSNs with Fake IDs
There's a new Report from the Inspector General of the Social Security Administration on Social Security Number Integrity. You wonder how rampant social security number fraud is? Get this -- the SSA Inspector general says that one in twelve foreigners receiving new Social Security numbers had done so using fake documents! Preliminary results from an investigation still under way show that 100,000 Social Security numbers were wrongly issued to noncitizens in 2000. (Read the news story.)

What you can do:

Take special care with new noncitizen customers. Look for additional verification of identity.
Have an in-house training session to thoroughly familiarize your staff with what to look for on various documents, such as green cards, that may be presented by foreign individuals. Current green cards are titled "Permanent Resident Card". The only place they are green is on the back where it says "Permanent Resident Card". They have a number of security features: a picture, a fingerprint, holographic-like printing (almost micro-printing) on the front, a film-strip like area on the back that has another copy of the picture and the individual's information that can only be seen if you're holding the card just right (it can also be read by an INS scanner). There are resources on the 'Net to help acquaint you with the features. Here's one: http://www.usvisanews.com/memo85.html. See also A Brief Guide to Fake ID and Fake Visas and Work Permits. Learn What a Green Card Does.

Alerts and Counterfeits
Make sure your employees bookmark the BOL Alerts and Counterfeits page to keep track of all the latest details about counterfeit cashier's checks, money orders, and other bogus items.
Copyright, 2002 BankersOnline. All rights reserved. First published on BankersOnline.com 5/29/02.