Skip to content

Security Spotlight: Buddy bandits, the perils of insider fraud, and more!

Prolific Pilferer and Buddy Bandits

From Prolific Activist to Prolific Bandit...

A man believed to be the infamous "Mesh Mask Bandit" who allegedly robbed at least 19 banks in the Dallas-Fort Worth area since New Year's Eve 2012 has been apprehended. Luis De la Garza, 59, of Farmers Branch, TX was an entrepreneur and prominent immigration rights activist. The FBI offered a $20,000 reward in May for information leading to the arrest of De la Garza, who was dubbed the "Mesh Mask Bandit" for the mesh masks he wore to carry out his heists. After more than six months on the lam, Luis was arrested for an April 22nd armed robbery of a Wells Fargo bank in Dallas after a Wells Fargo employee reportedly saw the bandit enter and exit the branch, sans the mask. The employee positively identified Luis in a photo lineup.

The capture and identification of the Mesh Mask Bandit is credited to the collaborative efforts of local and federal investigation across nine cities, the FBI's bank robbery task force...and the watchful eye of a bank employee. Luis is in federal custody charged with one count of bank robbery while authorities tie him to the other 18 heists. "He did some amazing things as a community leader, as a businessman," said fellow activist Carlos Quintanilla, "and all of that was just poisoned by him becoming a serial bank robber."

Dynamic duo -

Jack Sexton, 66, and Ronald Kettells, 65, are longstanding friends - and longtime bank robbers. With numerous prior criminal convictions dating back to the 1960s, Sexton and Kettells have been committing crimes together for the better part of half a century. They had recently been released from prison when they robbed a trio of banks from August to October 2011. Armed in each instance, the bandits' disguises included bandanas and masks depicting an old man, President Richard Nixon and, yes, even Hillary Clinton. In March, the dynamic duo was convicted of conspiracy to commit bank robbery, three armed bank robberies and using a firearm during a crime of violence. Noting a criminal history that is "remarkable in its length and depth," a federal judge in Seattle sentenced the men to 70 years each for their crimes and ordered them to pay $29,000 in restitution.

Check our Bank Robbery page for photos and information on the latest robbery suspects. There are 48 unknown bank bandits featured in our suspects gallery for June!

Like our dynamic duo featured above, most bandits wear sunglasses or hats to disguise their appearance. Enforcing a no hats, hoods and sunglasses policy could help reduce the number of bandits who target your bank. Purchase No Hat Cling signs for all of your branches from the Banker Store.

Recruiting Outside Criminals and Busting Internal Thieves

Recruiting money mules-

Bank robbers rob banks because "that's where the money is." Likewise, cybercriminals target banks with the same motivation. But how do these online thieves find the money mules to help them move the stolen loot? They go where most prospective employers go - to the employment line. Actually, they've gotten a little more sophisticated than that. Researchers at security firm Trusteer have discovered the use of the ZeuS trojan in man-in-the-browser attacks for recruiting money mules. ZeuS, most commonly used to direct online banking customers to malicious websites, has been tweaked to target job seekers on CareerBuilder.com. Users infected with the trojan are redirected to MarketandTarget.com instead, an official looking (despite the poor punctuation) employment site. Job seekers, who are desperate for work and see only the promise of quick and easy income, fall prey to the money mule scam being offered by these innovative criminals.

Internal theft leads to CU failure -

In Lynchburg, VA, Lynrocten Federal Credit Union is in the center of a criminal investigation. The credit union was shut down in May by the NCUA due to a police investigation into possible criminal activity. According to the Secret Service, Teresa Humphries, a former teller at Lynrocten, allegedly admitted that she and Linda Newcomb, a former manager, made fraudulent loans in members' names and deposited the proceeds in various other accounts. Humphries has allegedly admitted to personally stealing $3,000 to $4,000 a month, and that together with Newcomb, she deposited the stolen funds into accounts belonging to their family members. Newcomb has maintained that she is innocent and has no knowledge of the thefts. The authorities searched the homes of both suspects and confiscated a cell phone, documents, computers, credit union correspondence, tax documents, an LFC gift card, and more. Documents already secured by the police indicate that $876,000 was deposited into the account of a cleaning business with an address associated with Newcomb, who records show has 19 properties valued at more than $1.8 million.

12 Year Ponzi Scheme -

A former personal banker with Bank of America in Reading, MA has been indicted for running a Ponzi scheme. Spanning a 12-year period, Elaina Patterson allegedly recruited 31 friends and family members in a scheme involving millions of dollars in fake investments, promising those involved high returns. Patterson told her "friends and family" that because of her position at the bank, she could put them into high yield accounts that the bank reserved for corporate and high-profile clients earning 10 to 15 percent. Despite the fact that the bank didn't offer any such account, Patterson was successful in getting the deposits. Stealing from elderly bank customers to conceal her theft, she issued fake CD receipts and tax reports for the $4.5 million in deposits, $2.1 million of which she allegedly kept for personal use. At the time the scam began in 1999, the bank was owned by BankBoston, and it continued with the merger that created FleetBoston Financial Corp., and even after Bank of America took over the bank in 2004. In 2011, Bank of America investigated the suspicious activity, discovered the scheme, and released Patterson from her position at the bank. Patterson has been charged with 16 counts of larceny over $250 and 15 counts of larceny over $250 from a person over 60.

42 months for $1.4 million -

Matthew Monheiser went from his position as vice president at a bank in Sidney, Nebraska to one of Sidney's newest prison inmates. Monheiser started working at First National Bank in 2001, which later became the Points West Community Bank in 2010. From March 2003 until August 2012 Monheiser was also working for himself. Using customer loan proceeds, he purchased cashier's checks in customers' names, and then used the proceeds himself. He also stole $82,000 in cash directly from the vault. It was discovered that Monheiser embezzled a total of $1,364,954, for which he was found guilty and sentenced to 42 months in prison (which equates to more than $32k per month, which hardly seems like a fair sentence). In addition to his jail time, he was sentenced to five years of supervised release when he gets out, plus ordered to pay full restitution. While many security officers roll their eyes when restitution is ordered, $500,000 has already been paid, which may be better than the average recovery to date.

$1 for you, $100 for me -

Perhaps it is time to increase the frequency of those teller drawer audits. In Rock Hill, SC a federal grand jury has indicted Tina Hall and Dionna Lowery for theft by a bank employee and criminal conspiracy. The two were drive-thru tellers at a Wells Fargo bank branch. They allegedly stole $1,000 by putting their $1 bills in place of $50 and $100 bills. While this type of theft isn't new, it reinforces the need and effectiveness of surprise cash counts.

Hot Topics from the Bankers' Threads

In the publicly accessible threads, one banker was looking for a template for the annual security report. There is one available free in the Banker Tools section. One thread was on ATM skimmers with links to information, and there is still some ongoing discussion pertaining to Visitors Logs.

Additional discussions on various topics can be found in the Public Security area. When commenting on these discussions, keep in mind this is an unprotected public forum and comments should be limited to generic content.

We also have a "private" security forum for discussion of more private, sensitive topics. That is where security officers were discussing cell phone policies, vendors, internet scams, and more topics that you can comment on and share with your peers.

To comment in Bankers' Threads you must be a registered user. You can register here. If using your bank email account, you will be given access to the private forums. The Private area is a group of forums under the heading "Private - Financial Institution Personnel Only." The Private forums do not include access to Bankers Hotline or Compliance Action, premium content areas that require paid subscriptions to those respective publications.

If you are already registered for the Threads, but don't yet have access to the private forums, using your bank email address send a request for access to andyz@bankersonline.com. Please verify that you do not yet have Private access. Once your registration request is approved, you can access the Private Security forum here.

June CrimeDex activity starts hot summer

If June's alert activity from CrimeDex is a sign of what's to come, it promises to be a hot summer for fraud and other criminal activity. A Midwest bank issued the first counterfeit check alert for the month, announcing that a number of its business customers were seeing bogus checks written against their accounts and cashed in the Chicago area. Counterfeit drivers' licenses and credit cards were involved in a months-long crime spree that hit several Midwest states and the Orlando, Florida area. Elmhurst, Illinois police announced an arrest in that case. A classic account takeover case involving a fraudulent updated phone number and change of address was described by Milwaukee police, who said suspects in the case had grabbed accounts from Chase, Discover and Citibank. A credit card cash advance scheme was reported by a Pennsylvania bank whose tellers were duped into "verifying" the advance with a confederate posing as a credit card official from another bank, using the crook's cell phone and a call initiated by the scammer. Security officers take note: Train your staff to never authorize cash advances with a call initiated by the cardholder.

Our Spotlight Alert of the month is a request from a North Carolina bank for information from other banks experiencing account opening requests from money mules in "sweetheart" or "online employment" scams. This alert prompts a reminder that you should be watching for online funds transfer activity initiated by new accounts as one symptom of possible fraudulent activity.

Keep up on the latest scams, crimes and other threats facing your bank and other businesses with a free BOL CrimeDex.

CrimeDex is now FREE to registered members of the Bankers' Threads Private Security Forum!

Facebook Blog

Did you know that BOL is on Facebook? Social media has replaced blogging to a large degree and this is one more place where we put helpful information that you may want to share with your staff or customers, and can be useful in teaching employees about security issues and more.

June was a busy month for security news. We have several posts that include:

  • A bank teller disguised as a nun who tried to rob her own bank.
  • A $15 million heist. Eight people were charged in another case of hacking accounts, loading prepaid cards and using ATMs to cash out.
  • A warning to consumers of the increased risk of mobile devices being used steal from their online bank accounts.
  • A deadly example of why trying to prevent a robbery in progress is a bad idea.
  • The prevalance of spam messages, despite being just as poorly written as when they first surfaced, continue because a small percentage are successful.
  • Facebook's exposure of private information on 6 million users.
  • Read about these topics and more on our Facebook page. Be sure to "like" the articles so we can continue to post more articles of interest to you!

 

First published on 07/02/2013

Briefing type: 

Banker Tools View All

A collection of useful resources for various areas of the bank which have been developed by members of the BankersOnline staff or have been created and contributed by users of the BankersOnline site.

Banker Tools

Penalties View All

Search Briefings

Briefing Archives