Security Spotlight: Featuring one of the FBI's Most Wanted, sisterly scams, and more!

Wanted by the FBI

APB on the Loan Ranger...

Over a dozen armed robberies in four states over the past four years earned one man "Most Wanted" status with the Federal Bureau of Investigation (FBI) and his very own poster. Dubbed the "Loan Ranger Bandit" by authorities at the Tyler Police Department in Texas after wearing a Texas Rangers baseball cap and targeting financial institutions that make loans, the Loan Ranger switches headgear but brazenly pulls off his heists without bothering to cover his face. His robbery spree began in 2009 and has included banks in Arkansas, Mississippi, Kentucky and Texas. The most recent heist was at the Santa Fe Community Credit Union in Temple, Texas in July - his second visit to that institution. Despite his lack of a disguise, the Loan Ranger Bandit displays confidence and thoroughness. The institutions he targets are stand-alone institutions with easy access to major roadways (offering quick getaways) and he often targets the same banks more than once. In addition to various hats, his attire ranges from athletic wear to jeans and even business dress.

The FBI is offering a reward of up to $10,000 for information leading to the identification, arrest, and conviction of the Loan Ranger Bandit. While BankersOnline isn't out to collect the $10,000, we hope that sharing this information with our readers located across the country might aid in his eventual capture. Please note: the Loan Ranger Bandit is considered armed and dangerous and should not be approached. More information, along with a number of detailed surveillance pictures, can be found on the FBI's website that features their most wanted bandits at https://bankrobbers.fbi.gov.

Check our Bank Robbery page for photos and information on the latest robbery suspects. There are 36 unknown bank bandits featured in our suspects gallery for August!

Most bandits wear sunglasses or hats to disguise their appearance. Enforcing a no hats, hoods and sunglasses policy could help reduce the number of bandits who target your bank. Purchase No Hat Cling signs for all of your branches from the Banker Store.

Sisterly Scams, Technology Tracks Thieves, and Thwarting ATM Thefts

Nun too smart

- Fraudsters often prey on those who are most vulnerable, i.e., the elderly and those facing financial hardships who are just looking for a "break." They also target trusting souls, such as religious members who devote themselves to caring for others. Adriano Sotomayor set his unsavory sights on an elderly nun and other members of the Dominican Sisters of the Rosary of Fatima, a Puerto Rico-based parish community. Posing as a New Jersey priest, Sotomayor contacted the sister and told her a deceased member of the parish community had named her beneficiary of a $2.1 million estate. To claim the funds, he directed the trusting nun to wire money to an account he controlled for taxes and fees, most of which she borrowed from other parish members, family and friends.

In an effort to increase his "earnings," Sotomayor told the nun that there were problems with the will, including a legal challenge by the deceased's son, and additional money was needed to avoid lawsuits, threatening her with media attention and legal action if she didn't send more money. Family and friends who had also wired money on behalf of the victim were contacted by the nefarious thief and told they could get a portion of the will proceeds if they too wired more money. The jig was up for Sotomayor after the FBI received a complaint about a possible fraud scheme victimizing nuns that they ultimately traced to Sotomayor. Adriano Sotomayor was sentenced last month to 18 years in prison and ordered to pay $1 million in restitution to members of the Puerto Rico-based Dominican Sisters of the Rosary of Fatima and other victims of the scam.

Can't escape technology -

These days hardly anyone goes anywhere without a cell phone. Who knows when you might need to call someone, right? A couple of masked bandits making the rounds at remote rural banks in the southwest last year had a successful run for a couple of months bringing in $3,000 here and $6,000 there, until a witness recalled seeing a man hanging around the Compass Bank in Payson, AZ prior to the robbery talking on his cell phone. The FBI requested a cell tower dump from Verizon, which is a record of all cell phone calls made in that area around the time of the robbery. Users' cell phone numbers are logged at every cell tower they pass, which is how they remain connected to the provider's network (most of the time). It also makes the cell phone an ideal tracking device. Narrowing down the calls based on select criteria, the FBI was able to reconstruct the thieves' movements as closely as if they'd actually been tailing them

.

Built up his bank balance -

Lee Tevis of Georgetown, KY should have stuck with building real homes versus bogus corporations. The 59-year-old home builder was convicted last month of one count of bank fraud, three counts of filing a false loan application, three counts of aiding and abetting bank embezzlement, and three counts of aggravated identity theft. Tevis used the identity of a company foreman's 5-year-old son in a fraudulent bank loan scheme to get $1.4 million in loans from the American Founders Bank. Using the child's Social Security number to pass the credit check, he then set up multiple bogus companies to bypass loan limits. The loan money, which the bank believed it was issuing to finance a home in Frankfort, was used to pay off Tevis' personal loans and construction debt. American Founders ending up having to foreclose on the home the loan was intended for, taking a significant financial loss. The bank's former senior loan officer, Jim Tate, who approved the fraudulent loans pleaded guilty to bank fraud. Tevis is facing up to 30 years in prison when he is sentenced in December.

Smash-and-grab prevention -

In the August issue of Security Spotlight, we reported on an increase of smash and grab thefts in the New York area. A recent article on ATMMarketplace.com provided some valuable smash-and-grab prevention tips to make your ATM a less attractive target:

• Alarms and sirens" There are a number of inexpensive alarm systems on the market that are triggered when an ATM is moved off its base. These alarms are also equipped with sensors that can identify the extreme heat from a metal-cutting torch, or if a vault is opened without authorization. These systems can be tied to existing alarm systems and can even send alerts when an ATM is being compromised.
• Bollards" These simple posts create a physical barrier around the ATM. Bollards are designed to withstand high levels of impact and can prevent damage to a locations' front entrance. Bollards have been used for years and can effectively deter criminals from attempting to smash a vehicle into an ATM.
• Secure ATM body armor" ATM body armor is designed to serve as a protective steel panel, covering the exterior of the ATM. The armor makes the ATM heavier, bulkier, and more difficult to remove. Criminals are deterred by the amount of time it would likely take to compromise such a heavily armored ATM.
• Surveillance" Digital cameras have become much more affordable in recent years. Most ATM models currently on the market come with a camera window, along with capabilities for attaching a small camera in order to monitor ATM use. These cameras typically produce clear pictures that can be handed over to authorities as evidence.
• Bolt-down security" Several types of inexpensive bolting devices are currently available for ATMs. These devices are used to prevent the unauthorized removal of the ATM; most are designed to withstand vehicle impact.

Hot Topics from the Bankers' Threads

How long do you hold on to security video images from your branches? Is there an industry consensus available? As suggested in the recent "Retaining Branch Film - Digital Imaging" thread, there's a trade-off between available storage capacity, costs, and retention time.

Additional discussions on various topics can be found in the Public Security area. When commenting on these discussions, keep in mind this is an unprotected public forum and comments should be limited to generic content.

We also have a "private" security forum for discussion of more private, sensitive topics. That is where security officers have been discussing a recent news article about the kidnapping of a bank employee and her husband, and more. This forum often hosts discussions on ATM and vault thefts, authentication procedures, DDoS attacks, removing silent alarms, hacks, phishing, and more. Don't miss out on this wealth of knowledge shared by your peers.

To comment in Bankers' Threads you must be a registered user. You can register here. If using your bank email account, you will be given access to the private forums. The Private area is a group of forums under the heading "Private - Financial Institution Personnel Only." The Private forums do not include access to Bankers Hotline or Compliance Action, premium content areas that require paid subscriptions to those respective publications.

If you are already registered for the Threads, but don't yet have access to the private forums, using your bank email address send a request for access to andyz@bankersonline.com. Please verify that you do not yet have Private access. Once your registration request is approved, you can access the Private Security forum here

.

August CrimeDex Alerts

August CrimeDex alerts started off with a big Florida case involving Internet account opening, identity theft, and the deposit of over $40,000 in U.S. Postal Service money orders. Close on its heels was an alert about counterfeit check scams involving Craig's list transactions, with victims identified in the U.S., Canada and Peru. A compromised credit card account was reported to CrimeDex participants in Illinois and Indiana. In the Good News department, an arrest was reported in a credit card cash advance scam. The bad news in that report was that another teller was duped into processing a bogus cash advance by the "talk to the bank, I've got them on my cell phone" ruse. This alert was another reminder to drive home with your staff that they should never proceed with a cash advance when an attempt using their standard authorization procedures fails, no matter how convincing the "customer" may seem in an attempt to offer the use of his or her phone to get an authorization. And one of the risks of same day access to ATM deposits was illustrated in an alert from a bank in Iowa victimized by a new account/empty ATM envelope scam.

Keep up on the latest scams, crimes and other threats facing your bank and other businesses with a free subscription to BOL CrimeDex

CrimeDex is now FREE to registered members of the Bankers' Threads Private Security Forum! Get the details and subscribe now!

Facebook Blog

Have you been following us on Facebook? Throughout the month, we share news related incidents that can be informative examples for training employees on security issues and more.

There were two posts in August that highlight the need for increased awareness of both physical security and virtual threats. Our August 3rd post is a must-read for security and HR staff as it provides a stark reminder that physical threats can reach beyond bank staff. And on August 28th, we shared a link to a very real cover-up that took place online while cyber thieves were busy stealing millions of dollars from several banks and their customers.

Read about these topics and more on our Facebook page. Be sure to "like" the articles so we can continue to post more articles of interest to you!