Welcome to the April issue of Security Spotlight

In this month's Security Spotlight, spring has sprung...and so have robberies, frauds and scams! Check out the latest CrimeDex alerts, read about modern-day female bandits whose luck ran out, and other cases where the good guys got the bad guys. Barry Thompson has an applicable tip, and a reminder follows to protect your bank from modern-day miscreants.

In this Issue:

• Tips, Tidbits & Training
• Bank Robbery Update
• Security Shorts
• Hot Topics
• CrimeDex Report
• Blogging on Facebook
• Banker Store Security Products

Downloading Apps

by Barry Thompson Downloading and using mobile apps is the latest trend. As a result, we will see many new attempts to take control of mobile devices using apps. Only download apps from reliable sources, such as the Google Play Store and Apple's App Store, where new apps are scanned for malicious malware before downloading. When in doubt don't download the app!

It Can Happen to Anyone

No-one is immune from cybercrime, and combatting it can require a herculean effort. Thank you for all the support we received from the BOL community in the wake of recent DDoS attacks targeting our servers. Make sure your institution is adhering to the following steps outlined by the FFIEC to mitigate DDoS risks:

• Keep and maintain a system of identifying and assessing information security risks including threats to networks, websites, ATMs, & online accounts.
• Monitor Internet traffic, observe any abnormalities and detect attacks before the attackers bring down your network.
• Report any suspicious activities occurring to your network service provider and communicate to customers concerning their accounts and data.
• Collaborate with the network service provider/ISP to help respond to and mitigate risks from the attack.
• Share information with law enforcement, the Financial Services Information Sharing and Analysis Center and others so these threats can be analyzed and studied.
• Evaluate and understand your bank's response to threats, and adjust any risk management controls to better respond to future threats as they may occur.

Modern Day Bonnies

Serial supermarket thief - Thanks to the efforts of the North Texas Crime Stoppers, the Dallas FBI Violent Crime Task Force, and observant employees at First Convenience Bank (FCB), a modern-day "Bonnie" from Arlington, TX is in custody following a bank robbery spree that spanned six cities and hit ten supermarket banks, nine of which were FCB branches. Just 5 feet 2 inches tall, 37-year-old Dana Campbell wore a black hoodie, black pants, black shoes and oversized black-framed sunglasses when she pulled her first FCB heist on November 3 and during subsequent robberies, including one at a Woodforest National Bank branch. Rewards of up to $11,000 were offered by the local Crime Stoppers and FBI task force, and wanted posters of the suspect were distributed throughout FCB branches. On Monday, March 23rd, when Campbell entered an Arlington Kroger store with an FCB branch, bank employees spotted her and she quickly left when she realized they recognized her. The police pulled her over shortly thereafter and found a black hoodie jacket in the car with a note inside one of its pockets that read, "This is a robbery. I don't want to hurt anyone." They also found a ledger that listed dates and addresses of several banks in the region that had been hit since November. If convicted, Campbell faces a maximum of 20 years in federal prison and a $250,000 fine.

Catwoman captured - Much like the young, attractive female cat burglar known as Catwoman from the first Batman comic book series, 27-year-old Jennifer Labbe was a high-stakes thief. After her release from the York Correctional Institute in January where she served out a burglary conviction for a 2012 home invasion, Labbe failed to report to a court-ordered residential program. Instead, she went on a bank robbery spree, hitting five banks across Connecticut in eleven days. The Hartford, CT Police Department and the U.S. Marshals Fugitive Task Force caught up with this modern-day Bonnie in March. Labbe's criminal record includes convictions for burglary, prostitution, disorderly conduct and larceny.

Check our Bank Robbery page for photos and information on the latest robbery suspects. There are 38 unknown bank bandits featured in our suspects gallery for March.

Security Shorts

Chalk Some Up for the Good Guys

• Doubled up - When robbing a bank, why stop at just one? In Arapahoe County, Colorado, a greedy thief robbed two banks within one hour. The busy bandit allegedly robbed a Chase Bank branch at 10:22 am and then a First Bank branch at 11:20 am. He was arrested the same day. He was being held on unrelated charges at press time, but the high quality surveillance video captured by the bank will prove to be crucial evidence in the bank robbery charges.
• Too close for comfort - In another attaboy for the police, in Plano, TX, just before noon on a Saturday, police were called about a suspect who entered a bank with a weapon and demanded money from a teller. Police arrived quickly on scene and, with a good preliminary description, they were able to catch 19-year-old Devionn Holmes running away from the bank just a few blocks away. Holmes is being held on $3,000.00 bond.
• Dumb and desperate - Desperate people do desperate things, and dumb ones rob banks then try to escape. On March 31st, morning news programs in Arlington, VA were covering the story of suspected bank robber Woosen Assaye's escape after he overpowered a guard, took his handgun and escaped from a hospital in Fairfax County in bare feet, still wearing his hospital gown. Assaye is suspected of robbing a dozen banks, from which he fled on a bicycle. He was recaptured by noon that same day during a traffic stop and taken back into custody without incident.
• Ten and done - In another "score one for the good guys," Robert Kincade, who is suspected of robbing ten banks in the Las Vegas and Reno areas, was recently arrested in Greenville, MS. The authorities had received information that Kincade was in that area, and the FBI with the added assistance of a police Special Ops teams was able to locate him at a local business. He was arrested without incident.
• Still on the run - Police in Broward County, FL aren't having as much luck catching up to a couple of robbers yet. Two robberies by two different men on March 31st occurred less than an hour apart. The description and photos of one of the suspects lead police to believe he may be linked to six other area robberies. The FBI is investigating and asking the public for help.

Hot Topics from the Bankers' Threads

The publicly accessible threads for Security have been more active recently and we encourage you to join in. There was one lively thread on bomb sweeping procedures. Without getting into privacy issues, some public discussion on this may be warranted. Another thread discussed dual control of keys for ATMs. It seems ATMs have different levels of access so some controls are separated from cash. Weigh in with your views and how you might handle these questions in the public security forums. More of the discussions, for risk management and confidentiality reasons, have moved to the private area where we have a forum for bankers only on security topics, and another that allows law enforcement and regulators access.

We also have a "private" security forum for discussion of more private, sensitive topics. That is where security officers were discussing employee access to PINs, a trooper's death in Wisconsin, security vendors, cash recyclers, loan fraud, employee cell phones and bank email, all-clear signals after an employee leaves, and more!

To comment in Bankers' Threads you must be a registered user. You can register here. If using your bank email account, you will be given access to the private forums. The Private area is a group of forums under the heading "Private - Financial Institution Personnel Only." The Private forums do not include access to Bankers Hotline or Compliance Action, premium content areas that require paid subscriptions to those respective publications.

If you are already registered for the Threads, but don't yet have access to the private forums, using your bank email address send a request for access to brenda@bankersonline.com. Please verify that you do not yet have Private access. Once your registration request is approved, you can access the Private Security forum

CrimeDex alerts springing up all over

The past month's CrimeDex alerts revealed the usual mix of robberies, scams, frauds and other crimes designed to separate money and other assets from their lawful owners. Over 250 alerts crossed our desk (filters allow BOL CrimeDex subscribers to receive fewer alerts, limited to those of greatest interest). The month began with an alert involving two grand larcenies by credit card reported by the New York City police. Stolen and cloned credit cards were used in several fraudulent purchases and an ATM cash advance. Another alert, from North Carolina, related how two suspects had been arrested with counterfeit credit cards that had been used to purchase over $10,000 in gift cards at a Walmart store. In this case, the gift cards had been handed off to confederates before the arrest, but were successfully deactivated before they could be used.

Greer, South Carolina, was the location of yet another ATM skimming attempt, this time with positive results. Customers of SunTrust noticed something wrong and reported it to local police on Sunday, March 1. The bank was able to provide surveillance photos of the individuals suspected of having placed the illicit devices in attempts to obtain card and PIN information from legitimate cardholders.

One of TD Bank's "stores" in Connecticut was robbed in late February. In an attempt to identify the robber, Greenwich, Connecticut, police posted an alert with a surveillance photo and description of the suspect and a vehicle involved. The Brazos Valley Schools Credit Union (College Station, Texas) reported that two counterfeit cashier's checks had been presented for payment, both apparently based on a single legitimate $20 cashier's check issued to a member. Another counterfeit cashier's check alert was issued by Savings Institute Bank & Trust (which issues "official checks"). That bank reported receiving more than 100 bogus cashier's checks from all over the country, many associated with Craigslist scams. Craigslist scams were also involved in a report from the Fuquay-Varina, North Carolina, police in their alert involving counterfeit business account checks sent to Craigslist sellers in amounts greater than the purchase price with requests to return the excess via Western Union. Does your institution have controls that detect counterfeit cashier's and other checks quickly enough to return them unpaid within your midnight deadline?

CrimeDex is FREE to registered members of the Bankers' Threads
Private Security Forum! Get the details and subscribe now!

Facebook Blog

Throughout the month, we share news-related incidents on Facebook that can be informative examples for training employees on security issues and more. March was another busy month on the BOL Facebook page. Visit us on Facebook to catch up on the latest news:

• How social media helped police identify bank robbery suspects.
• Why a bank robber was easily recognized by a witness.
• Does your local PD tweet? In Wilmington, NC, they were tweeting about a bank robbery and pursuit in progress.
• In what sounds like a branch opening security test (but wasn't), an incident involving a suspicious car parked near two banks early in the morning, police involvement, and the bomb squad on scene all took place within walking distance from the home of one of our own BOL Gurus.
• A top U.S. prosecutor weighs in on filing SARs. What he had to say could increase your workload.
• We know skimming happens. But there was a conviction last month in what may be one of the largest skimming scams law enforcement has worked involving 16 people and $5 million.
• A bank robber who had more than just a hideout, he had an underground bunker.
• The fun-loving farce "Weekend at Bernies" came true to life when a man took his dead mother to the bank in a wheelchair.
• Armored car robberies seem to be on the rise. Thieves struck gold in a recent armored car heist.
• There haven't been many newsworthy corporate account takeovers lately...until the one about BofA, the Chelan County Treasurer and more than $600K.
• A bank robber that was pictured on our Facebook page made it to the FBI's most wanted with a $30k reward offered after 8 robberies.

Make sure to "like" the posts so we can continue to share more articles of interest to you!