Security Spotlight: End to a prolific career, ID theft, counterfeits and more!

Welcome to the October Issue of the Security Spotlight

Barry Thompson's Monthly Security Tip

The Three Second Review
We have had several staff members taken hostage this year and forced to open their banking offices. One major item we should always teach staff is to be aware of their surroundings. When instructing staff I teach the basic three second rule. When you leave your home in the morning look to your left, right and forward for one second in each direction. Is anything unusual there that wasn’t there yesterday? When you arrive at work do the same thing again before leaving your vehicle or bus stop. Notice what is around you. Is that car or person new and watching how your institution is opened or what your normal routine is all about? If you become concerned, notify your security officer. I am sure all those people taken hostage this year thought it would never happen to them.

Most Wanted

A long time coming - The longtime career of Canada's most prolific bank robber has come to an end. Jeffrey James Shuman, a 53-year-old French-American dual national – also known as the "vaulter bandit" for hurling himself over the bank’s countertop to grab the cash, and later leading bank employees to a vault before taking cash – has been captured! Shuman is accused of robbing 22 banks in the Greater Toronto area, Ottawa and the Calgary area between 2010 and May 2015, sometimes going months or even more than a year lying low. The Canadian Bankers’ Association had offered $100,000 for information leading to the suspect’s arrest and conviction.

Shuman's career actually began more than 20 years ago when he pulled a string of heists in the U.S. throughout Florida and Tennessee. Dubbed the "Reebok Bandit" in those days for the Reebok tennis shoes he wore during the robberies, he was arrested in 1993 while returning a rental car in Miami and pleaded guilty to 14 bank robberies. In the Vaulter case, Shuman was at the wheel of a car when he was intercepted by plainclothes officers in Geneva, Switzerland.

Latest crime stats published
The Federal Bureau of Investigation (FBI) has released its annual "Crime in the United States" report, which indicates a slight drop in violent crime in 2014 compared to the year before. Highlights from the report include an estimated 1,165,383 violent crimes (28.0 percent involved robberies) reported by law enforcement. Get the full details at FBI.gov.

Check our Bank Robbery page for photos and information on the latest unknown bank bandits featured in our suspects gallery for September, many of them with sunglasses, hats or other head and facial coverings disguising their identity. Enforcing a no hats, hoods and sunglasses policy can help reduce the number of bandits who target your bank. Purchase No Hat Cling signs for all of your branches from the Banker Store.

Hot Topics from the Bankers Forums

The publicly accessible forums for Security were quiet during the remodeling of our site. We invite you to log in and join or start some conversations now that the new and improved site is up. The forums will look familiar, but easier to read. Read more and comment here.

There have been more active discussions in the private forum for bankers only on security topics, and another that allows law enforcement and regulators access.

This "private" security forum is for discussion of more private, sensitive topics. That is where security officers were discussing ITM security, a new trend in robberies when customers shoot robbers (see our Facebook story too), a peer looking for retrofitting a building for security, UCC disputes, subpoenas, more on the all clear signals, and more.

We also have a "private" security forum for discussion of more private, sensitive topics. That is where security officers were discussing trafficking and management's "request" to file a SAR. This raises the question, does management understand the SAR requirements and that when there is very little information for content, a SAR doesn't help anyone? This could be a potential training opportunity. Read about that and more in the private security forum.

To comment in Bankers' Threads you must be a registered user. You can register here. If using your bank email account, you will be given access to the private forums. The Private area is a group of forums under the heading "Private - Financial Institution Personnel Only." The Private forums do not include access to Bankers Hotline or Compliance Action, premium content areas that require paid subscriptions to those respective publications.

If you are already registered for the Threads, but don't yet have access to the private forums, using your bank email address send a request for access to brenda@bankersonline.com. Please verify that you do not yet have Private access. Once your registration request is approved, you can access the Private Security forum here.

ID theft, counterfeits, and insider theft top September CrimeDex activity

A case of ID theft involving credit card accounts was reported by a nationwide issuer in a CrimeDex alert from early last month. The names and addresses of actual consumers were used, but address changes and the addition of an authorized user soon after the accounts were opened ought to have tipped the issuer off that ID theft was involved. A Michigan credit union reported that counterfeit "official checks" appearing to be drawn on the credit union were appearing across the country. A midwest bank reported on its investigation of a fraud ring operating in Illinois using synthetic identities to purchase and finance high-end vehicles. The six "identities" listed in this alert all provided the same Chicago apartment address.

This month's choice for a CrimeDex alert worthy of special notice came from the St. Paul Police Department, which is looking for accounts in the name of a former credit union employee who is alleged to have stolen in eleven months over $147,000 in cash from member ATM deposits by failing to record the cash in the credit union's general ledger accounts. This case provides a strong argument for reviewing a financial institution's internal controls over cash and deposit handling.

Facebook Blog
Throughout the month, we share news-related incidents on Facebook that can be informative examples for training employees on security issues and more. We have picked up some new followers on our page, and we are pleased that you are finding our Facebook page helpful. We hope you'll share our page with your peers and ask them to "Like" us so they can follow us on Facebook and stay updated on the latest news.

Some highlights posted from a busy month in September:

• September started with the story posted on September 2nd of robber with a "unique" disguise that is easily removed and leaves little evidence. If you saw this walking through your door, you'd know something was up.
• On the 9th we shared a story from cybersecurity reporter Brian Krebs about new ATM skimmers. If you have ATMs, this is a must read.
• In what is the opposite of our first post, the bandit featured in the September 14th post wears a beard and carries incriminating evidence from his other robberies with him, which the police no doubt appreciated.
• On that same day, we posted a reminder to educate customers and staff on identity theft. Read about the extraordinary numbers; in fact, we posted two ID theft stories in September.
• Our third story that day highlights the seriousness of a bank robbery. Sometimes we talk about the funny disguises and the stupid things robbers do, but we need to treat all robberies as dangerous situations.
• Fast forward to September 22nd to read how customers can be just as dangerous as the robbers. They have different motives, but that doesn't make the situations any less dangerous.
• Sometimes the chain of events that occur before and after a robbery lead to the apprehension of the suspect. Such was the case in our September 23rd and 28th stories posted.
• How often might your bank be robbed? How about twice in two days – by the same guy! Get the details in our September 23rd post.
• There is almost always that one "dumb robber" story, like the one where they boast about their heist on Facebook. Our September 28th post has that story.

Read about these and other informative topics on our BOL Facebook page. Be sure to "Like" the articles so we can continue to post more articles of interest to you!