Security Spotlight: Tips on subpoenas, prolific bandit on the loose, and more!

Welcome to the September Issue of the Security Spotlight

Barry Thompson's Monthly Security Tip

Do we need a subpoena
A frequent question we are asked is "do we need a subpoena?" While I am not a lawyer, my answer always follows the same advice. If the bank is the victim and you are turning a case over to law enforcement, you do not need a subpoena. Victims don't need subpoenas to turn over information that's pertinent to a complaint they have filed with the police. If law enforcement approaches the bank about a case where the bank has suffered no losses and isn't involved, a subpoena would be needed, unless law enforcement is asking to review documents supporting the bank's filing of a Suspicious Activity Report under BSA/AML regulations.

Most Wanted

Mad Hatter on the run...This isn't about the character in a Disney fairytale. This character is up to no good in Manhattan rather than Wonderland. The FBI is on the hunt for a prolific and elusive bank robber dubbed the "Mad Hatter" bandit who has hit eight Manhattan-area banks since March. Given his moniker for the various types of hats worn during his heists, the Mad Hatter pulled his first bank job on March 15th wearing a brown knit cap and a brown scarf. Other hats he's worn are a dark baseball cap and different colored fedoras. In his latest heist in July he had on a black bicycle helmet. He has worn sunglasses in all of his robberies. In his last heist at HSBC bank, the suspect warned the teller that he had a gun, demanded cash in 50s and 100s, and yelled obscenities at the teller to move faster. He's in and out of the banks in less than two minutes, and in all cases he has worn gloves to avoid leaving fingerprints behind. The authorities investigating the case point out that this Mad Hatter has a very distinctive gait, moving his arms as he walks. The suspect is a white male, approximately 25 to 35 years old, 5'6" tall, thin build, with a reddish-brown beard. Anyone with any information about the Mad Hatter should contact the NYPD's Crime Stoppers unit at 1-800-577-TIPS.

Check our Bank Robbery page for photos and information on the latest unknown bank bandits, many of them with sunglasses, hats or other head and facial coverings disguising their identity. Enforcing a no hats, hoods and sunglasses policy can help reduce the number of bandits who target your bank. Purchase No Hat Cling signs for all of your branches from the Banker Store.

Hot Topics from the Bankers Forums

There was one important discussion in BankersOnline's public Security forum in August on director training topics. If you missed that one, it's still active and your input could be helpful for others. You can review this discussion, and more here.

You'll find active discussions on more sensitive security topics in our "Private Security Forum," where bankers discuss issues out of public view. There's also a private forum that invites participation by bankers, regulators and members of law enforcement.

The private forums are the place for security officers to discuss topics like changing your "all clear" signals, embezzlement, scams, and the annual security report to the board. If you're a registered user of BOL's Discussion Forums, but don't see the Private - Financial Institution Personnel Only forums near the top of the Forums list, use your bank email address to send an access request to brenda@bankersonline.com. Once your request is approved, you can access the Private Security forum here.

Please note: Our Private Forums do not include access to Bankers Hotline, or Compliance Action, which are premium content areas requiring paid subscriptions.

CrimeDex

August CrimeDex alerts top 350

More than 350 BOL CrimeDex alerts hit our inbox in August (setting a filter on a CrimeDex subscription limits the alerts that reach a user's email account). At the top of the month, Fifth Third Bank posted an alert concerning customer account takeovers accomplished via unauthorized address changes. Unconfirmed address change requests continue to be one of the primary tools used in account takeover fraud. Takeovers of another type were reported by BMO/Harris Bank, where an unidentified male has been involved in compromising various home equity lines (HELOCs) in Indiana and Illinois. The Slidell (LA) Police Department posted an alert for Alabama, Arkansas, Louisiana, Mississippi and Texas identifying three men and a car believed to be involved in a "counterfeiting road trip" through Texas, Louisiana and Mississippi, making small purchases with relatively low-grade counterfeit $100 bills.

One innovative crook was reported to have uploaded a compromised debit card number to a Walmart Pay app to make purchases that included iPads, iPhones, TVs and gift cards for a combined total approaching $5,900.

Finally, an enterprising San Diego area credit union posted a "help wanted" alert looking for someone from law enforcement to speak to a women's group, in Spanish, about identity theft.

Get all the details at CrimeDex . The CrimeDex service is free to all financial institutions that are registered users of BankersOnline. If you have access to our private forums, read the "CrimeDex Service FREE" notice in the second thread of the "Private - FI Personnel Only" forum.

Facebook Blog

Throughout the month, we share news-related incidents on Facebook that can be informative examples for training employees on security issues and more. We appreciate the "Likes" and encourage you to share our page with your fellow Security Officers and bankers, and ask them to "Like" us so they too can stay updated on the latest news.

There was quite a bit of news shared in August. In case you missed it, you can still check out the following posts:

• Our first post of the month on August 1, was about a woman who robbed a bank to get back into prison. Mission accomplished.
• On August 5, we shared an ATM skimming story involving one ATM and one skimmming device that led to $110k in losses.
• Also on August 5 is a story about a man who robbed a bank after his release from prison. When police tracked him down, he had a knife on him. His fate was worse than a return to prison.
• The next day, August 6, we posted a story about internal theft that involved dormant accounts and resulted in $600k in financial losses.
• Another post that same day was about an armed robbery in which the teller unwittingly aided the suspect's escape.
• On August 13, we shared a story that recounts the world's largest bank heists.
• A case of old fashioned identity theft with over $600K in bank losses is posted on August 16.
• Another story posted on the 16th chronicles a stockbroker who fell on hard times and reverted to bank robbery.
• While everyone may be interested in the story we shared on August 17, the post about a crew of ATM skimmers making their rounds in Rhode Island may be of particular interest to those located in the northeast.
• Don't miss the August 24 post about wanted bank robbery suspects. Tracking them just became easier – now there's an app for that!
• And we rounded out the month with two stories shared on August 28. The first is about a group of bank robbers who fired off shots when fleeing the bank, but were quickly apprehended. And the final story of the month is about a new con involving social media that cost one bank $1 million.

Read about these and other informative topics on our BOL Facebook page. Be sure to "Like" the articles so we can continue to post more articles of interest to you!