A college student, dressed conservatively and boasting a 3.5 grade point average, walks into a bank branch in the U.S. to cash a check. Just another day - only this "customer" happens to be a member of an overseas Asian gang, and his checks are counterfeit.
Behold the new face of bank fraud and other financial crimes.
"These are often wealthy kids who are just bored, looking for thrills," says Edward Yee, an investigator with the Orange County, Calif., District Attorney's Office.
Authorities say that while most are typically Asian, the front men could be white or Hispanic instead. What they have in common is a link to organized crime, which is playing a bigger role in crimes at financial institutions. The organized crime gang in this example would hail from China or the Philippines, Yee says. Authorities say other gangs, from such countries as Russia, Romania and Nigeria, as well as the United States, are proliferating.
Yee, speaking recently at the California Bankers Association's security management and information technology conference, said overseas Asian gangs are often led locally by older men who also operate legitimate U.S. businesses. They entice college students to use their own money to open bank accounts. The young men are then flown to other cities to cash counterfeit payroll checks to lessen suspicion and better escape detection, and are flown home the same day.
Though robberies nationally were down in the first quarter, they were up in specific regions, such as greater Houston, says Kevin Katz, special agent in the FBI's Houston office. They are also increasingly targeting in-store branches because those are typically open later than stand-alone branches and are easier to escape from.
To get more tipsters, more FBI field offices are partnering with area banks to launch public Web sites about recent robberies. FBI agents are also scheduling periodic meetings with area bank security officers to share information, according to FBI officials.
Online fraud is getting more creative, too, now that banks have tightened security measures around log-ins to their Web sites, says Sean Brady, a senior product marketing manager at EMC Inc.'s RSA Security.
Fraudsters are now using "crimeware" and other malware that people unwittingly download when on certain Web sites. The malware captures the victim's online banking information as it is typed in, and the fraudster uses that data to set himself up as a "payee" on the bank's site.
To mitigate this, banks are now developing additional security measures for each online banking transaction, or providing one-time passwords for corporate customers, Brady says. Carmen Oveissi Field, a managing director of Daylight Forensic and Advisory LLC, says that data-breach crimes may be on the rise, as more companies downsize and outsource information technology functions. Some vendors might not have as high internal security standards as others, giving hackers better opportunities to steal customer information.
The recession is also behind increased internal bank fraud, Field says. Some IT professionals who fear being laid off set up "holes" in the bank's network that would enable them to hack into the network, to either sell proprietary information to new employers if fired or to blackmail the bank to keep them employed. "They leave a backdoor for themselves so they can get into anything - and information is money," Field says.
Ellen Zimiles, Daylight's chief executive, says that banks should also be on the lookout for embezzlement by more closely monitoring employees' account transactions and staying mindful of employees who constantly call the bank to check on things while on vacation.
More and more banks are developing their own computer forensic labs to identify both external and internal threats, says Jeff Maw, a computer crimes and forensic investigator at Wells Fargo.
Wells' lab, in Charlotte, has forensic software to access remotely any employee desktop computer or laptop to determine if there is internal fraud, says Maw, who also spoke at the California Bankers' conference. Wells' internal investigators do this remotely so their employees won't know that they are being investigated, and so the investigators aren't at risk of tampering with evidence.
Katie Kuehner-Hebert is a reporter at American Banker.
