TRENDING:

The Fraud Blog with Tracy Kitten

BP Funds, Fraud Hit the Gulf Coast

Tracy Kitten (FraudBlogger) • July 21, 2010    
BP Funds, Fraud Hit the Gulf Coast

Yesterday, BP announced it has distributed more than 67,500 recovery payments totaling $207 million to those affected by the drill explosion in the Gulf of Mexico.

Verifying that many claims and filing that many payments create a logistical nightmare, and incidents of fraud are beginning to crop up.

Last week, Orange Beach, Ala.-based Heritage First Bank caught wind of a phishing scam aimed at BP claimants. The phishing attack was rather basic - e-mails asking recipients to click links where they could verify claim and Social Security numbers. If a recipient clicked the link, a follow-up phone call was received, asking the e-mail recipient for bank account information.

The attack was not aimed at Heritage First. The e-mail was sent to several residents and circulated through the e-mail systems of Orange County's municipalities. The Alabama Gulf Coast Area Chamber of Commerce responded and notified area businesses. Heritage First Bank was quick to notify customers as well, since so many of them have filed claims for BP recovery funds.

John Branam, the president and chief executive of Heritage First, says his institution quickly notified customers that any requests made for additional claim information would not come via e-mail. "We'd have you come into the branch," he says.

"There's a lot of money being distributed and flowing down here right now," Branam adds. "When there are that many funds out there, there will always people who try to circumvent the system."

The source of the scam is under investigation by the Alabama Attorney General's office.

Heritage First responded well to the phishing scam, but these schemes are only going to multiply as the claims continue rolling in and funds continue flowing. The longer the process goes on, the easier it will be for scammers to figure out how to get around the system.

Consider, too, that a number of those affected by the oil spill do not have banking relationships. I wonder who's going to ensure they receive payment? Granted, they will not be compromised by giving out bank account information via the phone call or vishing attack, as was attempted by the fraudsters in the Alabama attack. But providing claim and Social Security numbers could give criminals more than enough to go on to perpetrate fraud.

Counterfeit checks are always a concern during a crisis. But how can BP get around it? Branam suggests BP start direct depositing funds into bank accounts to avoid some of the risks.

I called the BP claims department - surprisingly, it was very easy to get through to a person - and was told direct deposits would only slow and complicate the process. Besides, direct deposits don't address the needs of those without bank accounts.

"These people need their money," the hotline representative told me. Agreed. They do. And I'm sure BP does not want to run the risk of somehow mishandling bank account numbers.

But as this crisis continues to unfold, institutions will have to be prepared to deal with fraud. I also wonder what role the banks and credit unions might play in assisting the unbanked and underbanked? These individuals have long been ignored by traditional banking institutions. Could the BP disaster open new lines of communication and service?



About the Author

Tracy Kitten

Tracy Kitten

Former Director of Global Events Content and Executive Editor, BankInfoSecurity & CUInfoSecurity

Kitten was director of global events content and an executive editor at ISMG. A veteran journalist with more than 20 years of experience, she covered the financial sector for over 10 years. Before joining Information Security Media Group in 2010, she covered the financial self-service industry as the senior editor of ATMmarketplace, part of Networld Media. Kitten has been a regular speaker at domestic and international conferences, and was the keynote at ATMIA's U.S. and Canadian conferences in 2009. She has been quoted by CNN.com, ABC News, Bankrate.com and MSN Money.




Around the Network

Identity Security and How to Reduce Risk During M&A
Identity Security and How to Reduce Risk During M&A
Why Health Firms Struggle with Cybersecurity Frameworks
Why Health Firms Struggle with Cybersecurity Frameworks
Protecting Medical Devices Against Future Cyberthreats
Protecting Medical Devices Against Future Cyberthreats
How 'Security by Default' Boosts Health Sector Cybersecurity
How 'Security by Default' Boosts Health Sector Cybersecurity
Evolving Threats Facing Robotic and Other Medical Gear
Evolving Threats Facing Robotic and Other Medical Gear
Is It Generative AI's Fault, or Do We Blame Human Beings?
Is It Generative AI's Fault, or Do We Blame Human Beings?
How the NIST CSF 2.0 Can Help Healthcare Sector Firms
How the NIST CSF 2.0 Can Help Healthcare Sector Firms
Transforming a Cyber Program in the Aftermath of an Attack
Transforming a Cyber Program in the Aftermath of an Attack
Medical Device Cyberthreat Modeling: Top Considerations
Medical Device Cyberthreat Modeling: Top Considerations
Safeguarding Critical OT and IoT Gear Used in Healthcare
Safeguarding Critical OT and IoT Gear Used in Healthcare

Continue »

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing cuinfosecurity.com, you agree to our use of cookies.