Wednesday, November 23, 2011

Complete DHS Daily Report for November 23, 2011

Daily Report

Top Stories

• A former auditor for Provident Capital Indemnity Ltd. (PCI) pleaded guilty to assisting a $670 million fraud conspiracy that impacted life settlement investment companies in several countries, including the United States. – Bloomberg. See item 16 below in the Banking and Finance Sector.

• The U.S. Air Force said it is investigating how an airman who instigated a 10-hour standoff managed to get his own handgun onto a base in Colorado that controls more than 60 military satellites. – Associated Press (See item 32)

32. November 22, Associated Press – (Colorado) Colo. barricaded airman suspect is awaiting sentencing on attempted sex exploitation of child. The U.S. Air Force said it is investigating how an airman managed to get his own handgun onto a sensitive air base in Colorado where he barricaded himself in a building for 10 hours before surrendering. The airman was taken into custody at Schriever Air Force Base near Colorado Springs, Colorado, at about 8 p.m. November 21, officials said. No injuries were reported. The base, about 60 miles south of Denver, controls more than 60 military satellites, including those used for GPS. The Air Force said satellite operations were not disrupted. Officials said the suspect was in a building where personnel prepare for deployment. The satellite control rooms are in a separate, heavily guarded area. Authorities said the airman faces a possible discharge for an unrelated crime in civilian court. He is being held in the Teller County jail in Divide, Colorado, under an agreement between the county and the Air Force base. Air Force officials did not say whether the suspect will face prosecution in civilian or military court over the standoff. Personal weapons are forbidden on the base. The suspect is a member of the 50th Security Forces Squadron, and has been in the Air Force for 2 years and 9 months, officials said. Source:


Banking and Finance Sector

15. November 21, U.S. Department of Treasury – (International) Fact sheet: new sanctions on Iran. The United States November 21 announced a series of actions to confront the threat posed by Iran and significantly increase pressure on Iran to comply with the full range of its international obligations and to address the international community’s longstanding concerns regarding its nuclear program. These steps included: expanding sanctions to target the supply of goods, services, technology, or support (above certain monetary thresholds) to Iran for the development of its petroleum resources and maintenance or expansion of its petrochemical industry; designating 11 individuals and entities under Executive Order 13382 for their role in Iran’s WMD program; and identifying the Islamic Republic of Iran as a jurisdiction of “primary money laundering concern” under section 311 of the USA PATRIOT Act. These actions underscore the Administration’s continued strong commitment –- particularly in light of the International Atomic Energy Agency director general’s most recent report –- to hold the Iranian regime accountable for its refusal to comply with international obligations regarding its nuclear program. Source:

16. November 21, Bloomberg – (International) New Jersey accountant pleads guilty in $670 million fraud. A former auditor for Provident Capital Indemnity Ltd. (PCI) admitted to assisting a $670 million fraud conspiracy in the life settlement bonding market, federal prosecutors in Virginia said November 21. The auditor pleaded guilty to one count of conspiracy to commit mail and wire fraud, a U.S. attorney said. The charge carries a maximum sentence of 20 years in prison, and prosecutors are also seeking as much as $40 million in forfeiture, the attorney said. The United States claims the Costa Rica-based company misrepresented its ability to satisfy obligations under its bonds, according to a related civil complaint the Securities and Exchange Commission filed against the company in Richmond, Virginia. From 2004 to 2010, PCI sold about $670 million of bonds to life settlement investment companies in several countries, including the United States, Canada, Germany, and the Netherlands, prosecutors said. The auditor admitted to conspiring with PCI’s president to prepare financial statements that falsely claimed PCI had contracts with other reinsurance companies. He admitted he never audited PCI’s financial statements, and that he knew the company never entered into any contracts with other reinsurance companies, prosecutors said. He was paid about $84,000 by PCI from 2004 through 2010, prosecutors said. PCI’s president, a citizen of Costa Rica, and PCI have been criminally charged with conspiracy, and mail and wire fraud charges. Source:

17. November 21, KTLA 5 Los Angeles – (California) ‘Black and Blue Bandit’ sought in San Gabriel Valley bank heists. Police in California are searching for man connected to several recent bank robberies throughout the San Gabriel Valley, KTLA 5 Los Angeles reported November 21. According to officials, the suspect is being called the “Black and Blue Bandit” because he wears arm slings, braces, and bandages during the crimes. His most recent robbery was reported shortly after 5 p.m. November 16 at a Chase bank on the 13100 block of E. Philadelphia Street in Uptown Whittier. Police said the suspect, wearing a bandage on his cheek, passed a note to a teller and demanded money. When the teller did not comply, he fled on foot. He is believed to be connected to crimes as far back as October in Whittier, Montebello, and Downey. Officials said the bandit was also linked to a robbery at a Chase bank in the 800 block of Beverly Boulevard November 12. In that robbery, he told the teller he had a weapon and demanded $4,000. The teller then went to a back room and sounded an alarm. The suspect, wearing medical scrubs, an arm sling, and a baseball cap, then left the bank without any money. Source:,0,6340052.story

18. November 21, Seattle Times – (Washington) Ex-bank execs sued by FDIC over loans. Federal regulators sued two former executives and the board of Washington’s failed Westsound Bank for at least $15 million, the Seattle Times reported November 21. The Federal Deposit Insurance Corporation (FDIC), which assumed most of the real-estate loans of Bremerton-based Westsound when it failed in May 2009, seeks to recover losses on seven loans to insiders, 7 risky land-development loans, and 21 allegedly fraudulent ones to Russian and Ukranian borrowers. In its lawsuit, filed November 18, the FDIC estimated Westsound’s failure will cost the deposit insurance fund $106.4 million. The lawsuit names Westsound’s former chief executive officer; former executive vice president of sales and lending; and former board chairman, and eight other former board members. The FDIC suit said the defendants repeatedly ignored warnings from state and federal regulators about the bank’s lending practices, and neglected to supervise a Federal Way loan officer who allegedly originated the 21 fraudulent loans. According to the regulators’ suit, the loan officer colluded from 2005 to 2007 with a homebuilder, borrowers and appraisers to gain approval for 142 fraudulent home-construction loans totaling $96 million. The FDIC filed a separate claim in June against the loan officer, seeking to ban her from future involvement with any federally insured depository. In that claim, the FDIC said the construction loans to “unqualified Russian immigrant borrowers” accounted for 83 percent of troubled loans found in an October 2007 examination of the bank by regulators. The 21 fraudulent loans listed in the lawsuit against Westsound Bank directors total more than $29.5 million. The FDIC estimates its losses on these loans at more than $10 million. All 21 loans should have been reviewed by a board-level loan committee, the suit said. Instead, they were “approved through a largely automated process,” the FDIC alleges. It said the bank made “numerous” favorable insider loans. It cites seven such loans totaling more than $3.1 million, which resulted in losses to the FDIC of at least $1.7 million. Source:

19. November 21, Associated Press – (National) Criminal probe into online mortgage scams widens. A criminal investigation into mortgage swindlers expanded beyond deceptive advertising on Google’s Internet search engine to root out con artists who were luring their victims on Bing and Yahoo, the Associated Press reported November 21. News of the widening probe confirmed the Internet’s three largest search engines were turned into tools of prey for crooks looking to bilk homeowners scrambling to avoid foreclosure. The scams involved online ads making bogus promises to help people hold onto their homes under a government-backed program to modify mortgage payments. After finding their victims using ads triggered by phrases such as “stop foreclosure,” the swindlers extracted upfront fees or arranged to have the mortgage payments sent to them without providing any help. The crackdown shuttered 125 mortgage scams by November 21, up from 85 the week of November 14, when the Office of the Special Inspector General for the Troubled Asset Relief Program announced it was cleaning up misconduct on Google. The U.S. Treasury Department division said many con artists bought ads on all three search engines. Like Google, Microsoft’s Bing search engine agreed to stop accepting ads from hundreds of Internet advertisers and agencies tied to the scams. The ban also applies to Yahoo, because it depends on Microsoft to sell its search advertising as part of a revenue-sharing partnership. Source:

20. November 21, Pittsburgh Tribune-Review – (Pennsylvania) New Brighton man pleads guilty to mortgage fraud. A New Brighton, Pennsylvania man pleaded guilty November 21 to federal charges connected to a fraud in which he and others obtained tens of millions of dollars in loans by selling properties to each other at elevated prices. The man orchestrated the scheme through his mortgage broker business, Beaver Financial Services, prosecutors said. A majority of the loans were for commercial properties the man controlled and that he sold to another company he also controlled, according to prosecutors. He pleaded guilty to conspiring to commit mail, wire, and bank fraud, and conspiring to launder money. The money laundering charge is based on the man using accounts in other people’s names and corporations that exist only on paper to hide the money obtained in the mortgage fraud, prosecutors said. Source:

21. November 21, Naples Daily News – (Florida) Three men arrested after deputies find $1 million in bogus credit cards. A traffic stop on Interstate 75 in Florida November 20 ended with Lee County Sheriff’s deputies arresting 3 men and confiscating 123 cloned credit cards with an approximate value of $1 million if used as intended. It was the largest single seizure of cloned credit cards by the agency. Detectives with the the economic crimes unit said the bogus cards contained credit information of skimmed card accounts belonging to victims of identity theft. The three suspects were each charged with possession of cloned credit cards, and trafficking in cloned credit cards. Source:

22. November 18, Washington Post and Bloomberg – (District of Columbia; Maryland; Virginia) Millions lost in local Ponzi scheme. A man ran a Ponzi scheme that cheated investors in the Washington, D.C. area, including charities, out of millions of dollars, the Securities and Exchange Commission (SEC) said November 18. The broker told investors they could earn annual returns of about 20 percent with little or no risk, and he showed one prospective client, a Baptist church, a fake letter of recommendation from the Charles Schwab brokerage firm, the SEC alleged. He was actually losing money on risky options trades, and using funds invested by some clients to make interest payments to others, the SEC charged in a civil lawsuit. The scheme collapsed in 2010. From 2005 to 2010, investors put in more than $27 million, the SEC said. The lawsuit did not say how much they lost overall. The defendant, a former employee of mortgage giant Fannie Mae, diverted $5 million of clients’ funds for personal gain, the SEC said. He also made hundreds of thousands of dollars of unwarranted payments to family and friends. The SEC also sued the man’s businesses, Gibraltar Asset Management Group and Garfield Taylor Inc., and five collaborators. The Hillcrest Children’s Center, a Washington charity for impoverished single mothers and their children, sued the broker in January, alleging he and other defendants had lost or misappropriated almost all of the $8 million the center entrusted to them. The broker’s more than 130 investors included many middle-class people spread across local communities such as Lanham, Germantown, Upper Marlboro, and Alexandria, the SEC said. In 2010, the broker’s businesses lost almost $300,000 on its trading while paying out $1.4 million to investors. Though it was selling securities, Gibraltar never registered with the SEC, and did not give clients audited financial statements, the SEC said. Source:

Information Technology

38. November 21, Saginaw News – (Michigan) Chemical vapor leak at Hemlock Semiconductor Group. A chemical vapor leak at Hemlock Semiconductor Group’s (HSC) manufacturing site November 20 forced the facility in Saginaw County, Michigan, to close for about 30 minutes. No injuries were reported, but roads were blocked around the factory and nearby residents were told to stay indoors. The Thomas Township fire chief said HSC called at 10:40 a.m. seeking backup as a precaution. The Richland Township fire department also responded. The leak was a minor vapor release that extended beyond the plant’s fence line, a spokeswoman for Hemlock said in a statement. Residents within 1 mile northeast of the plant were asked to stay in their homes, but the Thomas Township fire chief said none of the gas release was detected off HSC property. The contaminant leaked was chlorosilane, he said. He said it gives off an odor similar to ammonia and irritates they eyes and throat. He said workers were conducting a maintenance operation and cleaning a vessel. Fire and HSC officials are investigating. Source:

39. November 21, CNET News – (International) Android’s a malware magnet, says McAfee. Malware targeting Android devices continues to surge, according to a new report from McAfee, pushing 2011 to become the busiest year in history for mobile and general malware. The amount of malware infecting Android devices during the third quarter grew almost 37 percent from the second quarter, according to McAfee’s Third-Quarter Threats Report. Android’s growing demand among consumers has made it an increasingly ripe and inviting target for cybercriminals — almost all new mobile malware over the third quarter was aimed squarely at Android. Among all mobile platforms, Nokia’s Symbian OS still saw the greatest amount of malware. As a result of the onslaught against Android and the growth in overall malware, McAfee believes the industry will see 75 million unique pieces of malware by the end of the year, up from its previous forecast of 70 million. Phony antivirus products, AutoRun malware, and password-stealing trojans were among the most common types of malware in the quarter, staging a rebound from previous quarters. Malware aimed at the Mac also continues to grow. The number of botnet infections inched down over the third quarter but staged dramatic gains in countries such as Argentina, Indonesia, Russia, and Venezuela. Cutwail, Festi, and Lethic proved to be the most dangerous and damaging botnets last quarter. Though spam dropped in numbers since 2007, it has grown in sophistication, according to McAfee. Spearphishing, or targeted spam, is increasingly being adopted by more attackers and is proving to be highly effective. Source:

For more stories, see items 19 above in the Banking and Finance Sector and 41 below in the Communications Sector

Communications Sector

40. November 21, KGW 8 Portland – (Oregon) Portland TV stations lose signal. Three Portland, Oregon television stations lost their signal on many carriers November 20, and again for a short time early November 21, and wild weather was being blamed. The broadcasts from Channels 2, 6, and 8 went dark for many cable, satellite, and over-the-air users at about 8:30 p.m. November 20. KGW 8 Portland engineers created a solution at about 9:30 p.m. that restored broadcasts for Channel 8 viewers. The other two stations were able to restore their signal later November 20. A tree fell into a power line, and the power line then damaged the fiber line that connects all three stations to their transmitters in the West Hills, triggering the outage. Channel 12 was not affected because its studios are located in Beaverton, so its fiber line runs along a different route from the Sylvan Hills. The three Portland stations also experienced a brief outage around 4:30 a.m. November 21 while the main fiber line was severed to complete repairs. All three stations were using backup transmitters until the repairs could be completed. Full repair of the fiber line was expected by around noon November 21. Source:

41. November 21, Computerworld – (International) AT&T says attempted hack of customer accounts failed. AT&T November 21 acknowledged an organized attempt to hack information on fewer than 1 percent of its 100 million wireless customers, but it said no accounts were breached. A spokesman said the hackers appear to have used auto-script technology to find whether AT&T telephone numbers were linked to online AT&T accounts. He did not elaborate, but said an investigation is continuing. The spokesman said fewer than 1 percent of AT&T’s 100.7 million wireless subscribers were contacted by hackers through e-mail — a number that could mean about 1 million customers were affected. “Our investigation is ongoing to determine the source or intent of the attempt to gather this information,” the AT&T spokesman said. He said the AT&T account holders were advised of the attempt “out of an abundance of caution.” Source:

For another story, see item 35 above in the Information Technology Sector