A recently unsealed federal indictment in Oklahoma offers a detailed look into an alleged mail theft and check fraud conspiracy, highlighting methods fraudsters are increasingly using across the U.S. to steal money from banks and credit unions and underscoring what bankers can do to fight back.
The case, led by the U.S. Postal Inspection Service, charges eight individuals with conspiracy to commit bank fraud and other related offenses. The group allegedly netted over $100,000 using fraudulent checks.
The scheme serves as a stark example of the challenges banks and credit unions face in check fraud, which has been
How the scheme worked
Derry Lee Davis, 23, from Oklahoma City, allegedly led the scheme. Antajaun Monzelle Brown Jr., 24, and Amaurion Ramone Norment, 21, both of Oklahoma City, also allegedly played central roles in the scheme, according to
The five other people named were all ages 21 to 23.
According to the allegations, the conspiracy began around or before July 2022 and continued through December 2024. The primary method involved stealing mail from USPS collection boxes, or "blue boxes," in the Oklahoma City area using a stolen USPS arrow key.
Arrow keys are universal master keys used by postal personnel to access these boxes. Check fraud has
Once the alleged fraudsters stole checks from the mail, they allegedly altered information on the checks, such as changing the payee name and sometimes the dollar amount, according to the indictment. This process of altering checks is commonly known as "washing," often using chemicals to remove ink. In other cases, checks stolen from the mail are used as templates to create entirely counterfeit checks.
To deposit these altered checks, the alleged conspirators recruited others, often referred to as "money mules," according to the indictment.
The conspirators recruited these so-called mules through social media advertisements promising an easy way to make money, though the indictment did not specify which social media platforms had these advertisements.
Recruits allegedly agreed to allow forged checks to be deposited into their bank accounts in exchange for a portion of the proceeds, according to the indictment. Fraudsters frequently use accounts opened by mules or with stolen or synthetic identities to deposit fraudulent checks and obscure the source.
In some instances, those leading the scheme requested debit cards, account PINs, and online banking login information from recruits to access their accounts, deposit checks and transfer funds after they cleared, according to the indictment.
After checks cleared, the alleged leaders would request their share of the proceeds in cash or via electronic transfer, sometimes withdrawing funds themselves, according to the indictment.
All told, the alleged fraudsters stole hundreds of checks and forged checks totaling more than $100,000 in value, according to the indictment. The overall value of forged checks is likely higher, in part because the indictment, unsealed this week by the United States District Court for the Western District of Oklahoma, is missing a page.
Banking system vulnerabilities exploited
The alleged scheme involved accounts at multiple federally insured financial institutions, including JPMorganChase, Bank of America, MidFirst Bank, Bank of Oklahoma, Tinker Federal Credit Union and Focus Federal Credit Union, according to the indictment.
The speed and automation of check processing, particularly through methods like mobile deposit, can make it difficult for banks to detect fraudulent items before funds are made available. Bank policies may also have thresholds below which checks receive less scrutiny, although low-value fraudulent checks can quickly add up to significant losses.
In the Oklahoma case, prosecutors highlighted only one instance in which a bank did not clear a fraudulent check. Around June 5, 2023, Davis allegedly attempted to deposit a fraudulent check of $5,000 into the personal Chase bank account of an unnamed conspirator. The check was drawn on a personal account at Focus. Chase did not clear the check, according to the indictment.
In every other case cited in the indictment, the bank or credit union into which a fraudulent check was supposed to be deposited apparently cleared the check. Each of these checks individually were in the amount of $5,000 or slightly less. The banks and credit unions that accepted these checks include Chase, MidFirst, Bank of Oklahoma and Tinker.
Charges and broader context
The defendants in the Oklahoma case are charged with conspiracy to commit bank fraud, which carries a potential sentence of up to 30 years in federal prison if convicted, according to
Specific defendants face additional charges, including bank fraud, possession of a forged security, possession of a stolen USPS key and possession of stolen mail, with potential sentences varying by charge.
Nationwide, check fraud is a major concern, with Suspicious Activity Reports, or SARs, related to check fraud nearly doubling from 2021 to 2023, according to the FBI's Internet Crime Complaint Center, or IC3.
Banks are
The Postal Police Officers Association's Albergo
As the alleged Oklahoma scheme illustrates, check fraud involves a chain of criminal activity, from mail theft to check alteration and depositing funds using recruited individuals and accounts. This complexity contributes to the
What bankers can learn from this fraud scheme
The indictment in Oklahoma City highlights a specific instance of how criminals leverage mail theft, stolen postal keys, check alteration and money mules, often recruited via social media, to commit bank fraud.
This mirrors patterns seen nationwide, where check fraud has dramatically increased, fueled by factors like mail theft and the use of fraudulent accounts. Combating this requires a multi-faceted approach involving specific actions from various banking teams.
Here are some lessons bank leaders can take away from this case.
- Make fraud prevention a top spending priority, particularly investing in technology, as many
other banks have started doing . - Ensure rigorous examination and enforcement of rules related to know your customer (KYC), customer due diligence and customer identification. Allowing fraudulent "mule" accounts to be opened, especially online or via mobile, fuels check fraud.
- Support efforts to push regulators for tougher sector-wide enforcement of KYC laws.
- Advocate for regulators to, across the financial sector, shift the liability for check fraud losses to the banks of first deposit.
- Be responsive to fraud claim complaints from other banks, working to resolve claims as quickly and efficiently as possible and providing prompt reimbursement. Waiting months or over a year for repayment contradicts standing rules and creates significant problems for smaller institutions.
- Work with other banks and payments companies to fight scams collectively, recognizing that fraud rings operate globally. Be open to sharing fraud-related information, as it's crucial given that the bank often only sees the payment request in the final stages of a scam.
- Consider hiring more staff specifically to police check fraud, acknowledging that checks aren't getting more secure and someone needs to monitor them closely.
- Educate the bank's board and senior management on the sophistication of check fraud techniques, including washing and counterfeiting, and the challenges they pose.
