Providing RM Training, Consulting, Speakers, Workshops and Resources from RMLC Faculty & Affiliates under the direction of:

CPP, CFE, Private Detective, ACFEI Homeland Security Level III


About UsFacultyPresentationsWorkshopsR&D LibraryWhite

   Rich Woldt - CPP, CFE RMLC Owner & CEO... 
Welcome... In 2004 we published an e-News but quickly realized there are too many already all ready out there so we now attempt to lead you to those we have found to be credible.
I recommend you first read your trade association monthly news letters and than go to our R&D library and our continuing education center for the latest RM information.
E-mail Updates and consultations upon request - NO SPAM
Periodically our faculty will publish an
RM007 e-mailed comment on an important Risk Management concern such as during a national crises or to update our list of risk specific workshops, presentations, additions to our security catalog or remind you of an RMLC learning opportunity... Sign up today.



Tips for creating your own...

Annual Meeting Presentations
Chapter Meeting Presentations
Staff Training
Workshops & Seminars


This section will be back up in 2006...
On-line Store



Seminar Tri-folds
Professional Associations
Trade Associations

Security Companies
Research Links
Credit Union History & Traditions


Press Packet

RM007 Current e-News
October 7, 2005

I am willing to bet…
that US credit unions who weathered recent storms with CUNA Management School graduates at the helm were well-prepared, ready to act and are recovering quicker than credit unions or companies not blessed with CUNA expertise.

It's a bit tongue-in-cheek, but a review of my notes from Southeast CU School in Athens, Southwest in Denton and the RM sessions conducted recently in Madison found that contingency planning was taught in most 1st and 2nd year classes from 1972 though Y2K. This e-News will provide a summary of what those students learned and what we have recently added.

In the early '70's when NCUA issued Regulation #749 dealing with offsite storage of credit union records we taught cost-effective methods of duplicating month end share and loan trial balances and that "big black book" - the general ledger. Many credit unions ship their back-up records to the salt mines in Hutchinson Kansas.

Students in the mid '70s learned about a grandfather-father-son system based on tornado losses and recovery problems seen after hurricanes. In the '80s when the threat of earthquakes in California and even the Midwest gave a wake up call, "Disaster Recovery" was elevated to "Business Resumption.".

RM Students were instructed to make sure to brief upper management and officials on how to select and train "Damage Assessment and Disaster Recovery Teams" as well as how to plan for succession in management. As Y2K approached, students learned to expand their "Business Resumption" plans to include the latest in "Contingency Planning" protocols.

At Denton, TX students learned the latest response protocols based on 9/11 and anyone attending the Texas CUL RM workshops had Credit Union Incident Command System (CUICS) training. Last month San Antonio learned to apply CUICS strategies and Dallas completed advanced CUICS yesterday.
Credit unions in the Indiana region are reminded that a two-day RM workshop is scheduled in Indianapolis on October 20 and 21. Credit unions in Great Britain will be provided with CUICS training at the Industrial Conference in Birmingham in November and the Jamaica Credit Union League is scheduling advanced CUICS as soon as they dig out from Ivan.

I have confidence in our credit union movement and in our ability to prepare for, act and recover from any critical incident. After being put to the test of four hurricanes in a year, we can all take pride in the way that Florida credit unions and all those others along the gulf and up the East coast inspired us with their bravery and courage during a very tough time.

The RMLC faculty stands ready to assist in many ways… the
3rd annual RM Cruise through the Western Caribbean has been accordingly expanded to include advanced CUICS training, focusing in 2005 on what happened to our credit union friends who weathered the storms of '04.

Spoofing and Phishing (pronounced “fishing”) are somewhat synonymous in that they refer to forged or faked electronic documents. Spoofing generally refers to the dissemination of e-mail which is forged to appear as though it was sent by someone other than the actual sender. Phishing, often utilized in conjunction with spoofed e-mail, is the creation of a Web site to make that site appear as the legitimate business website. Once the fraudulent website has been launched, the spoofed Web sites attempt to dupe the unsuspecting victims into divulging sensitive information, such as passwords, credit card and bank account numbers. The victim usually traverses to the spoofed website via a hyperlink that was provided to him/her in a spoofed e-mail.


Recently the Internet Crime Complaint Center (IC3) has seen a new breed of Phishing scams being advertised in spam e-mails. Old Phishing scams would reconstruct a look-alike site for whoever they were trying to impersonate. If they were trying to target eBay users by claiming they needed to update their personal information, for example, the phishers would use all of the images and formatting associated with a legitimate eBay page, to attempt to make their fraudulent web pages/emails look authentic. The phishing page would be located on the phisher's site. It would collect all of the information from the victims; e-mail that data to an email address controlled by the phisher, and then redirect the victim to the actual site being impersonated. By redirecting to the real site at the end, the victim would be more likely to believe that the whole thing was legitimate.

Although the IC3 still receives reports of phishing scams like this, we have seen multiple new scams that use a very different technique. First of all, the e-mails advertising these scams put the body of the message into an image file, which makes filtering much more difficult. Secondly, the actual phishing site will use JavaScript to open a new window in the foreground that harvests the victim's information, and will load the site being impersonated in the background to make the scam look even more authentic. Although these methods do not make tracking the scam any easier or harder, they are likely to fool more people into thinking that it is legitimate.

Another method used in the e-mail is to put the entire message into an image, and to put that image in the body of the e-mail. So the whole "Dear Mr. X, you need to update your account info" would be in an image file. This entire image is then covered with a clear image. Whenever the clear image is clicked on, it sends the user to the phishing page.

You can get more information on this and other cyber schemes at the U.S. Department of Justice's Operation Web Snare.

For more information on upcoming events, bios on the Risk Management Learning Center's expert team of advisors and speakers, a curriculum of specific topical subject matter suitable for delivery to your own management team, staff and/or board of directors through workshops, lectures or presentations please visit
Go to white papers or to our R&D library for current information.
Past e-News Releases:
Wednesday September 8, 2004

Friday September 17, 2004



Profile | Press Packet | Annual Meetings | Chapter Meetings | Staff Training | Workshops | Consulting Services
Flyers | Posters | Brochures | Manuals | Videos | Security & Safety Equipment | RM Faculty | RM Curriculum
RM007 e-News | Credit Union History | Professional Associations | Trade Associations | Security Companies | Related Links

2005 All Rights Reserved
This web site is published by Rich Woldt. For more information and the latest and greatest Risk Management support email Rich at: or call 608-712-7880.