Cyber criminals are evolving at an alarming rate. Cyber-security product developers are on an infinite loop with felons, each trying to out fox the other with regards to data breaches. Security is absolutely necessary for brick and mortar establishments due to a myriad of reasons, but in 2019, the name of the game is cyber-security. Not only are data breaches an efficient way to steal trade secrets and financial information from businesses, but they can also be done remotely. A proficient hacker or scammer can access a company’s vital company information from halfway across the world, and from that same location, can devastate the company. Within minutes, they can access financial information, trade secrets, distribution and delivery schedules, and private customer information. To prevent this from happening to your business, here are 5 cyber security measures every business should have:
Iron-clad Passwords
This is Internet 101. Since the birth of the World Wide Web, we’ve been educating adults and children alike on the importance of having a strong password to access online accounts. Whether it’s a company’s financial information, or a Grubhub app on an executive’s phone, thieves can crack weak passwords to gain access. As such, it’s important passwords never contain personal information about an individual, especially if that information is visible on social media. Parents often include the name of their kids in their passwords, using their dates of birth for any numerical value requirement. Teens and young adults use the name of their favorite animal, sport, or music artist. Another common tactic is using common words that are easy to remember, and then spelling them backwards for a false sense of security. Experts at the National Cyber Security Alliance also do not recommend using sequences of characters that are near each other on the keyboard, such as “QWERTY,” the first six characters of the keyboard. The current recommended length for strong passwords is between 8-12 characters. If you’re unsure whether or not you password is secure, use an online password checker to verify the passwords level of cyber security.
Fortified Firewalls
Firewalls have been around almost as long as passwords. Firewalls are shields that protect your business from harmful or insidious traffic. When you connect to the internet, the system is constantly communicating with the wireless network, both sending and receiving units of information known as packets. Firewalls monitor these packets and perform a risk assessment, blocking unsafe packets. These firewalls protect your company’s data from unauthorized remote access by criminals.
Antivirus Protection
Roland Cloutier, the Chief Security Officer for ADP, calls antivirus software “the last line of defense” when protecting your company’s data from hackers and other cyber-criminals. Not only can remote criminals access and view a company’s vital information, but they can also install vicious malware that will copy the target’s hard drive, and subsequently render the machine inoperable. Installing anti-virus and anti-malware programs aren’t enough, though. These programs need to be updated regularly as part of the infinite loop mentioned earlier. Every time a criminal finds a way to bypass an anti-malware product, the product requires changes to combat those breaches.
Laptops and Mobile Phones
It’s important to secure laptop computers and mobile smartphones associated with your business. For this, experts recommend encryption software so any remote felon attempting to access or copy the hard drive cannot do so without the proper password. They also stress the importance of never leaving these devices in ones vehicle, where they are easily accessible to thieves. “Lock-out” options are also standard for these devices in 2019. This setting allows you to establish a time period during which the phone lies idle. After that period expires, the phone locks itself, preventing anyone from accessing it without the password. Smartphones and laptops with remote-wipe features must be enabled. This way, if your device falls into the wrong hands, you can remotely wipe the device and prevent the leak of sensitive company information.
Employee Education
Last, but never least, it’s important your workforce is educated on the security measures in place and regularly enforces them on a day-to-day basis. Companies often neglect employee education under the false impression their IT team will be able to resolve all issues whenever they arise. The fact is, even IT professionals cannot anticipate every cyber threat, and may not be up-to-date on the very latest in cyber-criminal tactics. An ounce of this education is worth a pound of cure—Despite the level of technology literacy in the United States in 2019, an employer or business owner cannot assume an employee’s level of security knowledge. The prevention starts with employees, providing them with an intimate knowledge of company operations and how cyber security measures protect them.
Regardless of your company’s industry or size, all businesses must update and maintain their cyber security. An ounce of prevention is worth a pound of cure when criminals can bypass cyber security, and devastate a company in minutes.
The invention of direct-deposit payments in electronic banking have likely saved companies millions of dollars over the years in labor hours, materials, and fees that previously caused problems for companies. However, in an age where your paycheck is sent automatically to your checking account, phishers are seeking to exploit this automation for personal gain.
The Internal Revenue Service has reported an upswing in various types of fraud that directly target a company’s payroll. While the ruses come in many forms, one of the most popular is phishing emails disguised as legitimate correspondence from an employee or upper management. It’s always an instruction to alter payroll information so that funds would be rerouted to the scammer’s bank account. Once the deed is done, the money is withdrawn and the company is responsible to replace the missing funds. While the FTC and the IRS are constantly reevaluating their strategies for containing these types of fraud, this particular scheme is hard to detect and often goes unreported. The email can outsmart security measures set down by the company or within a company’s email server, and scammers take amounts that can just be written off as unfortunate missteps on behalf of personnel.
Frauds such as these have gone through an evolution as security technology becomes more sophisticated and what we know about internet culture continues to grow. Internet frauds used to be about volume and inattention to detail—thus the birth of phishers, who sent emails rife with spelling and grammar mistakes out to mile-long email lists, casting a wide net throughout the web. Education about fraud has forced scammers to be more cautious. Today, companies who have seen this scam in its newest form remark that these phishing emails look so authentic that there may not be a question in their mind before obliging their request. Security measures that have risen from the nucleus of electronic banking combat wire fraud every day in the United States. Large sums in wire transfers now throw up giant red flags. Phishers and scammers are getting more bang for their buck by taking smaller amounts with more frequency, lurking below the radar. This does not require sophisticated hacking skills. Just the ability to open a Gmail account. Phishers make the account look cosmetically convincing, then throw out the lure. One of the most targeted entities is non-profit organizations, because of the benevolent nature of their business. The idea of someone ripping off a charity or relief organization is horrifying, but the simplicity of scams like this make the opportunity too lucrative to pass up.
It’s frightening how simple the fraud is to pull off, but there is recourse for businesses who are vulnerable to such a scam. One of the non-profits who fell prey to this scam was KVC Health Systems, an agency for child welfare in Kansas City. Their IT director, Erik Nyberg, says it starts with comprehensive education on company procedures, “The CEO is never going to email you out of the blue and ask you for any deposit changes. And if you have any sliver of a doubt, call the person who is making the request.” He goes on to discourage executives and upper management employees from using their personal email accounts to send staff correspondence, and to set email filters that will catch suspicious incoming messages. Social media managers are also cautioned against posting any company information to their pages that could serve to bolster a phisher’s credibility.
If your business has been the target of this wire fraud scam, you are encouraged to report them to the Federal Bureau of Investigation’s IC3 tip line.
Every business—from the mom-and-pop shop to corporate America—will encounter some form of crisis during their operation. Crises come in all shapes and sizes, including employee malingering, internal theft, brand protection, and a myriad of lawsuits that could bring an established business to its knees. When disaster strikes, it is the reflex of most companies to handle the matter internally, often delaying important investigative measures out of uncertainty, ignorance on how to proceed, or both. While an internal investigation allows a company to control available information and minimize any consequences, an independent external investigation conducted by a private investigator is the best course when it comes to finding a comprehensive solution to any corporate crisis. The important thing to remember is you cannot wait when a crisis arises, and hiring a private investigator should be one of the first items on your to-do list.
Independent private investigatiors provide the best solutions from the onset of the investigation. Investigators too often run into roadblocks during investigations because they are working from a narrative and timeline that has already been established by an internal party. When you have a qualified and objective investigator handling the investigation from the beginning, it lays a solid foundation that will lead to credible leads, proper gathering of evidence, and quality conversations with potential witnesses.
During a fact-finding process, internal investigators may not have considered all angles and left many leads unexplored. Potential witnesses within the workforce need to be interviewed and their statements recorded, but an internal investigator—usually a Human Resources representative or upper management employee—may not have the qualifications. Any witness testimony may be tainted because the investigator is not properly trained in interview and rapport. Witness statements could also be false or inconsistent because they fear reprisal from an internal investigator who may have clout when it comes to the employee’s future at that business. When a private investigator is retained weeks after the onset of the investigation, witness’s memories may be inaccurate or even non-existent. In some cases, an employee may have already left the company, or changed addresses. This results in more investigative measures required to locate that employee, which costs money and labor hours to the investigator.
Witness statements are valuable, but not so much as hard evidence that cannot be interpreted for a particular spin. One common example is surveillance footage. An internal investigator may think to pull surveillance footage from a single camera near the site of the incident or crisis, but the investigator may not pull surveillance footage from other cameras that could contain valuable information. Most companies invest in security systems that recycles surveillance tape after a short period of time, sometimes as little as five days. Once an independent private investigator is retained, valuable footage is gone, and other fact-finding measures will be necessary—again, more time and money at the cost to the company.
It is possible for an internal investigation to play out smoothly—at least at first glance. Even if the internal investigator is well-qualified to conduct the investigation, there will always be the question of objectivity when dealing with an internal investigation. A successful investigation that concludes with the termination of an employee who was found to be at fault for the crisis or incident has the potential to result in legal action. In this example, it would be a wrongful-termination suit. When argued in a court of law, it’s easy for the terminated employee to cast doubt on their former employer by citing the investigation into their wrongdoing was conducted by an internal employee with a direct stake in the outcome. When a private investigator handles the investigation from beginning to end, there will never be a question of objectivity, because a private investigator’s task is to find the truth—not manufacture a solution that will mollify their client.
When your company encounters a crisis, do not hesitate to retain a private investigator to find a solution. The time and resources spent on an internal investigation may all be in vain when the chips are down. To protect your business and its profits, take immediate action when a corporate crisis arrives by retaining a private investigator that will provide you with the expertise and objectivity for a successful solution.
If your business has encountered a corporate crisis, call Lauth Investigations International today for a free consultation. Call 317-951-1100 or find us online at www.lauthinveststg.wpengine.com
You receive a phone call and hear the voice of someone you don’t recognize. They tell you they have your child and will kill them unless you pay a ransom. They direct you not to call police or you will never see your child again.
What would you do?
You tell the person on the other end of the phone not to hang up. You don’t want to disconnect with the one person that can reunite you with your child. You plead for your child’s safe return. “Please don’t hurt her. I will do whatever you want,” you cry.
They demand you go to the bank and wire a ransom of several thousand dollars. Do you call the police? Do you pay the ransom and hope some thug will return your child to you safe?
A child going missing is every parent’s worst nightmare. For those who do have a missing child, living with such ambiguity is said to be the most traumatic of human experiences.
Sounds like a situation that only happens in the movies, right? Or, something only happening to the wealthy.
According to Newsweek, the Seattle Police Department is issuing warnings to parents advising scammers are targeting parents and demanding a ransom in exchange for the safe return of children they kidnapped . . . well, virtually kidnapped. Police throughout the country are following suit.
On March 8, 2017, in Ravensdale, Kings County, approximately 30 miles southeast of Seattle, a mother drops her children off at the school bus. Shortly thereafter, she receives a phone call from a man who threatened to kill her child if she didn’t pay a ransom.
The mother was able to reach out to the school to make sure her children were there. The school confirmed they were safe.
King’s County Sheriff’s Office told ABC News, this was the first reported incident in their jurisdiction.
In another case, a woman called a father “hysterically crying” claiming to be his daughter and stating she had been kidnapped. A man then got on the phone and told the dad if he didn’t pay a ransom, he would hurt his daughter.
Officers in Denver have responded to several reports of kidnappings. In a press release issued by the Denver Police Department, police say the caller demands a monetary payment in exchange for the release of the victim’s child. The caller dials the parents in the afternoon and demands the ransom to be wired to a bank.
After investigating the recent incidents in Denver, they determined the kidnappings were false and all children involved in the incidents were found safe.
Virtually Kidnapped Daughter
On Monday, April 16th, Sean Hollister was at his residence in Longmont, Colorado, about 15 miles northeast of Boulder, and received a frightening call from his 11-year old daughter who he thought was at school.
“My daughter was in tears, sobbing,” Hollister told the Times-Call. “I thought she was in trouble or something. She said, ‘Dad, I’m sorry I let this happen,’ which is exactly what she would say,” Hollister said.
“I said, ‘What’s wrong,’ and I offered up her name, so he knew my kid’s name,” Hollister said a man got on the phone and told him, “I got your daughter in a truck. She is on her way to Mexico.”
When Hollister told the man he was calling the police, the girl came back on the phone screaming. “Daddy, they are cutting me. Don’t call 911.”
Hollister was able to call police on his cell phone. “The caller told Hollister to get his wallet and identification and promptly leave the house.
Victims of “virtual kidnapping” describe the incident as traumatic.
Hollister’s postman was in the yard when he walked outside. “I’m mouthing ‘Help me,’ and he is freaking out,” said Hollister.
Longmont police showed up at his home fast and they took over from there and the caller hung up. Officers quickly determined Hollister’s daughter was safe.
The traumatized father would later find out the callers were trying to pull off a “virtual kidnapping” scam.
“The gap between the cops getting there and finding out my daughter is okay was terrifying,” said Hollister. “Who would think someone would be that cruel?”
Hollister’s caller had a Mexico number, but police say it is possible the caller was local and hijacked the number to appear like the call was made from out of the country.
In yet another case, a woman received a frantic call her brother had been kidnapped, injured and bleeding out, demanding thousands of dollars through a wire to return him safely. She was able to reach her brother on another phone and never paid any money, but a clear sign anyone can be a victim of this type of horrific scam.
According to FBI kidnapping expert, Agent Eric Arbuthnot, several organizations use these scams regularly to make money.
“Thousands of dollars in ransom,” said Arbuthnot. “And you’re talking about a criminal organization that is capable of doing more than one kidnapping at a time.”
According to Arbuthnot many of the cases have been happening on the West coast and along the border involving criminal organizations from Mexico, some claiming to be members of the cartel.
The FBI has seen recent increases in California, Nevada, New York, and Texas.
Monroe Police Department in Connecticut said by using social media, scammers can identify a victim, look up relatives, and reference names of family members and friends to make the call appear legitimate.
FBI Supervisory Agent Christopher Johnson said his office in St. Louis, Missouri deals with these types of crimes. “Scammers will often mention specific facts about the parent or victim, likely from information they were able to obtain online.”
Authorities say about one in five kidnapping cases are successful resulting in the criminal getting their ransom and not getting caught. While extortion has been around for decades, virtual ransom kidnapping calls are increasing around the country.
FBI Special Agent Glenn Milnor warns parents about virtual kidnapping.
With this emerging scam, the FBI has launched a nationwide campaign to warn parents to fight back against “virtual kidnapping.”
If you receive a virtual kidnapping ransom call…
Unlike traditional kidnapping schemes, a “virtual kidnapper” has not actually kidnapped anyone. According to the Federal Bureau of Investigation, if you receive a call from an individual demanding a ransom for the safe return of a kidnap victim, it is suggested you quickly evaluate the following to determine if you are receiving a legitimate ransom call:
Caller insists you stay on the phone.
Call does not come from your child’s cell phone.
Caller tries to stop you from contacting the kidnap victim.
Call includes demand for ransom to be paid via wire transfer.
Ransom amounts may decrease quickly.
Knowing what to do
Police say it is best to hang up the phone; however, if you continue the conversation pay attention to the following:
If you engage the caller, don’t call out your loved one’s name.
Deliberately try to slow the situation down and ask to speak to your child directly.
Ask “proof of life” questions like, “How do I know my loved one is okay?”
To gain confirmation if your child is an actual kidnapping victim, ask questions only your child would know such as the name of a pet.
Listen very closely to the voice of the person speaking. If possible record the call.
Have someone else try to call your child’s cell phone, school, text, social media, etc., to confirm their safety.
To buy time, repeat the caller’s request and tell them you are writing down the demand or tell the caller you need time to make arrangements.
Don’t agree to pay a ransom: by wire or in person.
Don’t deliver money in person.
Immediately call your local FBI office and police.
According to the National Crime Information Center (NCIC), as of March 31, 2017, there were 86,618 active missing person cases in the FBI database, with 8,792 entered as involuntary.
Experts agree an actual kidnapping with a ransom demand is quite rare but all experts urge parents to be vigilant.
From Latin, it means “buyer beware.” It’s a phrase that conjures scenes from the famous tale of “Jack and the Beanstalk.” Young Jack’s mother, filled with shame and frustration, regrets sending her son to market after finding out he’d sold their most valuable possession—their cow—for a handful of beans. Jack’s mother feared her son had been a victim of consumer fraud, and unfortunately, it is far from fiction.
In many ways, capitalist America is the perfect hunting ground for the man with the magic beans. America is one of the largest consumer nations on the globe. Securing an excellent deal on goods and services means bragging to your friends about how you got the new lawnmower for a song. The consumer feels intelligent and capable, as if they managed to somehow trick the store or salesperson into giving it to them at an attractive price. American consumers chase this feeling by attending special sales, racking up credit card debt, and turning coupon-clipping into an Olympic sport—all in the interest of outsmarting the man with the magic beans.
Luckily for American consumers, there are institutions that help protect them from consumer fraud, such as the Better Business Bureau, which identifies problematic businesses that might swindle American consumers out of their hard-earned money. There’s the Federal Trade Commission, a government agency policing business practices and policies to protect American consumers and regulate competition within industries to maintain a healthy, well-balanced economy. In the long century since both of these institutions were established, the man with the magic beans has also changed and evolved, just like any predator.
One of the most common types of consumer fraud in America is mortgage fraud. Owning one’s home is still very much a part of the American dream. Americans shop for homes for months, searching for the certainty they will not overpay for their homes. Those who have morbidly derelict credit are afraid to answer the phone, desperate to evade bill collectors, petrified of losing their home. They are perfect targets for criminals running foreclosure-rescue schemes. The Federal Bureau of Investigation defines it as “perpetrators profit by selling the property to an investor or straw borrower, creating equity using a fraudulent appraisal, and stealing the seller proceeds or fees paid by the homeowners.” Perpetrators convince the debtor they can transfer their poor credit into the name of a third-party investor (i.e. the perpetrator), renting their property until such a time their credit is once again in sufficient standing. The perpetrator fails to make the mortgage payments on behalf of the victim and pockets the profit.
As technology advances, there are more convenient ways to pay for goods and services with the rise of electronic pay, using applications and online services to pay bills. It might be the best way to avoid another common type of consumer fraud: debit-card fraud. Many Americans are familiar with credit card fraud but might believe their debit cards are safe. Ken Stalcup, a certified fraud examiner working with Somerset in Indianapolis, identifies these types of fraud for a living, but even he is not immune to consumer fraud. He was just paying the bill at a restaurant. The waitress disappeared out of sight with his debit card to clear his bill, and when she returned, nothing was amiss. However, Stalcup’s bank was alerted when it appeared his debit card was used to purchase computer equipment almost halfway around the world. The waitress had sold his card information, enabling other criminals to steal from him. His advice to other vulnerable consumers is to “avoid letting their debit cards out of sight and check their accounts daily.”
One of the most devious forms of consumer fraud is charity frauds. Fake charities are set up with the intention of exploiting humanity’s capacity for the desire to help those less fortunate than oneself using the same system that real charities use to collect legal donations. According to a 2011 statement by the FTC, they received more than 30,000 reports of people making donations to fraudulent charities. Just as easily as Americans are vulnerable to a good deal, they are also vulnerable to putting their money towards a charitable cause, whether out of actual benevolence or the appearance of such. These predators are especially fond of slithering out of the woodwork in the wake of natural disasters such as hurricanes like Katrina and Maria that devastated both New Orleans and Puerto Rico respectively. These tactics add a brand-new level of sleaze to consumer fraud, taking advantage of the American need to help their fellow man.
In addition to remaining an informed and skeptical consumer, there are other ways you can protect yourself from consumer fraud. Enlisting the help of a private investigator or a similar inquisitive entity can help you protect yourself from scams like those mentioned above and resolving these frauds after they are perpetrated. A private investigator’s job is to serve the specific needs of their client, diligently capturing the entire picture of how severely the consumer might have been affected by a particular fraud. Of course, they can be a perfect tool for exposing the agencies that claim to want your money and knowing exactly where the money is going. Local authorities are often overwhelmed by crime statistics that force them to practice triage when dealing with different types of cases. Private investigators have an invaluable list of tools at their disposal, which they can often use without the restraints legislation places on law enforcement. Whether you’re outsourcing to a third party or taking your personal consumer protection into your own hands, never let your guard down when it comes to the man with the magic beans.
One of the most common types of consumer fraud in America is mortgage fraud. Owning one’s home is still very much a part of the American dream. Americans shop for homes for months, searching for the certainty they will not overpay for their homes. Those who have morbidly derelict credit are afraid to answer the phone, desperate to evade bill collectors, petrified of losing their home. They are perfect targets for criminals running foreclosure-rescue schemes. The 
In addition to remaining an informed and skeptical consumer, there are other ways you can protect yourself from consumer fraud. Enlisting the help of a private investigator or a similar inquisitive entity can help you protect yourself from scams like those mentioned above and resolving these frauds after they are perpetrated. A private investigator’s job is to serve the specific needs of their client, diligently capturing the entire picture of how severely the consumer might have been affected by a particular fraud. Of course, they can be a perfect tool for exposing the agencies that claim to want your money and knowing exactly where the money is going. Local authorities are often overwhelmed by crime statistics that force them to practice triage when dealing with different types of cases. Private investigators have an invaluable list of tools at their disposal, which they can often use without the restraints legislation places on law enforcement. Whether you’re outsourcing to a third party or taking your personal consumer protection into your own hands, never let your guard down when it comes to the man with the magic beans.