Tom Meehan to Deliver Keynote at the 2018 GRAORCA Retail Crime Conference on the Subject of Dark Web Investigations

ATLANTA, Ga., (August 23, 2018) – CONTROLTEK’s Tom Meehan, a nationally recognized expert on cybersecurity and shrink reduction, will be speaking on the subjects of dark web investigations, organized retail crime (ORC) and cybercrime at the 8th Annual GRAORCA Retail Crime Conference in the Atlanta area on August 29, 2018.

This one-day event provides law enforcement and loss prevention professionals networking, information sharing, and training opportunities. The following topics will be covered at the meeting:

  • The Key to Effective Communication, presented by Kimberly Overton, chief resource prosecutor with the NC Conference of District Attorneys
  • Dark Web Investigations: Discovering the Secret Side of the Internet, presented by Tom Meehan, CFI
  • Narrowing the Gap of ORC and Cybercrime, presented by Tom Meehan, CFI
  • Motivating and Inspiring the Workforce to Expect and Work Toward Greatness presented by Judge Glenda Hatchett

The meeting will take place from 8 a.m. to 3:30 p.m. Eastern, at The Hyatt Regency, Atlanta, 265 Peachtree St. NE, Atlanta, GA, 30303.

For more information and to register for the event, please visit the GRAORCA website.

How to Use Google to Find Your Flight Info

Tired of keeping track of all the different airline apps and remembering their usernames and passwords? Instead, try Google. In the Google search bar type in airline and flight number (for example, UA 1555) and it will give you all the relevant flight info for that flight. Google also has all the FAA info. Skip the airline app the next time you need to quickly find you flight information and give this a try.

How to Build a Better Interview
(Hint: It’s in the Data)

We all know the value of a solid investigation when the time comes to sit down with a subject. It can do wonders to boost your confidence level when you have thought through every possible explanation and excuse.  It’s sort of like studying for finals— sure you probably know the information, but giving yourself the insurance of going over the materials again gives you a mental edge.

In the rush to get the associate in the seat, I’ll be the first to admit that I have taken shortcuts and skipped steps in the investigative process.  Among my many reasons for doing so: they may quit if I wait too long; I‘m sure I can get an admission; there’s pressure to close the case; there’s my own impatience, etc.  Am I alone here?  But with all the investigative tools available to us, we are doing a disservice to our companies if we rush to close.

Don’t get me wrong – I’m not saying drag it out over the next few weeks or months because we have one more day of video to review or one more report to run. The investigation needs to be thorough but expeditious. Get what you need and move on. As you move towards closure, what you might need are rationalizations and possible motives. Why not use Exception Based Reporting (EBR) for this and let it do more for you than simply identify fraudulent transactions?

The next time you are putting together your game plan and considering which tactics and rationalizations to use during the interview, think about taking one more spin through your EBR system. When you first built your investigation you were looking for fraud patterns; now look at it from the perspective of the interviewer. What could be in the data that might help you build a rationalization?

Shopping Patterns

Run a query on all the subject’s purchases. Do you see a lot of kid’s clothes, formula, diapers, etc.?  How about a rationalization involving financial pressures and how hard it is to make ends meet?  Are there purchases of trendy items like iPhone accessories, electronics or jewelry?  This could be a good time to use peer pressure or an impulse rationalization.  For example, in an investigation I conducted a few years ago, the subject I was researching was a young female, 18 years of age, who lived at home and was going to college.  I knew from speaking to her managers that she didn’t have any children yet.  But when I looked at her purchases, I noticed she had bought a pretty significant amount of infant’s items.  Her method of theft was refund fraud and merchandise theft.  Based on the data from her employee purchase query, I made an educated guess that she was stealing to provide for her family or a friend, and from there I developed a peer pressure rationalization.  It turned out she was stealing for her boyfriend who had an infant and the rationalization worked perfectly.

Theft Patterns

Run a query against the managers’ schedules to see who was on duty when the thefts occurred.  If a pattern emerges, you may be able to put together a theory on opportunity and operational breakdowns, which can be validated during the interview.  For the upcoming interview, you may be able to craft a rationalization which places blame on poor management or unfair management practices.  There might be another reason why your subject is stealing while a particular manager is working – collusion!  Prepare to talk about peer pressure in this interview too.

Payment Methods

Again, using the employee purchase query, take a look at all the different credit cards the subject uses.  Multiple cards could indicate some financial pressure.  This could also indicate they are using another individual’s card and giving out their discount, which is more icing on the cake but also a source of possible rationalizations (such as peer pressure).

Investigation Efficiency

While we earn our keep by closing the case, discerning the truth and providing a clean termination, we also add value through development of the admission and obtaining implications.  Let’s face it – investigations can be fun but also time consuming and costly. If we do a better job up front using EBR to help us develop the admission and implications we can cut costs and losses for our company.

Collusion

Look at fraudulent activity patterns to mine for possible collusion.  As mentioned earlier, the manager on duty who has signed every fake refund may very well be involved.  Don’t forget to ask about this during your interview, as an assumptive question, with a follow-up question!

Take a Wider Look

Don’t be afraid to use the data to delve into any possible area of theft.  Maybe you have some fishy no-sales or post-voids but no video to back them up.  It never hurts to plow the whole field in an interview! Go ahead and try to develop these areas.

Use the EBR Data as a Wedge

The subject will minimize – after all, that’s their job while they are in the seat opposite you.  Referencing the investigation can help you build credibility and reestablish your confidence if you have received some denials.  It’s always a great safety net to have that ace up your sleeve. Just knowing it’s there can help you make it through some tough moments in an interview.

Use every weapon you have in your arsenal to build the investigation and then close it out to its fullest.  One of the great things about using EBR is that the technology has advanced far enough that investigations can be wrapped up quicker, more thoroughly and without all the legwork of the past.  Does anyone besides me remember rolling up journal tapes?  No more!  And really, no more guesswork in developing rationalizations, possible themes for implications or development.  It’s all right there in the data.  You just have to look.

 


Stefanie is a regular contributor to the work of the International Association of Interviewers. To enjoy other great content from her and other contributors, please visit CertifiedInterviewer.com

New Forensic Reporting Platform for Retail Now Available Through CONTROLTEK-VuTeur Partnership

SAN FRANCISCO, Calif., (August 16, 2018) – CONTROLTEK, an emerging leader in retail product protection, has partnered with VuTeur, the most effective forensic reporting platform on the market, to provide retailers with advanced threat detection and emergency management protection using real time location technology.  VuTeur’s incident management software delivers access control authentication using secure credentialing methods without the need for bulky or expensive equipment.

“Retailers can establish zones and watch lists, as well as leverage real-time location system (RTLS) monitoring to create a custom layer of security for their stores and facilities,” said Jana Rankin, co-founder of VuTeur.  “We are excited to partner with CONTROLTEK and take a large step forward in helping retailers get better insight into what is happening in their environment in real time.”

“This is truly a game changing technology that does not require a large amount of hardware,” said Tom Meehan, CONTROLTEK’s Chief Information Security Officer. “The simplicity of VuTeur’s incident management software is real and the value it brings to retailers is significant.”

Rankin added that VuTeur and CONTROLTEK will also offer incident management tracking and automation to help organizations respond to incidents rapidly and appropriately, no matter how large or small.  According to Rankin, this gives retailers the ability to use analytics to capture, analyze, and maintain robust data sets to deliver new insights to customer behavior never before available.

“The partnership with VuTeur is a major part of CONTROLTEK’s strategic vision for the future,” added Meehan.  “It aligns with two of our key goals – to lead in protection and to lead in information delivery in order to help retailers take their performance to a higher level.”

How to Get a Second Phone Number

Today most banks and online accounts use your cell phone as a point of verification. So publicizing it (by having it on your business card or email signature line) can create a new potential risk. The solution may be to get a free second phone number. There are paid and free mobile voice-over-internet-protocol (VOIP) services that allow you to do just that. A few to consider are Google Voice, Viber, Gushed, and Line2. You can then use this phone number for the wide audience, and give your actual cell phone number to family and close friends. This is a simple step to make yourself less of a target for fraud.

How Organized Retail Crime Fuels Human Trafficking

(This article originally appeared in Loss Prevention Magazine Online)

What comes to mind when you think of organized retail crime (ORC)? High shrink items with high resell values, such as razors, baby formula, jeans and such? Or fencing operations, whether online or at the corner store? Recently I wrote an article about the broader scope of ORC, and the narrowing gap between ORC and cybercrime. In this article I will dive deeper into another aspect of ORC not often thought of, which is human trafficking.

Last January, the New York Daily News ran a story about how a runaway’s arrest for shoplifting resulted in an arrest of a sex trafficker. A 14-year-old girl was caught at Macys for shoplifting. While being interviewed, she revealed that she was forced into prostitution. The New York City Police Department has detectives assigned to a human trafficking unit, and they quickly apprehended the suspect.

This reminded me of something I witnessed in person. A group of females ranging in age from 14 to 48 were arrested as a part of a large credit card fraud ring operation in Queens, New York. It turned out that they were buying goods with stolen credit cards by day, and were forced into prostitution at night. I personally interviewed one who told me, “I thought America was going to be safer than anywhere else in the world. I was wrong.” She went on to explain how she started working as a cook, then was recruited to shoplifting, and before she knew it, she was a prostitute. At first, I wasn’t sure what to believe, but then she asked me if the police could help her get out. The NYPD assigned a specialized detective to her case.

Back in February, NPR published a good interview with a criminal investigator from Minnesota, and the topic was the connection between the Super Bowl and sex trafficking. The conversation revolved around how at-risk youths caught shoplifting are befriended by traffickers, and then manipulated into prostitution. The journalist asked the investigator, Marc Chadderon, whether there are signs that can help cops (and, in my view, asset protection professionals) to spot a victim of human trafficking during interviews. Chadderon offered several potential giveaways: presence of multiple phones on the person (“burner” phones for short term use and one personal one); presence of an older person near a younger female, who possibly don’t even know that person’s real name; large amounts of cash or prepaid credit cards; and motel keys. This list is certainly not exhaustive, but it’s a very good start.

I know that ORC investigators already have their hands full, so it’s not my intention to add yet another thing to worry about during interviews. But according to Laura Lederer, a leading State Department official on human trafficking, this is “the third-largest global criminal enterprise, exceeded only by drug and arms trafficking.” I also know that it is often missed during the interviews of ORC suspects. More and more police departments are including into their routine specific interview questions that can reveal human trafficking, and I think it makes sense that ORC investigators consider doing the same. Most importantly, if you suspect that someone could be a victim, report it.


Tom’s column regularly appears on every issue of LP Magazine. To subscribe to the printed version of the magazine and enjoy other great content visit losspreventionmedia.com

Tom Meehan to Speak on the Subject of Dark Web Investigations at the Upcoming IAI Chapter Meeting

BOSTON, Mass., (August 2, 2018) –CONTROLTEK’s Tom Meehan, a nationally recognized expert on cybersecurity and shrink reduction, will be speaking at the northeast chapter of the International Association of Interviewers (IAI) in the Boston area on August 7, 2018.

The following topics will be covered at the meeting:

  • Rapport Building, presented by Mike Reddington, VP of Executive Education at Wicklander & Zulawski
  • Dark Web Investigations, presented by Tom Meehan, CFI
  • Admission Statement Taking, presented by Matt Christman, CFI

The meeting will take place from 1 p.m. to 4 p.m. Eastern, at DoubleTree Boston-Milford, 11 Beaver Street, Milford, MA 07757.

Space is still available; if you’d like to attend please RSVP with Steven Palumbo.

The Blurring Lines between ORC and Cyber Crime

(This article originally appeared in Loss Prevention Magazine)

In 2003, the Loss Prevention Research Council (LPRC) worked on a three-year international research project with the University of Leicester, UK. The research was focused on the impact of organized retail crime (ORC) on communities, businesses, and individuals. This became the pivotal point when retailers transitioned away from using the term organized retail theft (ORT) and started using the term ORC.

I recall reading the research project and realizing that this was the first time I had seen fact-based research that covered the broad scope of ORC. The project talked about the real reach of ORC, police corruption, collateral damage, illegal immigration tactics, and many other facets of it. “Our sixty-plus retail chain members are increasingly describing more ORC crews that have moved in part or totally from in-store to online activities. The move is mostly dependent on having the needed skills,” said Read Hayes, PhD, a research scientist at the University of Florida and director of LPRC.

Fast-forward to 2018, and you would probably see all the same topics with the addition of the terrorism funding and potentially human trafficking.

The ORC Triad

When I think of ORC, I break it down into three categories. One is theft, which could be theft of goods, service, or cash—basically theft of anything. The second category is fraud. Just like theft, this could be any type of fraud—check, credit card, document fraud, and others. And lastly is cyber crime. I think that’s the one that’s often missing when we talk about ORC, especially in retail. If you ever heard me speak about ORC, you would hear me refer to the “ORC triad,” and this term refers to the three categories I just described. I believe that looking at ORC as this triad is all-encompassing, and this allows you to build programs and culture around the total scope of ORC.

ORC today differs from years ago. Now a shoplifter turns booster, then moves to fraud, then easily jumps right into cyber crime. The dark web and the Internet in general have a host of tutorials and manuals on how to commit cyber crime. For example, the dark web has groups like The Shadow Brokers (TSB), which allow people with little to no computer skills to purchase malicious software and instructions on how to deploy it. TSB even offers a subscription-like service to its members for access to new releases of the latest and greatest tools to commit the nefarious actions via computer. You read it right—you can search the web to learn how to become a hacker, or you can pay a subscription fee and have someone provide you all the tools. What could be easier?

Bridging the Gap

In July 2016, I wrote an article in this column titled “Bridging the Gap between Cyber Crime and ORC.” I received a lot of feedback and have spoken about this topic several times since then. The number one question I got was on how to determine if it’s ORC or cyber crime when the lines are blurred. The simple definition of cyber crime is criminal activities carried out by means of computers or the Internet. However, my goal is not to redefine ORC or cyber crime; rather it is to have organizations rethink their approaches and realize how often they are one and the same.

I’ll use an example that we often see in retail. Someone enters the store with a stolen credit card and uses it to purchase three mobile phones. Is that cyber crime? The short answer is no; it’s credit-card fraud. But what if that same person purchased that credit-card number on the dark web and made a counterfeit credit card? Does that change the response? Is it cyber crime now?

Retailers are facing these types of cases day in and day out. In my experience, it is a lot easier to put a case together for local, state, or federal law enforcement when there’s an element of a computer crime. I personally had experiences where I worked with law enforcement on ORC cases with several million dollars of loss, and it took several years to bring those cases to closure. I also had personal experiences where cases were much smaller in volume but were easily prosecuted when they involved the cyber-crime or computer-crime element.

I reached out to Joseph LaRocca, the senior advisor at Retail Partners, who is a globally recognized expert in shrink reduction and retail crime issues. I asked him about his thoughts on the evolution of ORC. LaRocca said, “Organized retail crime activity continues to evolve, and with the development of new technology, criminal bad actors are refining their techniques to target traditional physical assets and virtual assets across vast geographic hubs.”

I hope this article gives you a different point of view on ORC and on its evolution and impact. Cyber crime is a global issue certainly much larger than any individual retailer. It’s important to keep up to date in the latest trends and how they are affecting other retailers.

 


Tom’s column regularly appears on every issue of LP Magazine. To subscribe to the printed version of the magazine and enjoy other great content visit losspreventionmedia.com