Use Only Devices Approved by Your Organization

Try to avoid using personal computers, tablets, and cellphones for work-related matters. If you have children, do your best to not share devices and do not download movies, music, and other non-essential software on your work computer. These simple steps may help you avoid unwanted malware.

Keep you Kids Cyber Safe

It is important to start your kid’s cybersecurity hygiene early. Your kid’s passwords matter just as much as yours do, so remind them of good passwords habits. Do not share passwords and use standard password guidelines. Additionally, remind them to not share information online for example, last name, address, phone number, name of schools, and photos of any kind.

Fake COVID-19 Credit Union Profiles

Scammers are impersonating credit unions on Instagram. These bad actors are creating fake profiles on Instagram that contain financial institutions’ names, logos and links to their websites along with mentions of COVID-19. They send direct messages (DM) to followers to inform them that they have been selected for a cash prize. Source: Phish Labs team revealed to Security Boulevard

Using Social Media as a Security and Threat Assessment Tool

How OSINT Can Keep You Safe and Change What You Know

This article originally appeared in Loss Prevention Magazine.

Today, social media is just about everywhere. Facebook alone has almost 2.5 billion monthly active users. By now, most of us use some sort of social media to keep up with friends and family and to network professionally. With social media, the reach and frequency are unlimited. Its ease and usability allow anyone, from any age group, to report news or information regardless of its accuracy or merit. Just imagine: a large portion of the population walks around with high-definition cameras in their pockets and the ability to broadcast live video in real time to an audience of billions. But social media has many more uses beyond making personal connections.

Social media has revolutionized connectivity because it is so easily accessible: by definition, social media exists on an open public platform. This means that social media can also be used as a tool for open-source intelligence, more commonly referred to as OSINT. OSINT is intelligence collected from publicly available sources and is an effective method of data collection for retailers of any size. OSINT can open a new world of data for retailers, who can then gather data from every public source available and use OSINT tools to narrow the scope of their search.

Leveraging Social Media in Your Investigations

So how can your team tap into this world of information and use it to achieve your goals? It’s helpful to remember that thieves like to brag about their achievements. They’ll often share their activities with like-minded friends on social media. So a cache of stolen goods might just show up in a Facebook post or for resale on eBay. When chronic offenders or accomplices are identified, a security or law enforcement team can begin to monitor their social media activity. That can provide clues to past crimes—and hints about future ones.

You can collect data from social media using platform features that already exist, such as geolocation. With location-based monitoring, you can gather information to help you make decisions about hours of operation and staffing. You can also use the native search function to track activity about your store and potential threats. In this example, simply use the name of your organization with key phrases such as “gun,” “bomb,” and so forth.

Many social media platforms make their data available through application programming interfaces, or API. An API is simply a set of instructions that allow developers to interact with the platform’s technology. For example, Twitter’s search allows people to access their search function to create their own tools for collecting information. Twitter provides three ways for users to access their data:

Twitter Search. This is Twitter’s native search function, and it’s easy and free to use. Simply plug in your search terms, such as “burglaries, Town Name, USA” to get all the tweets related to that subject. The downside is you can only see the last 3,200 tweets related to your search—a lot of information, but not enough to get the whole picture.

Twitter Streaming API. Though it is similar to the Search API, the Streaming API can send you tweets in real time. This is particularly helpful for time-sensitive operations, such as a robbery or another ongoing event. The downside is that you only receive a sample of tweets containing your search terms, anywhere from 1 percent to 40 percent of relevant tweets.

Twitter Firehose. As its name suggests, this function sends you a lot of data. It’s guaranteed to send you 100 percent of tweets that meet your search criteria. This is incredibly helpful for security or law enforcement professionals who want a comprehensive overview of activity about a specific subject. But as you might have guessed, the Twitter Firehose is not free. Access to the Twitter Firehose is handled by GNIP, a social media API aggregation service that Twitter acquired in 2014.

How to Use Other OSINT Tools

OSINT existed before social media did, and a vast trove of publicly available information still exists beyond social media. We all know the information is out there, but few of us have the expertise, time, or patience to ferret out the parts we need. That’s where OSINT tools come in. Although free tools are available, you get what you pay for. They are still helpful tools for a security or law enforcement team, but remember that you are only getting a small fraction of the relevant data. To get a more comprehensive view of the data you want, you’ll have to pay for it.

According to Infosec, these are the top five tools used by penetration testers and even malware actors:

  1. Maltego, a software used for OSINT forensics that collects data from open sources and visualizes that data in a graph format.
  2. Recon-Ng, a full-featured OSINT framework written in Python.
  3. theHarvester, a tool to gather emails, subdomains, hosts, employee names, open ports, and service banners.
  4. Shodan, a search engine that lets you find specific types of Internet of Things (IoT) devices using a variety of filters.
  5. Google hacking or Google dorking, a computer hacking technique that uses Google Search and other Google applications to find security holes in the configuration and computer code that websites use. The Intext search is especially helpful in OSINT as it helps to search for specific text on a page.

According to a report from Thales, retail is the prime cyber-crime target. As I discussed in a previous article about the dark web, criminals can use the dark web to learn about company security policies, which stores are best to steal from, and which EAS tags a company uses, so they can learn how to defeat them. The dark web is a great place to find information about potential threats to your organization, but it can be difficult and even dangerous to your cyber security to access.

My tool of choice today is a paid open-source intelligence service called Echosec. It incorporates Twitter Firehose along with all the social media platforms that offer open-source intelligence. It also offers Beacon, a discovery tool for the dark web. I find Beacon to be an essential tool for dark web investigations because it allows me to search the dark web using keywords and narrow down the results, which you cannot manually do in the dark web because there is no search engine to index its content.

Like many new technologies, these tools can be helpful for both security professionals and criminals. It all depends on what a user does with the data. When collecting personal data, either on your own or with an OSINT tool, you should always consult your legal department to determine the proper protocols for using and storing this information. Few things are more sensitive than customer data—or more damaging should this data be compromised in any way.


Tom’s column is featured in every issue of Loss Prevention Magazine. To subscribe to the printed version of the magazine and enjoy other great content, visit losspreventionmedia.com.

CONTROLTEK’s New CMatch AI Health for Temperature Detection, Occupancy Verification and Mask Compliance

BRIDGEWATER, N.J. (May. 7, 2020) – CONTROLTEK a leader in retail asset protection and security solutions, releases a new Health Compliance module of the CMatch AI computer vision platform providing non-contact preventative screening in light of the Coronavirus pandemic and increased concern for health safety.

“Powered by cutting edge, deep learning technology, the CMatch AI applications are extremely versatile allowing for features to be adjusted to adapt with new challenges,” said Tom Meehan, CFI, CONTROTLEK’s chief strategy officer and chief information security officer.  “The module offers temperature detection, mask compliance, and occupancy verification. We were able to adjust the platform’s thermal feature, originally programmed for early indication of fire, to screen and detect elevated body temperature. Additionally, the mask compliance feature designed to identify a person entering a facility with a mask as a robbery threat, has been adapted to detect a face mask for health compliance.”

Additional features include occupancy verification using facial recognition technology for unique customer counts and access control integration using temperature, mask compliance, or facial recognition as a proxy to precisely verify whether an individual is safe to enter a facility.

“This automation platform eliminates the need for human interaction to verify compliance supporting health safety, reducing labor costs, and providing real-time information,” said Rubin Press, the vice president of global sales at CONTROLTEK. “CMatch AI will help retailers reopen stores safely and streamline compliance with new COVID19 policies, while remaining adaptable for what changes may come with the future.”

The CMatch AI Health Compliance platform is scalable with the ability to operate as a standalone plug-and-play device or as a cloud solution to save information for enterprise-level monitoring. CONTROLTEK’s First Time Right™ systems deployment and professional services simplifies implementation for quick deployment.

For more information about CMatch AI Health Compliance module and CMatch AI computer vision platform, along with downloadable data sheets, visit the CONTROLTEK website.

Payroll Fraud Email Scheme

Scammers are impersonating an HR and payroll services company informing employees of a change to payroll policy due to COVID-19. In an attempt to steal credentials, scammers send a convincing email with a sense of urgency to complete information in order to not cause interruption to payroll processing. Included is a link to a fake HR and payroll services website with a landing page replicating the company’s payroll landing page. Falling victim to this attack results in compromised sensitive employee information.