On Q Professional Investigations

After the abduction and sexual assault of a young girl in the small community of Cairnbrook, Pennsylvania, law enforcement searched tirelessly for the perpetrator as the community feared for children’s safety.

But for nearly two decades, the offender eluded the FBI and the Pennsylvania State Police—until earlier this year.

After the September 19, 1999 assault, the state police, with FBI assistance, chased down every lead. They pulled over cars that matched the description the victim provided, searched through sex offender registries, and conducted forensic interviews with the victim.

Despite these efforts, the assailant could not be identified. But when the victim guided police to the exact location of her assault, police found key pieces of evidence, including a paper bag with the offender’s fingerprint.

Examiners at the FBI’s Laboratory tested the evidence, but there was no match on the partial fingerprint—another dead end for investigators.

Even after transferring to another job in the department about 10 years after the crime occurred, Pennsylvania State Trooper Jeffrey Brock continued to investigate this case for another decade. “There was a sense of duty to finish the investigation,” Brock said. “Any investigator has that one case they wish they’d finished, and that was mine. I just kept working on it. I wanted to get justice for that girl and her family.”

In trying to find new approaches to move the investigation forward, Brock asked a now-retired FBI agent for advice. As one of the investigative steps they tried, the agent had the fingerprint re-checked in fall 2018.

Read More

The headquarters of a large national bank had detected fraud on an account and sent word to an Atlanta branch to be on alert: If an individual comes in to pick up the new debit card linked to that account, call the Atlanta Police Department.

An alert bank employee did just that when Khoi Nguyen, 43, came in to the branch to claim the debit card. Officers arrived quickly to ask Nguyen about his identity and the name on the bank account. Upon questioning, Nguyen produced a Department of Defense identification badge and claimed to be in law enforcement.

The police weren’t buying it, so they called the FBI to investigate Nguyen for impersonating a federal law enforcement officer. It was soon discovered that he was not only impersonating a government official but more than a dozen different people in a sophisticated identity theft scheme.

“In his bag at arrest were 20 cellular phones, 13 different identifications, a number of credit cards, and about $11,000 in cash,” said Special Agent Marcus Brackman, who worked the case out of the FBI’s Atlanta Field Office.

Brackman said that Nguyen had some technical skills and likely purchased the stolen personal information he used to create fake documents and open fraudulent financial accounts off encrypted websites. “Criminals can buy identities for 50 cents on the dark web,” Brackman explained.

Nguyen pleaded guilty to aggravated identity theft and was sentenced in October 2018 to two years in federal prison for his crime. He was also ordered to pay restitution to the financial institution and is facing additional state charges related to similar alleged activity in other areas of the country.

“Identity theft is very prevalent,” said Brackman. According to the Bureau of Justice Statistics, an estimated 26 million people age 16 or older in the United States experienced some form of identity theft in 2016—with many of those cases involving the misuse of a credit card or bank account. Brackman said that it was gratifying to hold someone responsible for a crime that affects so many people and creates such a headache for victims.

Read More

A month long FBI-led operation to identify and arrest sex traffickers and recover child victims has resulted in dozens of arrests across the country and the identification and recovery of more than 100 juveniles.

The initiative during the month of July, dubbed Operation Independence Day, relied on more than 400 law enforcement agencies working on FBI Child Exploitation and Human Trafficking Task Forces in each of the Bureau’s 56 field offices. The sweep included undercover operations and has led to the opening of five dozen federal criminal investigations. Agents and analysts at FBI Headquarters and in the field worked closely with the National Center for Missing & Exploited Children (NCMEC) to identify young runaways, missing kids, and juveniles who may have been subjected to human trafficking.

In all, 103 juveniles were identified or recovered and 67 suspected traffickers were arrested. The sweep resulted in 60 new federal investigations.

“The FBI is fiercely focused on recovering child victims and arresting the sex traffickers who exploit them,” FBI Director Christopher Wray said in a statement. “Through operations like this, the FBI helps child victims escape the abusive life of sex trafficking.”

In past years, the FBI initiated weeklong coordinated nationwide sweeps under the name Operation Cross Country to arrest traffickers and recover underage victims. This year, FBI field offices had a longer time window to plan and execute operations as part of the national initiative, with the goal being to develop richer leads and intelligence, and more robust cases.

“We are here to rescue children, and we are here to build good cases against traffickers,” said Jeanette Milazzo, a special agent who led one of the Houston Field Office’s task force operations in early July. In that operation, undercover officers from the Houston Police Department scanned social media and escort sites looking for what appeared to be juveniles advertising for commercial sex. They set up fake dates, met at pre-arranged locations, and then brought individuals (and their pimps in some cases) in for interviews to determine if they were underage or trafficked or if they could help identify other victims or traffickers. In each case, FBI victim specialists ensure the individuals understand their situation and are made aware of the resources available to help them.

“If we have developed enough rapport with the victim, we build a case against their trafficker and hopefully charge them in federal court,” Milazzo said.

Read More

The charity sounded like a worthy and patriotic cause—an organization that would send military families on Disney vacations and pay travel costs for families to see their loved ones graduate from boot camp in South Carolina and California.

But the charity, known as “Marines and Mickey” was simply a front that fraudster John Shannon Simpson used to enrich himself. Thanks to an FBI and Naval Criminal Investigative Service investigation, Simpson is now serving a prison sentence.

“Simpson presented himself as a retired master sergeant in the Marines, and people believed him. They had no reason to question a U.S. Marine,” said Special Agent Tiffany Baker, who investigated the case out of the FBI’s Bluffton Resident Agency, which is part of the Columbia Field Office.

In fact, Simpson was actually a lower-level rank than he claimed, and he was court-martialed for going AWOL.

But claiming to be associated with the Marine Corps gave Simpson credibility, and donors gave nearly half a million dollars to his charity from its founding in 2014 until 2016.

Simpson befriended a Gold Star mother who had lost her son in a shooting in Chattanooga, Tennessee in 2015. Simpson and the Gold Star mother collaborated on fundraisers for Marines and Mickey.

People who knew the mother became suspicious of Marines and Mickey and dug into Simpson’s military record. A friend of hers contacted the FBI, who began looking into the charity.

While the purported charity claimed that 100 percent of funds were directed to help military families, investigators found that less than 20 percent of the donations were actually used for that purpose. Most of the money was simply pocketed for Simpson’s daily living expenses.

“Simpson even hosted a fundraiser that was to send a Marine’s child who was sick with cancer to Disney,” Baker said. “In fact, he did not direct any money toward that family.”

But Simpson was a good salesman. He knew enough about the military to ingratiate himself with Marines and their families. And for a long time, no one, including his volunteers, had any reason to question his military record or how he was spending the money he raised.

“It’s such an affront to the Marine Corps values that someone had the audacity to take advantage of their service members for financial gain—while pretending to have those same military values himself when he did not,” Baker said. “It’s just a really egregious case.”

Read More

An elderly man in a wheelchair lost more than $100,000. A woman lost her high-end home and moved into a small shed on her son’s property. Another victim lost her life savings and could not afford eyeglasses. Some victims declared bankruptcy.

These stories are just a few from the more than 100 victims who lost $63 million as a result of a fraud scheme carried out by the owners of Smith Advertising from around 2008 to 2012.

“This is not just a crime about money. These were people with real lives who were lied to and deceived, and they paid a real price,” said Special Agent Jay Stone, who investigated the case out of the FBI’s Tampa Field Office, along with the U.S. Secret Service.

Gary Todd Smith, and his father, Gary Truman Smith, ran Smith Advertising, a North Carolina-based company with offices in Florida. At first, the company did legitimate advertising work, but it hit a financial snag in the mid-2000s, particularly after the 2008 financial crisis.

“The economic downturn was probably a crippling blow,” Stone said. “The right and legal thing to do if your business is struggling is to restructure and possibly claim bankruptcy. But they wanted money, so they devised this fraudulent scheme.”

The scheme was complex and successful—for a time.

When the business began to struggle, the company solicited investors—including friends and associates from their community, church, and civic organizations—for “bridge loans.” The company told investors that they would loan Smith Advertising money so the company could pre-purchase advertising at a discount. The company promised to pay back the investors what they loaned plus a cut of the discount.

In fact, the company wasn’t buying advertising. The loans were simply to keep Smith Advertising afloat and repay previous debts—the equivalent of opening a new credit card to pay off a maxed-out one. Some of the early victims were paid back with the promised return, but that was simply other people’s money that the company had borrowed. Other victims, however, lost all of the money they invested.

Read More

A list of nearly four dozen observable behavioral signs that someone might be planning to commit an act of extremist violence is contained in a newly updated publication released by the country’s foremost counterterrorism organizations.

Homegrown Violent Extremist Mobilization Indicators, 2019 Edition, produced by the FBI, the National Counterterrorism Center, and the Department of Homeland Security, contains a broad list of 46 behavioral indicators listed in color-coded groupings of how clearly the indicators might demonstrate an individual’s likelihood of engaging in terrorist activity. The booklet updates a prior version published in 2017.

The agencies authored the updated publication to help law enforcement—and the public at large—recognize potentially dangerous behaviors as the U.S. faces a heightened threat from homegrown violent extremists.

“The booklet provides our partners with tools to identify concerning behavior so that it can be responsibly reported to law enforcement,” said Michael McGarrity, assistant director of the FBI’s Counterterrorism Division. “We can’t be everywhere. We count on our partners to identify threats in their communities.”

The booklet, published on the website of the Office of the Director of National Intelligence, describes each of the behavioral indicators, organized by how easily they can be diagnosed. For example, observing someone prepare a martyrdom video could be diagnosed on its own as a mobilization indicator, while seeing an individual conduct suspicious financial transactions would be considered “minimally diagnostic” and would require other observable indicators to meet a diagnostic threshold.

The publication emphasizes that many of the indicators may involve constitutionally protected activities. But observed together, the behaviors may raise suspicions and merit reporting to authorities.

“It’s an indispensable tool in our efforts to leverage all available resources to identify terrorists before they conduct deadly attacks,” said Matthew Alcoke, deputy assistant director of the FBI’s Counterterrorism Division.

Read More

Injured workers in California thought they were calling a hotline to help them navigate the workers’ compensation system. What they got instead was more pain. Rather than getting the help they needed, callers were set up with a group of corrupt doctors, attorneys, and patient brokers who lined their own pockets at the expense of injured workers.

For years, dozens of marketers, doctors, lawyers, and medical service providers conspired to buy and sell patients—and their individual body parts—like commodities for insurance and workers’ compensation purposes. The San Diego-based fraud ring cheated the California workers’ compensation system and private insurance out of more than $200 million. They also subjected patients to unnecessary, and sometimes painful, medical procedures and corrupted the doctor-patient relationship.

Yet thanks to an investigation by the FBI, the San Diego District Attorney’s Office, and the California Department of Insurance, many of the fraudsters have been convicted and sentenced.

The network preyed predominantly on seasonal, migrant workers who travel back and forth between California and Mexico. Their work in heavy labor industries, such as agriculture, can sometimes result in injuries.

Fermin Iglesias and Carlos Arguello set up various patient recruiting and scheduling companies in Central America and Mexico to direct patients to medical service providers. Arguello operated several patient recruitment entities, including one called Centro Legal. Through billboards, flyers, advertisements, and business cards, Centro Legal recruited workers to seek workers’ compensation benefits. When an injured worker called the number on the billboard or card, a scheduling company took over to maximize the profits from that individual worker.

“The corrupt attorneys and doctors had the same goal—to bill as much as possible,” said Special Agent Jeffrey Horner, who investigated the case out of the FBI’s San Diego Field Office. “The attorneys wanted to get the largest possible settlement by any means necessary, which was traditionally based on total medical billing. The doctors wanted to make as much money as possible, without regard for the well-being of their patients.

Read More

The US Customs and Border Protection has reportedly suspended a subcontractor following a “malicious cyberattack” in May that caused it to lose photos of travelers into and out of the country. Perceptics, which makes license plate scanners and other surveillance equipment for CBP, has been suspended from contracting with the federal government, The Washington Post reported Tuesday.

On June 12, CBP had confirmed that in violation of its policies, a subcontractor had “transferred copies of license plate images and traveler images collected by CBP to the subcontractor’s company network.” The subcontractor’s network was then compromised by a cyberattack that affected under 100,000 people who entered and exited the US in a vehicle through several specific lanes at one land border during a 1.5-month period.

Federal records showed CBP officials citing “evidence of conduct indicating a lack of business honesty or integrity,” Washington Post reported.

Passports and travel document photos weren’t taken in the cyberattack, but it was reported later in June that the hackers stole sensitive CBP data from Perceptics, including government agency contracts, budget spreadsheets and even Powerpoint presentations.

Read More

(CNN) Houston police arrested five men in a human trafficking investigation for allegedly holding 18 Latin American immigrants for ransom, police said.

The suspects face multiple charges, including engaging in organized crime by kidnapping, Houston Police Chief Art Acevedo said Friday.

The investigation started June 5 after a family told police a relative was being held against his will. Kidnappers were demanding $4,700 for the man’s release, in addition to $300 that had been paid to someone in Mexico to help bring him into the country, police said in a criminal complaint.

The kidnappers told the family that the man would be killed if the money was not paid, the complaint said.

Officers responded to where they believed the victim was held, and they arrested several suspects and rescued two victims, Acevedo said.

Guns, cash and cocaine recovered

Police learned of a “stash house” with more victims and found 16 more victims in “deplorable conditions,” he said.

“Our investigation determined that women were held captive and sexually assaulted for 25 days,” he said. The victims were taken to hospitals after they were rescued.
Detectives also recovered guns, more than $10,000, and 19 grams of cocaine, police said.

View Source

The “arms race” of mobile forensics – ever-tougher encryption and the breakneck operations to crack it – has become more of a public tug-of-war than ever before.

Cellebrite, the largest player in the mobile-forensics industry, unveiled its UFED Premium last Friday. Along with the announcement came the bombshell: that it can now get into any Apple iOS device, and many of the high-end Android devices.

“An exclusive solution for law enforcement to unlock and extract data from all iOS and Android devices,” the company said in a tweet.

Those devices have historically been the toughest to crack – and Cellebrite’s newfound ability to perform a full-file system extraction on any iOS device in particular would allow law enforcement “to get much more data than what is possible through logical extractions and other conventional means.”

“Our certified forensic experts can also help you gain access to sensitive mobile evidence form several locked, encrypted or damaged iOS and Android devices using advanced in-lab only techniques,” the company added in its Friday announcement.

The latest tool works on Apple device running anything from iOS 7 to iOS 12.3, according to the company. Among the Android devices covered are the Samsung S6, S7, S8, and S9. Also supported are the most popular models of Motorola, Huawei, LG and Xiaomi.

The announcement follows the highly-publicized breakthrough of the GrayKey devices made by Grayshift more than a year ago. The GrayKey tool had exploited a low-power loophole in some iOS systems, one expert explained to Forensic Magazine. But Apple put in a fix to stop the access late last year, involving an iOS system to reconnect with a home device. Since then, GrayKey has made some inroads on some Apple devices – but not all of them, according to experts.

Read More