On Q Professional Investigations

Injured workers in California thought they were calling a hotline to help them navigate the workers’ compensation system. What they got instead was more pain. Rather than getting the help they needed, callers were set up with a group of corrupt doctors, attorneys, and patient brokers who lined their own pockets at the expense of injured workers.

For years, dozens of marketers, doctors, lawyers, and medical service providers conspired to buy and sell patients—and their individual body parts—like commodities for insurance and workers’ compensation purposes. The San Diego-based fraud ring cheated the California workers’ compensation system and private insurance out of more than $200 million. They also subjected patients to unnecessary, and sometimes painful, medical procedures and corrupted the doctor-patient relationship.

Yet thanks to an investigation by the FBI, the San Diego District Attorney’s Office, and the California Department of Insurance, many of the fraudsters have been convicted and sentenced.

The network preyed predominantly on seasonal, migrant workers who travel back and forth between California and Mexico. Their work in heavy labor industries, such as agriculture, can sometimes result in injuries.

Fermin Iglesias and Carlos Arguello set up various patient recruiting and scheduling companies in Central America and Mexico to direct patients to medical service providers. Arguello operated several patient recruitment entities, including one called Centro Legal. Through billboards, flyers, advertisements, and business cards, Centro Legal recruited workers to seek workers’ compensation benefits. When an injured worker called the number on the billboard or card, a scheduling company took over to maximize the profits from that individual worker.

“The corrupt attorneys and doctors had the same goal—to bill as much as possible,” said Special Agent Jeffrey Horner, who investigated the case out of the FBI’s San Diego Field Office. “The attorneys wanted to get the largest possible settlement by any means necessary, which was traditionally based on total medical billing. The doctors wanted to make as much money as possible, without regard for the well-being of their patients.

Read More

Police and security forces around the world are testing out automated facial recognition systems as a way of identifying criminals and terrorists. But how accurate is the technology and how easily could it and the artificial intelligence (AI) it is powered by – become tools of oppression?

Imagine a suspected terrorist setting off on a suicide mission in a densely populated city centre. If he sets off the bomb, hundreds could die or be critically injured.

CCTV scanning faces in the crowd picks him up and automatically compares his features to photos on a database of known terrorists or “persons of interest” to the security services.

The system raises an alarm and rapid deployment anti-terrorist forces are despatched to the scene where they “neutralise” the suspect before he can trigger the explosives. Hundreds of lives are saved. Technology saves the day.

But what if the facial recognition (FR) tech was wrong? It wasn’t a terrorist, just someone unlucky enough to look similar. An innocent life would have been summarily snuffed out because we put too much faith in a fallible system.

What if that innocent person had been you?

This is just one of the ethical dilemmas posed by FR and the artificial intelligence underpinning it.

Training machines to “see” – to recognise and differentiate between objects and faces – is notoriously difficult. Computer vision, as it is sometimes called – not so long ago was struggling to tell the difference between a muffin and a chihuahua – a litmus test of this technology.

Read More

Agents with the Federal Bureau of Investigation and Immigration and Customs Enforcement have turned state driver’s license databases into a facial-recognition gold mine, scanning through millions of Americans’ photos without their knowledge or consent, newly released documents show.

Thousands of facial-recognition requests, internal documents and emails over the past five years, obtained through public-records requests by researchers with Georgetown Law’s Center on Privacy and Technology and provided to The Washington Post, reveal that federal investigators have turned state departments of motor vehicles databases into the bedrock of an unprecedented surveillance infrastructure.

Police have long had access to fingerprints, DNA and other “biometric data” taken from criminal suspects. But the DMV records contain the photos of a vast majority of a state’s residents, most of whom have never been charged with a crime.

Neither Congress nor state legislatures have authorized the development of such a system, and growing numbers of Democratic and Republican lawmakers are criticizing the technology as a dangerous, pervasive and error-prone surveillance tool.

“Law enforcement’s access of state databases,” particularly DMV databases, is “often done in the shadows with no consent,” House Oversight Committee Chairman Elijah E. Cummings (D-Md.) said in a statement to The Post.

Read More

The US Customs and Border Protection has reportedly suspended a subcontractor following a “malicious cyberattack” in May that caused it to lose photos of travelers into and out of the country. Perceptics, which makes license plate scanners and other surveillance equipment for CBP, has been suspended from contracting with the federal government, The Washington Post reported Tuesday.

On June 12, CBP had confirmed that in violation of its policies, a subcontractor had “transferred copies of license plate images and traveler images collected by CBP to the subcontractor’s company network.” The subcontractor’s network was then compromised by a cyberattack that affected under 100,000 people who entered and exited the US in a vehicle through several specific lanes at one land border during a 1.5-month period.

Federal records showed CBP officials citing “evidence of conduct indicating a lack of business honesty or integrity,” Washington Post reported.

Passports and travel document photos weren’t taken in the cyberattack, but it was reported later in June that the hackers stole sensitive CBP data from Perceptics, including government agency contracts, budget spreadsheets and even Powerpoint presentations.

Read More

(CNN) Houston police arrested five men in a human trafficking investigation for allegedly holding 18 Latin American immigrants for ransom, police said.

The suspects face multiple charges, including engaging in organized crime by kidnapping, Houston Police Chief Art Acevedo said Friday.

The investigation started June 5 after a family told police a relative was being held against his will. Kidnappers were demanding $4,700 for the man’s release, in addition to $300 that had been paid to someone in Mexico to help bring him into the country, police said in a criminal complaint.

The kidnappers told the family that the man would be killed if the money was not paid, the complaint said.

Officers responded to where they believed the victim was held, and they arrested several suspects and rescued two victims, Acevedo said.

Guns, cash and cocaine recovered

Police learned of a “stash house” with more victims and found 16 more victims in “deplorable conditions,” he said.

“Our investigation determined that women were held captive and sexually assaulted for 25 days,” he said. The victims were taken to hospitals after they were rescued.
Detectives also recovered guns, more than $10,000, and 19 grams of cocaine, police said.

View Source

The tech entrepreneur Ross McNutt wants to spend three years recording outdoor human movements in a major U.S. city, KMOX news radio reports.

If that sounds too dystopian to be real, you’re behind the times. McNutt, who runs Persistent Surveillance Systems, was inspired by his stint in the Air Force tracking Iraqi insurgents. He tested mass-surveillance technology over Compton, California, in 2012. In 2016, the company flew over Baltimore, feeding information to police for months (without telling city leaders or residents) while demonstrating how the technology works to the FBI and Secret Service.

The goal is noble: to reduce violent crime.

There’s really no telling whether surveillance of this sort has already been conducted over your community as private and government entities experiment with it. If I could afford the hardware, I could legally surveil all of Los Angeles just for kicks.

And now a billionaire donor wants to help Persistent Surveillance Systems to monitor the residents of an entire high-crime municipality for an extended period of time––McNutt told KMOX that it may be Baltimore, St. Louis, or Chicago.

McNutt’s technology is straightforward: A fixed-wing plane outfitted with high-resolution video cameras circles for hours on end, recording everything in large swaths of a city. One can later “rewind” the footage, zoom in anywhere, and see exactly where a person came from before or went after perpetrating a robbery or drive-by shooting … or visiting an AA meeting, a psychiatrist’s office, a gun store, an abortion provider, a battered-women’s shelter, or an HIV clinic. On the day of a protest, participants could be tracked back to their homes.

In the timely new book Eyes in the Sky: The Secret Rise of Gorgon Stare and How It Will Watch Us All, the author Arthur Holland Michel talks with people working on this category of technology and concludes, “Someday, most major developed cities in the world will live under the unblinking gaze of some form of wide-area surveillance.”

At first, he says, the sheer amount of data will make it impossible for humans in any city to examine everything that is captured on video. But efforts are under way to use machine learning and artificial intelligence to “understand” more. “If a camera that watches a whole city is smart enough to track and understand every target simultaneously,” he writes, “it really can be said to be all-seeing.”

Read More

The “arms race” of mobile forensics – ever-tougher encryption and the breakneck operations to crack it – has become more of a public tug-of-war than ever before.

Cellebrite, the largest player in the mobile-forensics industry, unveiled its UFED Premium last Friday. Along with the announcement came the bombshell: that it can now get into any Apple iOS device, and many of the high-end Android devices.

“An exclusive solution for law enforcement to unlock and extract data from all iOS and Android devices,” the company said in a tweet.

Those devices have historically been the toughest to crack – and Cellebrite’s newfound ability to perform a full-file system extraction on any iOS device in particular would allow law enforcement “to get much more data than what is possible through logical extractions and other conventional means.”

“Our certified forensic experts can also help you gain access to sensitive mobile evidence form several locked, encrypted or damaged iOS and Android devices using advanced in-lab only techniques,” the company added in its Friday announcement.

The latest tool works on Apple device running anything from iOS 7 to iOS 12.3, according to the company. Among the Android devices covered are the Samsung S6, S7, S8, and S9. Also supported are the most popular models of Motorola, Huawei, LG and Xiaomi.

The announcement follows the highly-publicized breakthrough of the GrayKey devices made by Grayshift more than a year ago. The GrayKey tool had exploited a low-power loophole in some iOS systems, one expert explained to Forensic Magazine. But Apple put in a fix to stop the access late last year, involving an iOS system to reconnect with a home device. Since then, GrayKey has made some inroads on some Apple devices – but not all of them, according to experts.

Read More

MATAMOROS, Mexico — Shortly before dawn one Sunday last August, a driver in an S.U.V. picked up Christopher Cruz at a stash house in this border city near the Gulf of Mexico. The 22-year-old from El Salvador was glad to leave the one-story building, where smugglers kept bundles of cocaine and marijuana alongside their human cargo, but he was anxious about what lay ahead.

The driver deposited Mr. Cruz at an illegal crossing point on the edge of the Rio Grande. A smuggler took a smartphone photograph to confirm his identity and sent it using WhatsApp to a driver waiting to pick him up on the other side of the frontier when — if — he made it across.

The nearly 2,000-mile trip had already cost Mr. Cruz’s family more than $6,000 and brought him within sight of Brownsville, Tex. The remaining 500 miles to Houston — terrain prowled by the United States Border Patrol as well as the state and local police — would set them back another $6,500.

It was an almost inconceivable amount of money for someone who earned just a few dollars a day picking coffee beans back home. But he wasn’t weighing the benefits of a higher-paying job. He was fleeing violence and what he said was near-certain death at the hands of local gangs.

“There’s no other option,” Mr. Cruz said. “The first thought I had was, ‘I just need to get out of here at whatever cost.’”

The stretch of southwest border where he intended to cross has become the epicenter of the raging battle over the Trump administration’s immigration crackdown. One clear consequence of the tightening American border and the growing perils getting there is that more and more desperate families are turning to increasingly sophisticated smuggling operations to get relatives into the United States.

Mr. Cruz’s story provides an unusually detailed anatomy of the price of the journey. The money paid for a network of drivers who concealed him in tractor-trailers and minibuses, a series of houses where he hid out, handlers tied to criminal organizations who arranged his passage, and bribes for Mexican police officers to look the other way as he passed.

Read More

HOUSTON (AP) — U.S. border authorities say they’ve started to increase the biometric data they take from children 13 years old and younger, including fingerprints, despite privacy concerns and government policy intended to restrict what can be collected from migrant youths.

A Border Patrol official said this week that the agency had begun a pilot program to collect the biometrics of children with the permission of the adults accompanying them, though he did not specify where along the border it has been implemented.

The Border Patrol also has a “rapid DNA pilot program” in the works, said Anthony Porvaznik, the chief patrol agent in Yuma, Arizona, in a video interview published by the Epoch Times newspaper.

Spokesmen for the Border Patrol and the Department of Homeland Security did not return several messages from The Associated Press seeking comment on both programs.

The Border Patrol says that in the last year, it’s stopped roughly 3,100 adults and children fraudulently posing as families so they can be released into the U.S. quickly rather than face detention or rapid deportation.

The Department of Homeland Security has also warned of “child recycling,” cases where they say children allowed into the U.S. were smuggled back into Central America to be paired up again with other adults in fake families — something they say is impossible to catch without fingerprints or other biometric data.

“Those are kids that are being rented, for lack of a better word,” Porvaznik said.

But the Border Patrol has not publicly identified anyone arrested in a “child recycling” scheme or released data on how many such schemes have been uncovered. Advocates say they’re worried that in the name of stopping fraud, agents might take personal information from children that could be used against them later.

“Of course child trafficking exists,” said Karla Vargas, an attorney with the Texas Civil Rights Project. But she warned against implementing “a catch-all” policy that could reduce the rights of people who are legally seeking asylum.

Read More

Nearly half a million Alabama cell phone numbers received identical text messages in 2015 telling them to click a link to “verify” their bank account information. The link took recipients to a realistic-looking bank website where they typed in their personal financial information.

But the link was not the actual bank’s website—it was part of a phishing scam. Just like phishing messages sent over email, the text message-based scam was easy to fall for. The web address was only one character off from the bank’s actual web address.

While most recipients appeared to ignore the message, around 50 people clicked on the link and provided their personal information. The website asked for account numbers, names, and ZIP codes, along with their associated debit card numbers, security codes, and PINs. Within an hour, the fraudster had made himself debit cards with the victims’ account information. He then began to withdraw money from various ATMs, stealing whatever the daily ATM maximum was from each account.

“It was a fairly legitimate-looking website, other than the information it was asking for,” said Special Agent Jake Frith of the Alabama Attorney General’s Office, who worked the case along with investigators from the FBI’s Mobile Field Office.

The fraudster, Iosif Florea, stole about $18,000 (including ATM fees), with losses from each individual account ranging from $20 to $800. (Banks typically reimburse customers who are victims of fraud.)

Investigators believe Florea bought a large list of cell phone numbers from a marketing company, and he only needed a few victims out of thousands of phone numbers for the scheme to be successful.

The damage was minimized, however, because of the bank’s quick response. As soon as customers reported the fraud, the bank reached out to federal authorities as well as the local media to alert the community to the fraudulent messages.

Read More