On Q Professional Investigations

Pomona, NY – Night sights have grown in popularity over the last few years, due primarily to the growing interest in personal protection.

Because night sights work in low, or no light situations, it makes them perfect for home protection, especially if the need arises to seek out your weapon very quickly in the dark.

Kahr Firearms Group has just announced that some of their C-Series pistols will now be offered with night sights. Three of their most popular 9mm models; the CM9093N, CW9093N, and the CT9093N will now be available with night sights.

All three models feature a black polymer frame, matte finish stainless steel slide, a drift-adjustable white bar-dot combat rear sight, and a pinned in polymer front night sight.

The CM9 features a 3.1” barrel length; an overall length of 5.42”, a slide width of .90”, the height is 4.0” and weighs in at just 14 oz.

It has a 6+1 capacity and comes with one 6-round flush floorplate magazine.

The CW9 features a 3.56” barrel, an overall length of 5.9” and a height of 4.5”. It weighs 15.8 oz. without the magazine.

Capacity is 7+1, and comes with one 7-round stainless magazine.

Lastly, the CT9 offers a 3.965” barrel, an overall length of 6.5”, a slide width of .90”; height is 5.08” and weighs just 18.5 oz. without the magazine.

Capacity is 8+1 and comes standard with one 8 rd. stainless magazine. Cost of the three models featuring night sights is $499 for the CM9093N, $495 for the CW9093N, and $485 for the CT9093N.

Recently, Kahr Firearms Group announced that effective June 1, 2015 through September 30, 2015, Kahr will send one free magazine with the purchase of specific C-Series guns, which includes these 3 models with the night sights.

To receive a coupon for a free magazine, just log onto the Kahr website at www.kahr.com/MagPromo2015.asp and fill out the online form or download the coupon, fill it out and mail, email, or fax it along with a copy of the firearm receipt and the firearm serial number.

The new firearm must have been purchased during the summer promotion period to qualify. Any form submitted without a copy of the receipt and the serial number will not qualify for the magazine promotion. Allow 6 weeks for processing, shipping and delivery.

For more information about Kahr Firearms Group products, log onto www.kahr.com.

View Source

If you want a more open government, now is the time to put your ideas where your mouth is.

The White House seeks ideas and feedback from the public, federal officials and other open government advocates as it develops a third Open Government National Action Plan to be released later this year.

The announcement came in a White House blog post authored June 4 by Corinna Zarek, senior adviser for open government at the White House Office of Science and Technology Policy. The government’s first and second iterations of open government NAPs were released in 2011 and 2013, and as Zarek notes, those initiatives will be fully implemented by the end of 2015.

Given the object is a more open government, the process by which the White House will ideate for the third NAP is transparent and open, yet perhaps even more so than prior efforts.

NAP suggestions can be emailed (opengov@ostp.gov) or tweeted to @OpenGov. Users can also log into the collaborative, publicly available Hackpad platform to share their thoughts and ideas. That online collaboration will be managed by social and digital government guru Justin Herman of the General Services Administration.

The blog post makes clear that new suggestions regarding old commitments are sought as much as ideas for new initiatives. The only stipulations are that ideas are ambitious, relevant, specific and measurable, according to Zarek.

“You may wish to suggest expanded commitments on topic areas from the first two plans such as public participation, open data, records management, natural resource revenue transparency, the Freedom of Information Act, open innovation, or open educational resources, among others,” Zarek wrote. “You may also wish to suggest entirely new initiatives — and we hope you do!”

View Source

Recently, Senate Bill 1422 was amended to increase opportunities for hunters. SB 1422, as amended in the House, would expand hunting opportunities in the Collar counties by allowing the use of crossbows during the deer archery season.

Sponsored by Senator Neil Anderson (R-36), SB 1422 passed the House as amended by a 103 – 12 vote on May 21, 2015. SB 1422 now awaits a concurrence motion on House Amendment 1 in the Senate Agriculture Committee.

Experience in other states has shown that allowing the use of crossbows during hunting seasons helps retain and recruit hunters and does not have a higher success rate over vertical bows. NRA has always supported expanding on hunting opportunities when there is no biological reason to oppose them.

Also, crossbows would allow young hunters who do not yet possess the physical strength to use a vertical bow to go afield earlier and as a result, they would be more likely to recruit more family and friends into Illinois’ ranks of hunters.

Please call state Senator John Sullivan (D-47), chairman of the Senate Agriculture Committee, and urge a concurrence motion on House Amendment 1 to SB 1422.

Senator John M. Sullivan
(217) 782-2479

View Source

CHICAGO–The Chicago Department of Aviation (CDA) and U.S. Customs and Border Protection (CBP) today announced the expansion of Mobile Passport Control (MPC) to Chicago O’Hare International Airport. MPC is the first authorized app to expedite a traveler’s arrival into the United States.

Eligible travelers submit their passport information and customs declaration form to CBP via a smartphone and tablet app prior to arrival. Android and iPhone users can download the Mobile Passport app for free from the Google Play Store and Apple App Store.

“On behalf of Mayor Rahm Emanuel, the CDA is very pleased to partner with CBP to offer this innovative technology at our global gateway, O’Hare International Airport,” said Michael Boland, Acting Commissioner, CDA. “Mobile Passport Control is the latest of many new initiatives we have implemented at Chicago O’Hare that create a faster and more efficient CBP processing experience.”

“CBP is pleased to offer Mobile Passport Control as an option to expedite travelers’ entry into the United States at four of the country’s busiest international airports,” said Assistant Commissioner for Office of Field Operations Todd C. Owen. “CBP remains committed to making the international arrivals experience as traveler-friendly as possible through innovation and collaboration with stakeholders while maintaining the highest security standards.”

MPC currently offers U.S. citizens and Canadian visitors a more secure and efficient in-person inspection between the CBP officer and the traveler upon arrival in the United States. Much like Automated Passport Control (APC), the app does not require pre-approval, is free to use and does not collect any new information from travelers.

Travelers opting to use the app will no longer have to complete a paper customs declaration form and will have access to a designated MPC lane to clear customs instead of entering the traditional CBP processing lanes. As a result, travelers will experience shorter wait times, less congestion and faster processing.

Read More

For some of us, fall is about to begin and the graduates of the class of 2014 are heading off to colleges across the country. It’s an exciting time — there’s a reason so many people call college the best four years of their lives. You learn so much about the world and yourself. You make lifelong friends. You are an adult without the full responsibility of being an adult.

It’s pretty easy to believe that because you are young and not in the “real world” yet that you are immune to identity theft or credit card fraud. But crime isn’t so choosy about age. College students are actually a prime target for identity thieves because of naiveté. According to University of Colorado—Boulder, only 21 percent of college students are concerned about identity theft. And lack of concern leads to lack of managing financial and personal data making college students vulnerable to identity theft.

Luckily, managing your identity doesn’t have to be hard. Whether you’re an incoming freshman or a graduate student, here are four simple habits to help you protect your identity.

Read More

Your personally identifiable information (PII) is all around you, and much of it is impossible to protect. While your driver’s license and Social Security numbers are a significant part of the equation, you can take certain protective measures to keep those from prying eyes. Unfortunately, that’s not the case when it comes to more visible forms of PII—like your birthday, email address, home address and even your name. There are criminals out there who see you as their day job, and they know how to use the most gettable pieces of your PII, like your name, to commit crimes.

The fact is, most everyone will experience some form of identity-related compromise during their lifetime. Yes, you most likely will become a victim. The crimes are often hard to detect, but they happen all the time, and there is absolutely no service out there that can give you complete protection from identity-related crimes.

Here are a few ways you can get scammed that only require the clever application of a name, the most basic piece of your PII.

The Grandparent Scam

The first complaints of this scam were logged by the Internet Crime Complaint in 2008, but as the FBI reports, fraudsters working the senior circuit are becoming more sophisticated, using PII gleaned from social media sites to hone their performance.

Typically, a call comes from overseas either late at night or early in the morning, when people aren’t thinking as clearly as they might. The caller poses as a grandchild in trouble. There is a request for money, and a plea for secrecy: “Please don’t tell mom and dad! They’ll kill me.” Sometimes an attorney or “an arresting officer” makes the call. Money is wired, and fairly soon after that, the victim comes to realize that he or she has been had.

Variations on the scam include military personnel on leave and friends calling friends. With an increasing number of people oversharing their information on social media, it’s not difficult to figure out who will help whom, and when they’re away.

What to do: Tighten your privacy on social media; don’t share details about vacations, and when anyone asks for money over the phone—even a “family member”— stop, think and don’t allow your emotions to drag your good sense and wallet to Western Union.

The Package Scam

Many crimes considered “identity-related” were being perpetrated long before identity theft became part of the national psyche. Stealing mail is one example.

Personally identifiable information has given thievery of mail a real “boost.” The latest ploy in urban areas involves the collection of names. Using a notepad, a local thief slipped into a group of condominiums in my neighborhood and started to document who lived where by looking at the junk mail left in the lobby. He used that to gain entry after the courier services made their daily drops. “This is Gary from 2C. Locked myself out. Can you please buzz me in?” In minutes, every package was in his custody and he was gone.

What to do: Don’t leave junk mail in your lobby, and urge the building to have a policy that doesn’t allow packages to be left unattended.

Read More

ATLANTA GA Feb 2 2014 — Georgia motorists soon could whip out a cellphone picture of their driver’s license when stopped by police instead of carrying the plastic version.

That could be a plus for people who prefer not to carry a billfold or purse that could be stolen or mar the silhouette of tight jeans. It also recognizes that cellphones soon will be used for purchases, as they already are in other countries, eliminating the need for a pocketful of cash and credit cards.

The Nathan Deal administration is backing Senate Bill 323 in response to public requests. It’s meant to be especially helpful during the wait for the Department of Driver Services to send by mail the traditional, wallet version of a license, according to Sen. Hunter Hill, R-Smyrna, the sponsor of the bill.

“They are one of our best customer-service state agencies,” said Hill, who used to serve on the department’s board of directors. “They are constantly operating every day and getting feedback from their public.”

Current law already permits use of paper receipts issued by the department. Hill’s bill adds to that an electronic image of the receipt or a cellphone containing a photo of the front and back of the actual license.

“The presentation of such image on an electronic telecommunications device shall not be deemed as consent to access any other information contained on such devise for any other purposes,” the bill states, meaning embarrassing selfies and snarky text messages would remain private.

While the point of the change was the convenience of drivers when awaiting a new, renewed or reinstated license, Hill acknowledges it would work any time.

“When 99 percent of the population is law-abiding citizens, we need to create laws … that allow for some flexibility for our customers,” he said.

The photos would still be subject to verification by police officers accessing the Georgia Crime Information Center’s database. Since that access is limited to law enforcement, Hill doesn’t see the cellphone pictures serving as identification for bars and restaurants scouting out underage alcohol customers or for voting.

“This is not a provision that would make sense for voting,” he said.

View Source

United States Attorney Laura E. Duffy today announced the sentencing of two defendants who participated in an Oceanside telemarking operation dubbed 1st American Law Center. Defendants Shelveen Shraneel Singh and Johnathon Daniel Hearn were each sentenced yesterday to nine years and two years in prison, respectively, before District Court Judge Roger T. Benitez for their roles in defrauding more than 4,000 desperate homeowners who were seeking to modify their mortgages. All told, the operation resulted in victim losses of over $11 million.

According to documents filed in court, Shelveen Singh was a leading telemarketer who sold loan modification services on behalf of 1st American Law Center at a satellite office in Riverside. Among other lies, Singh and his co-defendants falsely promised to have a team of attorneys “pre-screen” clients and falsely boasted that 1st American had a 98 percent success rate in obtaining loan modifications for clients. 1st American Law Center’s telemarketers were encouraged to say virtually anything to close a sale and employed a variety of ruses, including pretending to have helped thousands of happy homeowners save their homes; claiming to have been in business for 20 years; promising that that clients’ fees would be deposited into a client-trust account and remain untouched until the client was satisfied; and assuring clients that they were protected by a money-back guarantee. Sadly, the telemarketers even persuaded homeowners to pay the company’s fees instead of using their limited funds to stay current on their mortgage payments.

The truth was devastating to the thousands of homeowners taken in by 1st American Law Center’s offer of help and hope. As participants in the scheme have admitted, there was no selective pre-screening process conducted by an attorney. Even the token attorney affiliated with the operation did not pre-screen applications, work on clients’ loan modification cases, or negotiate with lenders. Rather than having thousands of satisfied clients, 1st American Law Center had thousands of unsatisfied former clients who did not have their loans modified or receive refunds as promised. Client funds were not protected and safe, but instead controlled by a co-schemer, who funneled money out of the attorney trust account into accounts that he controlled, using the money to pay himself, other employees, or company expenses.

In addition to the standard lies told by other telemarketers, Singh employed numerous other deceptive acts to get money out of clients. This included withdrawing funds from client accounts without their permission and threatening clients with physical harm. Singh even impersonated a law enforcement officer and threatened to arrest clients if they did not pay 1st American Law Center’s fees.

In imposing the 110-month sentence, Judge Benitez remarked that Singh had preyed upon especially vulnerable victims. The judge noted that instead of paying restitution for a previous crime as required, Singh instead spent money on himself, racking up credit card charges that he later discharged in bankruptcy, and purchasing for himself an expensive Mercedes. Calling him a “dirty businessman,” Judge Benitez commented that it was actions like Singh’s that contributed to the erosion of trust in our society.

Hearn, another telemarketer, was also sentenced yesterday. Judge Benitez imposed a sentence of 24 months in custody.

Other defendants involved in the same scheme have previously been sentenced. Gary Bobel received a sentence of 92 months in custody. Scott Thomas Spencer received a total sentence of 43 months in custody, and Travis Iverson received a sentence of 24 months in custody. The attorney associated with 1st American Law Center, Dean Chandler, and another defendant, Michael Eccles are currently awaiting trial. They next appear in court on March 3, 2014.

Victims of 1st American Law Center may contact the U.S. Attorney’s Office Victim/Witness Coordinator Polly Montano at (619) 546-8921 if they have questions.

Defendant in Criminal Case No. 12CR4031-BEN

Shelveen Shraneel Singh, 26 Corona, California

110 months in custody on count six
three years of supervised release
restitution to be determined
Defendant in Criminal Case No. 12CR3041-BEN

Johnathon Daniel Hearn, 31 Oceanside, California
24 months in custody
three years of supervised release
restitution to be determined

Participating Agencies
Federal Bureau of Investigation
Internal Revenue Service-Criminal Investigation
View Source

CHARLOTTE NC

In the past week, Google, Facebook and Instagram have all announced security changes that will affect Officer Safety.

The most serious change comes from Facebook.
The company announced Thursday it is officially axing a privacy setting that allowed people to hide their profiles from other users in Facebook’s search field.

The setting “who can look up my timeline by name” had already disappeared from the options for some users — specifically, those who weren’t using the feature in December of last year.

The new change affects a “small percentage of people” on the site who were still using the feature, Facebook (FB, Fortune 500) said, although it did specify how many of its 1.15 billion active users were impacted.

Facebook explained that the search tool has been expanded to allow broader searches by topics, geographical areas and a number of other search criteria.

Facebook has also expanded its internal search capabilities with the roll out of Graph Search. The feature allows users to sift through the social network’s vast data trove to find “friends who live in my city,” “tourist attractions in Italy visited by my friends,” and similar lists. It also allows Facebook to eventually challenge sites that rate and rank local attractions like restaurants and hotels.

Facebook announced that users would no longer be able to block people with whom they are not connected from seeing their profile when searching the social network, a change that could boost the Graph Search feature CEO Mark Zuckerberg championed in a launch event earlier this year. The company said in a blog post that a “small percentage of people still using the setting” would lose it soon, after Facebook stopped offering to block searches for anyone who had not already chosen the option earlier this year.

Facebook has also changed their security threshold for their photo-sharing service Instagram allowing more people to see your photos. The Next Web reported that an update to the popular app takes away the option of not allowing videos to play automatically when a user visits the timeline. The move follows the announcement earlier this week that Instagram would begin to serve advertisements in users’ streams, the first revenue-generating attempt by the San Francisco company since Facebook committed $1 billion in a 2012 acquisition.

Google has also lifted some of their security restrictions, now sharing your photos and other information in advertisements and free displays.

What once was tucked away in your on-line privacy file has been opened and there’s not much that you can do about it.

For officer safety, we suggest that you restrict all pictures and post non-specific information and opt not to include details about your job, home address, phone number or even your favorite restaurant.

In recent years, there have been a number of private security personnel who have been assaulted while off-duty because of an incident that they were involved with while on-duty. Several situations also proved that the assailant had followed the security officer home from their work assignment and in a recent case; an assailant used public information to locate and assault a security officer for having him arrested for shoplifting.

Two security officers killed last year while off duty were found to have been targeted by persons that they had previous confrontations with while on duty.

Remember that once you post something on the Internet, you lose control of it and it’s almost impossible to take back once it has been published. For your safety, and the safety of your family,
use caution, be responsible and let common sense be your guide.

View Source

A Russian-speaking man casually shows on camera how he can download a punter’s bank-card details and PIN from a hacked card reader.

In a video demonstrating a tampered sales terminal, a card is swiped through the handheld device and a PIN entered – just as any customer would in a restaurant or shop. Later, after a series of key-presses, the data is transferred to a laptop via a serial cable.

Account numbers and other sensitive information appear on the computer screen, ready to be exploited. And the data can be texted to a phone, if a SIM card is fitted to the handheld.

We’re told the footage, apparently shown on an underworld bazaar, is used to flog the compromised but otherwise working kit for $3,000 apiece – or a mere $2,000 if you’re willing to share 20 per cent of the ill-gotten gains with the sellers under a form of hired-purchase agreement.

Crucially, the gang selling this device offers a money-laundering service to drain victims’ bank accounts for newbie fraudsters: a network of corrupt merchants are given the harvested card data and extract the money typically by buying fake goods and then cashing out refunds. The loot eventually works its way back to the owner of the hacked card reader.

A copy of the web video was passed to The Reg, and is embedded below. We have rotated part of the footage so it’s easier to read the on-screen text.

Electronic security consultancy Group-IB said the modified Verifone VX670 point-of-sale terminal, shown above, retains in memory data hoovered from tracks 1 and 2 of the magnetic stripe on the back of swiped bank cards, as well as the PIN entered on the keypad – enough information for fraudsters to exploit.

The setup suggests the sellers are based in Russia. In the video, a credit card from Sberbank, the country’s largest bank and the third largest in Europe, is used to demonstrate the hacked terminal’s capabilities.

If a SIM card for a GSM mobile phone network is fitted to the doctored device, the information can be sent by SMS rather than transferred over a serial cable, explained Andrey Komarov, head of international projects at Group-IB.

He told us crooks tampering with point-of-sale (POS) terminals and selling them isn’t new – but the bundling of money-stealing support services, allowing fraud to be carried out more easily, is a new development in the digital underground.

“We have detected a new group that sells this modified model of POS terminals and provides services for illegal cash-outs of dumped PINs through their own ‘grey’ merchants: it seems they buy fake stuff, and then cash-out money,” Komarov said.

“It takes less than three hours. According to our information, this kind of service is really new, and it is also being used by different cyber-criminals against the Russian bank Sberbank.”

Komarov told El Reg that the emergence of hacked card readers is due to banks improving their security against criminals’ card-skimming hardware hidden in cash machines and similar scams. Planting data-swiping malware in POS handhelds out in the field is possible, but it is fairly tricky to find vulnerable terminals and infiltrate them reliably without being caught.

It’s a touch easier to buy a tampered device and get it installed in a shop or restaurant with the help of staff or bosses on the take. This creates a huge potential market for fraudsters, according to Komarov.

Scam warnings

Banking giant Visa has issued several alerts about this kind of fraud along with occasional warnings about device vulnerabilities – such as this warning from 2009 [PDF]. And social-engineering tricks [PDF] in which fraudsters pose as Visa employees carrying out adjustments to terminals – while actually compromising them – has been going on for years.

One alert [PDF] from Visa, dating from 2010, explains how thieves worked in the past and the steps merchants can take to defend against the fraud: anti-tampering advice from this year can be found here [PDF], an extract of which is below:

Criminal gangs worldwide are illegally accessing active POS terminals and modifying them by inserting an undetectable electronic “bug” that captures cardholder data and PINs during normal transaction processing.
The impact of this type of crime can be significant to all key parties involved in card acceptance. An attack can not only undermine the integrity of the payment system, but diminish consumer trust in a merchant’s business. In response to this emerging threat, acquirers, merchants and their processors need to proactively secure their POS terminals and make them less vulnerable to tampering.

A more recent advisory on combating this type of fraud, issued earlier this year by Visa, can be found here [PDF].

Avivah Litan, a Gartner Research vice-president and an expert in banking security and related topics, said that tampering with card readers has been going on for years. She agreed with Group-IB’s observation that since banks are investing more in securing cashpoints, penetrating point-of-sale terminals can be an easier way to make money for criminals.

“The bad guys will go after anything they can, but it can be easier to find dishonest merchants to cooperate in running tampered terminals [to harvest bank details] than going after ATMs,” Litan told El Reg, adding that this kind of fraud was rife in South America, particularly in countries such as Brazil.

But Group-IB’s Komarov believes the Russian-speaking fraudsters behind the black-market sale of hacked sales terminals are targeting the international market as well as crims in the motherland. “The example they showed for Sberbank was just because they also use it against Russian-speaking countries, as they have Russian-speaking roots,” he explained.

We passed on Group-IB’s research to Verifone at the start of this month, along with a request for comment on what could be done to frustrate the trade of tampered card readers through underground markets and similar scams. We have yet to hear back from the device manufacturer. We’ll update this story if we hear more. ®

View Source