On Q Professional Investigations

“The Hanover police officers that work at The Hanover Mall may be referred to as Unit B, but that doesn’t mean they are doing anything but A-1 work.

The mall has been contracting with the town for the services of the police officers since the 1970s when Zayre Department Store first opened. The town then contracts with the police department with their collective bargaining agreements.

“At that point you had a small town that was suddenly dealing with a large shopping center,” said Hanover Mall General Manager Ed Callahan. “The town didn’t have the resources police-wise to handle that, so the town worked out a deal with the original owner, which was Campenelli-Tedeschi, for them to hire a police presence at the mall. Over the years, it was a combination of
Hanover Police and private public safety.”

There have been deals made every two-to-three years and the current one will begin on Jan. 1, 2018. According to the agreement signed in October, the town will receive a payment of $9,532 each month.

The contract will be automatically extended for an additional 12 months unless one side provides a written statement two months before the year is up wishing to not extend for an additional year.

According to former town manager Troy Clarkson, in addition to the monetary value, having this contract in place ensures that calls for service at the mall do not take away from other important responses, as the officer on duty can handle most issues on site without requiring a cruiser to be taken away from patrol in other areas.

This program, Clarkson said, has received national recognition and is yet another example of the strong and enduring partnership between the town and our partners at PREP.

There is a cruiser specifically for the position and the officers aren’t set out on calls other than extreme emergencies.

“We meet with Chief Walter Sweeney and Lt. Greg Nihan sometimes once a month or every other month and we sit down the program and review any incidences that have happened,” said Callahan. “We review what we want the officers to be doing in terms of community policing. We encourage the officers to be visible, interact with store managers and personnel and get to know people. With the cruiser they are able to do that same function with the peripheral around Dick’s Sporting Goods, Office Max, Trader Joe’s and Buffalo Wild Wings.”

When both the public safety officers and the Hanover police officers are fully staffed, typically one patrols the outside of the mall and the other on the inside of the mall. The goal is for them to work “in harmony” with two-way radios.”

View Source

WASHINGTON — The Transportation Security Administration today announced the expansion of its TSA Pre✓® expedited screening program to five additional domestic and international carriers. Now in operation, the five new partnering airlines are All Nippon Airways, Cathay Pacific Airways, Contour Aviation, Finnair and Korean Air. Today’s announcement brings the number of airlines participating in TSA Pre✓® to 42 domestic and international carriers.

TSA Pre✓® is an expedited screening program that enables low-risk travelers to enjoy a smart and efficient screening experience at 200 U.S. airports. For TSA Pre✓® travelers, there is no need to remove shoes, laptops, 3-1-1 liquids, belts or light jackets.

TSA Pre✓® is available when departing from a U.S. airport to a foreign country, and for domestic, connecting flights after returning to the U.S. Travelers who are U.S. citizens, U.S. nationals and lawful permanent residents of the U.S. can apply for TSA Pre✓® for a cost of $85 for five years, or $17 per year through the TSA Pre✓® application program. Once approved, travelers will receive a “Known Traveler Number” and will have the opportunity to utilize TSA Pre✓® lanes at select security checkpoints when traveling on any of the 42 participating airlines.

Other passengers who are eligible for TSA Pre✓® include: U.S. Customs and Border Protection’s Trusted Traveler programs, Global Entry, NEXUS, and SENTRI. TSA Pre✓® is also available for U.S. Armed Forces service members, including those serving in the U.S. Coast Guard, Reserves and National Guard. To find the program that best suits your travel needs, use the Department of Homeland Security trusted traveler comparison tool.

As always, TSA continues to incorporate unpredictable security measures, both seen and unseen, throughout the airport. All travelers will be screened, and no individual will be guaranteed expedited screening.

For more information, visit tsa.gov or read the frequently asked questions.

View Source

“Law enforcement agencies have been aware of virtual kidnapping fraud for at least two decades, but a recent FBI case illustrates how this frightening scam—once limited to Mexico and Southwest border states—has evolved so that U.S. residents anywhere could be potential victims.

Although virtual kidnapping takes on many forms, it is always an extortion scheme—one that tricks victims into paying a ransom to free a loved one they believe is being threatened with violence or death. Unlike traditional abductions, virtual kidnappers have not actually kidnapped anyone. Instead, through deceptions and threats, they coerce victims to pay a quick ransom before the scheme falls apart.

Between 2013 and 2015, investigators in the FBI’s Los Angeles Division were tracking virtual kidnapping calls from Mexico—almost all of these schemes originate from within Mexican prisons. The calls targeted specific individuals who were Spanish speakers. A majority of the victims were from the Los Angeles and Houston areas.

“In 2015, the calls started coming in English,” said FBI Los Angeles Special Agent Erik Arbuthnot, “and something else happened: The criminals were no longer targeting specific individuals, such as doctors or just Spanish speakers. Now they were choosing various cities and cold-calling hundreds of numbers until innocent people fell for the scheme.”

This was significant, Arbuthnot said, because the new tactic vastly increased the potential number of victims. In the case he was investigating, which became known as Operation Hotel Tango, more than 80 victims were identified in California, Minnesota, Idaho, and Texas. Collective losses were more than $87,000.

The incarcerated fraudsters—who typically bribe guards to acquire cell phones—would choose an affluent area such as Beverly Hills, California. They would search the Internet to learn the correct area code and telephone dialing prefix. Then, with nothing but time on their hands, they would start dialing numbers in sequence, trolling for victims.

When an unsuspecting person answered the phone, they would hear a female screaming, “Help me!” The screamer’s voice was likely a recording. Instinctively, the victim might blurt out his or her child’s name: “Mary, are you okay?” And then a man’s voice would say something like, “We have Mary. She’s in a truck. We are holding her hostage. You need to pay a ransom and you need to do it now or we are going to cut off her fingers.”

Most of the time, Arbuthnot said, “the intended victims quickly learned that ‘Mary’ was at home or at school, or they sensed the scam and hung up. This fraud only worked when people picked up the phone, they had a daughter, and she was not home,” he explained. “But if you are making hundreds of calls, the crime will eventually work.”

“The scammers attempt to keep victims on the phone so they can’t verify their loved ones’ whereabouts or contact law enforcement. The callers are always in a hurry, and the ransom demand is usually a wire payment to Mexico of $2,000 or less, because there are legal restrictions for wiring larger amounts across the border.

Although victims were typically instructed to wire ransom payments, two individuals in Houston were coerced into paying larger amounts—totaling approximately $28,000—that could not be wired. The victims were directed to make money drops, and they believed they were being watched as they were directed to the assigned location. When the drops were made—in specified trash cans—a Houston woman, 34-year-old Yanette Rodriguez Acosta, was waiting to pick up the ransom money. After taking her portion of the payment, Acosta wired the rest in small amounts to several individuals in Mexico to transfer to the Mexican prisoner believed to be running the virtual kidnapping scheme.

Acosta was taken into custody for her involvement in the scam, and in July 2017, a federal grand jury in Houston returned a 10-count indictment against her. Among the charges were wire fraud and money laundering.

Arbuthnot noted that the Mexican prisoners who carry out virtual kidnappings use the ransom money to pay bribes and to make their lives behind bars easier. “And sometimes they use the money to buy their way out of jail. That’s the ultimate goal.”

He added that virtual kidnapping cases are difficult to investigate and prosecute because almost all of the subjects are in Mexico, and the money is wired out of the country and can be difficult to trace. The charges against Acosta represent the first federal indictment in a virtual kidnapping case. In addition, many victims do not report the crime, either because they are embarrassed, afraid, or because they don’t consider the financial loss to be significant.

Regardless, Arbuthnot said, “victims of virtual kidnapping scams are traumatized by these events, because at the time, they believe that a loved one has been kidnapped and is in real danger.”

View Source

Be warned. An Edmonton driver’s chances of getting away with illegal parking are set to drop dramatically when city officials roll out their new robo-parking patrol.

Car-mounted cameras will automatically check licence plates against the parking payment records while rolling at 50 km/h on downtown streets. A wall-mounted camera will take a picture every time a car enters or exits a city-owned parking lot to ensure payment and the human patrol no longer tasked with marching downtown streets will redeploy to school zones and other hot-spot areas.

City officials are evaluating product bids now and hope to have a test car on city streets in October. The full rollout would hit Edmonton by spring. “That would be ideal,” said Erin Blaine, parking enforcement co-ordinator.

“It’s just a way more efficient way to use resources,” Blaine said. The parking rules are there to ensure spots remain open for drop-in customers for local businesses, and the automated enforcement will be more reliable for everyone. “It eliminates officer error.”

Similar to photo radar, scofflaws will get a ticket in the mail rather than under their vehicle’s windshield wiper. It will include a photo of the licence plate, which Blaine hopes will reduce the number of people appealing these tickets in court. She currently has five to 10 officers called to court every week.

It’s a $50 ticket for motorists who do not pay for parking.

An update on the project went to city council last week. It’s a $12-million effort, with $5.2 million already spent on the new digital parking meters. It’s listed as late because the city originally thought it could roll out the whole plan by 2015.

The third phase — having city-owned parkades calculate the number and location of spots left — is still being developed.

The report to council says implementation was delayed while city officials investigated the possibility of partnering with another municipality.

Read More

In a small office in Ashburn, Va., ensconced among the government contractors that make up the Dulles Technology Corridor, a start-up called Babel Street is bringing government-style surveillance to an entirely new market.

The company’s Web crawlers, offered under a subscription called Babel X, trawl some 40 online sources, scooping up data from popular sites such as Instagram and a Korean social media platform as well as inside “dark Web” forums where cybercriminals lurk.

Police departments investigating a crime might use the service to scan posts linked to a certainneighborhood over a specified period of time. Stadium managers use it to hunt for security threats based on electronic chatter.

The Department of Homeland Security, county governments, law enforcement agencies and the FBI use it to keep tabs on dangerous individuals, even when they are communicating in one of more than 200 languages, including emoji.

The firm, staffed by former government intelligence veterans, is part of an insular but thriving cottage industry of data aggregators that operate outside of military and intelligence agencies. The 100-person company said it is profitable, something that is rare for a tech start-up in its third year. (It declined, though, to release financial details.) It recently took on $2.25 million from investors, bringing its total capital raised from investors to just over $5 million.

A U.S. subsidiary of the European software giant SAP is its largest institutional investor.

Businesses like Babel Street have to tread an ethical line to avoid igniting privacy concerns, even though the data they access is generally publicly available on the Internet. Groups such as the American Civil Liberties Union (ACLU) regard the industry’s growth as a worrying proliferation of online surveillance.

“These products can provide a very detailed picture of a person’s private life,” said Matt Cagle, an ACLU lawyer who studies the issue.

Last year, Chicago-based social media aggregator Geofeedia was thrust into the national spotlight when the ACLU published a report alleging it had helped police departments track racially charged protests in Baltimore and Ferguson, Mo.

Read More

Credit monitoring company Equifax says a breach exposed the social security numbers and other data of about 143 million Americans.

After discovering the breach, but before notifying the public, three Equifax senior executives sold shares in the company worth almost $1.8m. Since the public announcement, the company’s share price has tumbled.

The Atlanta-based company said Thursday that “criminals” exploited a US website application to access files between mid-May and July of this year.

It said consumers’ names, social security numbers, birth dates, addresses and, in some cases, driver’s license numbers were exposed. Credit card numbers for about 209,000 US consumers were also accessed.

“This is clearly a disappointing event for our company, and one that strikes at the heart of who we are and what we do,” said the company’s chairman and CEO Richard Smith. “We pride ourselves on being a leader in managing and protecting data, and we are conducting a thorough review of our overall security operations.”

The company said hackers also accessed some “limited personal information” from British and Canadian residents.

Equifax said it doesn’t believe that any consumers from other countries were affected.

Such sensitive information can be enough for crooks to hijack people’s identities, potentially wreaking havoc on the victims’ lives.

Financial institutions, landlords and other businesses draw on data from credit monitoring companies like Equifax to verify people’s identity and ensure they are suitable for leases and loans. This breach has given cybercriminals a treasure trove of data to assume the identities of those affected and carry out fraudulent transactions in their name.

“On a scale of one to 10, this is a 10 in terms of potential identity theft,” said Gartner security analyst Avivah Litan. “Credit bureaus keep so much data about us that affects almost everything we do.”

Ryan Kalember, from cybersecurity company Proofpoint said: “This has really called into question the entire model of how we authenticate ourselves to financial institutions. The fact that we still use things like mother’s maiden name, social security number and date of birth is ridiculous.”

The breach could also undermine the integrity of the information stockpiled by two other major credit bureaus, Experian and TransUnion, since they hold virtually all the data that Equifax does, Litan said.

Equifax discovered the hack 29 July, but waited until Thursday to warn consumers. In the interim, as first reported by Bloomberg, chief financial officer John Gamble sold shares worth $946,374 and president of US information solutions Joseph Loughran exercised options to sell stock worth $584,099. President of workforce solutions Rodolfo Ploder also sold stock worth $250,458.

Ines Gutzmer, head of corporate communications for Equifax, said: “The three executives who sold a small percentage of their Equifax shares on Tuesday, August 1, and Wednesday, August 2, had no knowledge that an intrusion had occurred at the time they sold their shares.”

Read More

A North Carolina college is offering a bird’s-eye view to enhanced public-safety innovation with the opening of a drone academy this fall.

Located 50 miles south of Greensboro, Montgomery Community College will launch the NC Public Safety Drone Academy to prepare regional emergency service members and first responders with the needed tools to become effective and well-educated drone pilots.

The college’s drone program got off the ground last year in offering a Part 107 Prep course as well as a basic flight training class for emergency services.

“We decided to legitimize ourselves throughout North Carolina by partnering with the state Division of Aviation, Department of Emergency Services, and several local and state municipalities to create the academy,” MCC Director of Health & Public Safety Riley Beaman said.

Tuition will be waived for emergency/public-safety employees such as sheriff’s deputies, police officers, firefighters and first responders.

The 95-hour academy will focus on drone laws and regulations while offering a hands-on flight school that will expose pilots to:

Simulation Flight Time: grasping drone mechanics and basic operation through simulation;
Real-World Flight Time: after learning the basics, completing real flight time objectives and training;
Live Scenario-based Flight Objectives: focusing on fire, rescue, police, and emergency management situations and scenarios;
UAV Mobile Command Center operations training.
The college deploys a variety of more than 40 drones of all sizes – from microdrones to quadcopters, specifically the industrial grade DJ1 Matrice 100 equipped with a thermal camera.

“There’s something about North Carolina being first in flight and first in unmanned flight,” MCC Dean of Continuing Education said in a recent interview with The (Asheboro, N.C.) Courier-Tribune. “It’s been said that drones are the most impactful thing in aviation since the jet engine.”

When it comes to innovative drone education, colleges and universities are soaring – especially in North Carolina.

As earlier reported in DroneLife, Lenoir Community College now offers a drone-piloting program and several Lenoir County agencies plan to take advantage of it to receive federally-mandated training. The program grants students an associate’s degree in drone piloting – the first ever in the state. Edgecombe Community College in eastern North Carolina offers a consumer-level class.

Read More

Facebook turns off more than 1 million accounts a day as it struggles to keep spam, fraud and hate speech off its platform, its chief security officer says.

Still, the sheer number of interactions among its 2 billion global users means it can’t catch all “threat actors,” and it sometimes removes text posts and videos that it later finds didn’t break Facebook rules, says Alex Stamos.

“When you’re dealing with millions and millions of interactions, you can’t create these rules and enforce them without (getting some) false positives,” Stamos said during an onstage discussion at an event in San Francisco on Wednesday evening.

Stamos blames the pure technical challenges in enforcing the company’s rules — rather than the rules themselves — for the threatening and unsafe behavior that sometimes finds its way on to the site.

Facebook has faced critics who say its rules for removing content are too arbitrary and make it difficult to know what types of activity it will and won’t allow.

Political leaders in Europe this year have accused it of being too lax in allowing terrorists to use Facebook to recruit and plan attacks, while a U.S. Senate committee last year demanded to know its policies for removing fake news stories, after accusations it was arbitrarily removing posts by political conservatives.

Free speech advocates have also criticized its work.

“The work of (Facebook) take-down teams is not transparent,” said Eva Galperin, director of cybersecurity at the Electronic Frontier Foundation, which advocates for free speech online.

“The rules are not enforced across the board. They reflect biases,” says Galperin, who shared the stage with Stamos at a public event that was part of Enigma Interviews, a series of cybersecurity discussions sponsored by the Advanced Computing Systems Association, better known as USENIX.

Stamos pushed back during the discussion, saying “it’s not just a bunch of white guys” who make decisions about what posts to remove.

“When you turn up the volume on hate speech, you’ll get more false positives, (and) catch people who are just talking about it,” rather than promoting it, Stamos said.

The company also must operate within the laws of more than 100 countries, some of which use speech laws to suppress political dissent, he said.

“The definition of hate speech in some countries is problematic,” Stamos said.

Facebook CEO Mark Zuckerberg has said the company will hire 3,000 extra workers to monitor and remove offensive content.

That effort continues apace, according to Stamos, who said the company is “massively expanding our team to track threat actors.”

Still, “you can’t do all that with humans,” he said, which is why Facebook also relies on artificial intelligence software to judge whether someone trying to log in is a legitimate user.

Read More

“Violence against law enforcement and their families is a real concern in today’s environment. Every deputy at the Santa Rosa County Sheriff’s Office was given a free home surveillance system on Wednesday.

Sergeant Roman Jackson has been with the sheriff’s office in narcotics for many years. He has a wife and two kids at home. Due to his job, he has received threats against his family.

Sgt. Jackson said, “Just being targeted for what you do has become common in law enforcement. That’s scary, I’ve arrested people for dangerous drugs before.They’ve threatened to blow my house up, whether serious or not, we take them seriously.”

He said every time a deputy heads into work, it’s a real concern that they are leaving the ones they love most unprotected.

Sgt. Jackson said, “We work night shifts, we are away from our families a lot. We want added security for them when we are not there. We are the best protectors when we are home, but then we are out protecting everyone else.”

That’s why State Farm, along with Canary, gave all deputies at the Santa Rosa County Sheriff’s Office a free home surveillance system. State Farm Agent Mike Hill saw that State Farm was doing this in other communities and made it happen here.

Hill said, “You can watch what is going on in your home through your smartphone. There’s audio, video, measures temp, air quality, and see it real time through their phone.”

Sheriff Bob Johnson said it’s often hardest when deputies are working late hours and can’t get home quickly.

“If they work in Pace, live in Navarre, they can look on a smartphone and see what’s happening. It gives them peace of mind of what’s happening 20, 30 miles away,” said Johnson.”

Read More

“A security firm linked a recent wave of hacked hotel Wi-Fi networks to one of the groups suspected of breaching the Democratic National Committee during the 2016 presidential election, according to Wired.

The group, known as Fancy Bear or APT28, used tools allegedly stolen from the National Security Agency to conduct widespread surveillance on higher-end hotels that were likely to attract corporate or other high-value targets, the cybersecurity firm FireEye reported. FireEye has “moderate confidence” Fancy Bear was behind such a surveillance campaign in 2016, and others in recent months at hotels in Europe and one Middle Eastern capital. The campaign’s target, however, is unclear.

FireEye said the hackers used phishing emails to spread attachments infected with the alleged NSA exploit Eternal Blue. They eventually worked their way to corporate and guest Wi-Fi networks, where they could intercept guest information and collect credentials.

The Wired article suggested travelers should bring their own hotspots and avoid connecting to hotel networks.

Security Researchers: North Korea Hit with Malware Campaign

An unknown group has targeted North Korean organizations with malware that would allow repeated access to systems.

Security researchers say the latest campaign—after a July 3 intercontinental ballistic missile test—is at least the fifth attack in three years, Dark Reading reported. That campaign used a copy-pasted news article about the missile launch to trick recipients into launching the malware, the security firm Talos reported.

At first, the Konni malware used in the campaign only gathered information, but it later evolved to include the ability to remotely take control of some seized accounts, according to Talos and another security firm Cylance. The malware is capable of logging keystrokes, capturing screens and uses advanced techniques to avoid detection, the firms reported.

“The motivation behind these campaigns is uncertain, however it does appear to be geared towards espionage against targets who would be interested in North Korean affairs,” Cylance researchers said.”

View Source