Retail Bomb Threats On the Rise
Bomb threats demanding ransom payments are a new headache for retailers including Walmart, Kroger and Whole Foods

The threats are being made by people demanding ransoms in the form of money, bitcoin or gift cards.

Law-enforcement officials and retailers are investigating a recent wave of bomb threats across the U.S. targeting grocery operators and other stores.

Kroger, Walmart, Amazon's Whole Foods Market and other companies have received bomb threats at stores in various areas from New Mexico to Wisconsin in recent months, according to authorities. Some callers demanded gift cards, bitcoin or money, and threatened to detonate bombs if payments weren't made.

Bomb threats demanding ransoms are unusual and appear to be a newer avenue of extortion targeting retailers that started earlier this year, security and industry experts said.

"It's yet another evolving scam," said Lisa LaBruno, senior executive vice president of retail operations at the Retail Industry Leaders Association. Members of the trade group are sharing details on threats received and responses, she said.

Hy-Vee, Food City, Meijer and other retailers that have been targeted with similar threats said they take each incident seriously and report them to law enforcement. Walmart said it cooperates with local, state and federal investigators.

The recent rash of bomb threats targeting retailers with ransom demands began months ago and increased in the spring, said Doug Baker, vice president of industry relations at food trade group FMI. Callers have sought payment ranging from hundreds of dollars to thousands, he said, and the trade group representing retailers, wholesalers and suppliers has informed members and is working with local FBI and Homeland Security Investigations.

Whole Foods recommended that store leaders go through bomb-threat protocols with workers after several stores in various regions received threats seeking payment, according to a recent memo viewed by The Wall Street Journal.

For retailers and their employees, bomb threats are among a growing number of safety challenges alongside shootings, theft and other security issues. wsj.com  businessinsider.com


Stores in San Francisco are Becoming Security Fortresses
San Francisco Bay Area grocery store takes drastic measures to deter rampant shoplifting

Safeway in Vallejo joins other locations in San Francisco Bay Area taking measures against rising theft

A grocery store in the San Francisco Bay Area has installed metal emergency gates at its entrance in an attempt to deter rampant shoplifting.

A Safeway in Vallejo also shuttered one of its entrances, according to KPIX reporter Betty Yu, who tweeted an image of the safeguard, which sounds an alarm if a shoplifter attempts to leave.

The supermarket chain location, which is owned by Albertsons Companies, joins other locations in the San Francisco area that have taken similar measures in recent years amid the city's rise in thefts.

The Bay Area, which has seen property crime rise 10.4% since last year, has also been afflicted with a spike in smash-and-grab robberies, where shoplifters armed with bats and other weapons make off with thousands in merchandise from high-end stores.

The gates are part of "long-planned security improvements" for the store, a Safeway spokesperson told FOX Business.

"Like other local businesses, we are working on ways to curtail escalating theft so we can ensure the wellbeing of our employees and foster a welcoming environment for our customers. These long-planned security improvements were implemented with those goals in mind," the company said.

Last fall, the police chief of San Francisco and Democrat Mayor London Breed said they would address the city's rampant shoplifting crimes by dedicating more police and beefing up coordination to make it easier to report theft.

Pharmacies such as Walgreens have closed down in response to the increased theft, which Breed has said is detrimental to those who rely on such establishments. foxbusiness.com


At Least 15 States Have Established Retail Theft Task Forces
Lawmakers want to target organized retail theft
New York lawmakers are confronting a nationwide retail issue estimated to cost $100 billion: organized crime rings systematically targeting stores to steal products.

This trend has led retailers to secure common items under lock and key, impacting customer convenience.

The Legislature has greenlit a measure to form a task force to investigate and address this issue. Pending Governor Kathy Hochul's approval, the 15-member group will comprise appointees from the state Senate, Assembly, governor, and state attorney general. They are tasked with developing legislative and regulatory recommendations.

The Retail Council of New York State and the National Supermarket Association have endorsed the task force's formation, stressing the need for "interagency coordination."

Other states like Washington, California, Colorado, Illinois, Connecticut, and nine others have established similar initiatives. The task force is also expected to focus on worker safety. McDonald expressed his intention for the task force to establish best practices, seeking ways to counteract the retail theft epidemic. fingerlakes1.com

   RELATED: NY lawmakers want task force to address 'national problem' of ORC


California's New ORC Partnership in the News
It's No Batman, but California Teams up to Stop Organized Retail Crime
California AG Rob Bonta, along with brick-and-mortar retailers and online marketplaces, adopted an agreement aimed at combatting organized retail crime (ORC).

The agreement explains that ORC has increased in California in recent years, threatening public safety and harming the economy. The agreement attempts to advance information-sharing and collaboration between retailers who may be the targets of theft, online marketplaces where the stolen goods may be resold for financial gain, and law enforcement.

Under the terms of the agreement, the signatory retailers with brick-and-mortar locations agreed to a number of commitments, including filing detailed police reports for all incidents of theft and retaining video of thefts to aid in prosecution. The online marketplaces also agreed to a number of commitments, including maintaining policies that clearly prohibit the sales of stolen goods and punish violators, and proactively ensuring the prevention and detection of listings for the sale of stolen goods. The retailers and online marketplaces both agreed to communicate with each other to stay up to date on ORC trends. jdsupra.com


The Great Debate Over Fighting Crime & Aggressive Policing
Crime is falling, but aggressive policing has some residents frustrated

Crime is down in one Brooklyn neighborhood, but residents say aggressive NYPD policing is oppressive and discriminatory
The numbers tell how often it happens in Brownsville - where crime is down so far this year, but neighborhood frustration with cops is up.

Across the city, more aggressive policing has been linked to a high number of sidewalk stops that don't comply with the law and largely target Black and Latino New Yorkers, according to a recent federal monitor's report filed in the landmark NYPD stop-and-frisk case.

Michael Sisitzky of the New York Civil Liberties Union says the NYPD is underreporting its stops.

What's happening in Brownsville comes against the backdrop of escalating crime across the city during the pandemic. Eric Adams campaigned on a promise to bring crime down, and weeks after taking office in 2022, Mayor Adams laid out an aggressive anti-crime plan that he said would put "boots on the ground."

In Brownsville's 73rd Precinct, data shows shows aggressive enforcement of low-level offenses - which often includes a policing technique often referred to as "stop and frisk" - has increased.

As aggressive low-level enforcement has risen, crime in the mile-square 73rd Precinct has dropped.

From Jan. 1 to June 18, police counted 767 major crimes in the precinct - which the NYPD defines as murder, rape, robbery, felonious assault, burglary, grand larceny and grand larceny auto. That is down 10% from the 854 major crime reported in the same period of 2022.

But at the same time, public complaints about 73rd Precinct officers are up, according to Civilian Complaint Review Board data.

But the NYPD stands behind its approach to the problem. nydailynews.com


Teens Fueling the Mass Shooting Epidemic?
Mix of bravado and access to guns contribute to mass shootings by teens in St. Louis, other cities
What these and other recent mass shootings share in common is they all involve suspects in their teens, highlighting what can be a deadly mix of teenage bravado and impulsiveness with access to guns.

The days when many teens opted to fight out disagreements with fists seem quaint by comparison. Reaching for a gun is the default these days for some teens who are as quick to take offense as to pull a trigger, agreed Rodney Phillips, a 50-year-old former Chicago Black Disciples leader who works with gang members nationwide to tamp down festering beefs.

"Now, the first thing out of their mouths is, 'I'm gonna kill you.' It's the brazenness of (the shootings), the reckless abandon, doing it in public places," Phillips said. "It wasn't like that when I came up."

Among the solutions to reducing teen violence, Jones said, was to keep expanding programs offering young people activities in safe spaces, including movie and music nights. More firearms, and even more powerful firearms, have enabled teens, or anyone wielding a gun, to maim and kill more people in single incidents.

In many cities, illegal guns are never too far out of reach. apnews.com


San Fran Mayor Breed, asked about 'doom loop,' suggests tearing down Westfield Mall

Elk Grove-focused prosecutor to crack down on retail theft, sideshows and more

Retail thefts cause concern in Southern Nevada

Ranking States by Safety - Crime, Workplace Safety & Other Categories
'You'll be safest in Massachusetts. Avoid Louisiana.'

Leaving California: What states are the safest places to live?

The Golden State's migration woes have grabbed recent headlines as debate swirls about California being too soft on crime.

As a public service - no less, to provide an economic lesson or two - my trusty spreadsheet looked at a trove of statistics measuring the many factors surrounding the concept of "safety" for the 49 other states.

Yet for readers who are in a rush to exit California, my math says you'll be safest in Massachusetts, followed by Vermont, New Hampshire, Maine and Rhode Island. Safety seekers should avoid Louisiana, Arkansas, South Carolina, Mississippi and Oklahoma.

Crime counts

People often see "safety" as criminal acts and how to avoid them.

Three national measurements of public safety took on that calculation challenge. My composite index of those gradings says the best states to avoid crime are New Hampshire, Maine, Vermont, New Jersey and Connecticut.

Your worst odds of dodging the criminals are found in Arkansas, Louisiana, South Carolina, Alaska and Colorado.

And California, if ranked, would be No. 32.

Workplace safety

Depending on your career path, on-the-job injuries are something to worry about. Plus, states have varying laws for protecting workers - both their health and wealth opportunities.

By this math, workers should feel safest in Washington, Oregon and Vermont. But be wary of jobs in Mississippi, Idaho and North Dakota. California, if ranked, would be the fourth-best place to work. ocregister.com


Will Boycotts Against Target & Others Actually Work?
Boycotts rarely work, but anti-LGBTQ+ backlash is forcing companies into tough choices

Boycotts against corporate inclusion of LGBTQ+ Americans are targeting more major businesses.

Attacks against businesses for their inclusion of the LGBTQ+ community have forced companies to try to strike a balance between expressing values or risking backlash - and even violence - from a small but vocal part of their customer bases.

As boycotts move beyond social media-fueled outrage, companies such as Anheuser-Busch, Target and Disney are facing monthslong public relations fiascos that have resulted in market share losses, C-suite shake-ups, legal battles and even threats to employees. In some cases, corporations have drawn the ire of conservative customers for marketing to LGBTQ+ consumers or criticizing laws targeting them - only to face backlash from more liberal shoppers for attempts to appease those who spurned a brand.

Boycotts usually have little effect on a company's bottom line, according to experts who have tracked them. The backlash against Bud Light has hit particularly hard because there are similar substitutes for the light lager, constant media coverage has emboldened the boycotters, and the company has not put forth a unified strategy, said Anson Frericks, who spent more than a decade as president of sales and distribution at Anheuser-Busch.

For companies such as Target and Disney, it is unclear if boycotts will hit sales. Even if companies take no financial damage from the backlash, the increasingly aggressive resistance to LGBTQ+ marketing has jeopardized corporate-inclusion efforts that have become commonplace in recent years. cnbc.com


Costco Tightening Down on Security
Is Costco Over-Complicating Self-Checkout?
Costco's move to increasingly add staff to self-checkout stations is drawing some poor reviews on social media.

Some have grown accustomed to the solitary self-checkout experience, according to a recent Costco-focused Reddit thread, "Self-Checkout has become awful."

"Costco is not over-complicating self-checkout at all. Having extra eyes is a helpful strategy to reduce theft and in most cases, customers are fine with the friendly staff."

The extra staff, some felt, was partly due to an overall crackdown on sharing membership cards as well as to reduce theft. A few claimed their receipt gets checked twice as they exit the self-checkout and the store.

Costco also reportedly enables shoppers at some locations to use scanners but reserves them for associates at others in a sign Costco is working out the kinks of its self-checkout strategy. retailwire.com

   RELATED: Costco is cracking down on rising membership card 'sharing'


Thousands of Grocery Workers Go on Strike
More than 2,500 Lunds & Byerlys workers vote in favor of strike
A union representing more than 2,500 employees at Twin Cities Lunds & Byerlys locations has authorized a strike. On Friday, United Food and Commercial Workers Local 663 announced an "overwhelming" vote among its members to authorize a strike "should it become necessary."

Workers have held pickets at the chain's Eagan, Golden Valley, Eden Prairie, Maple Grove and Bloomington locations. The union has been without a collective bargaining agreement since March 7. Negotiations are set to begin again on Monday.

"As a bargaining committee, we know that the decision to call a strike is always a last resort, however, we refuse to continue to be bullied by our employer," the union said in a statement.

Among the union's asks are increased wages and pay equity. The union also says it wants to maintain its "worker-driven healthcare," alleging that Lunds & Byerlys has proposed moving to a company-controlled model. bringmethenews.com


National Safety Month
Resources to Employ During National Safety Month
This year's focus is on emergency preparedness, slips, trips and falls, heat-related illness and hazard recognition.

In order to provide companies with the latest safety information, the National Safety Council recently wrote an article highlighting research and prevention efforts from the National Institute for Occupational Safety and Health and NSC. The focus area for this year includes emergency preparedness; slips, trips, and falls; heat-related illness; and hazard recognition.

National Safety Council

An emergency can strike at any time, whether from a fire, natural disaster, release of hazardous material, medical issues, workplace violence and more. Being prepared is crucial. With the first week of June also being National CPR and AED Awareness Week, NSC encourages you to watch this survivor video and download the free NSC First Aid App. ehstoday.com


Chain Store Age 2023 Retail's Top Women Awards: The honorees are...

Buy Buy Baby suitors lose interest in keeping stores open as auction nears


Quarterly Results

CarMax Q1 sales down 17.4%


Last week's #1 article --

Home Depot Sounds the Alarm Over Store Theft & Violence

Home Depot Beefs Up Security, Locks Up More Items
'We're investing in more security guards': The Home Depot CEO warns that theft is a 'big problem' for retail - says he even has to lock up small $50 items

A growing trend of organized retail crime is now not just eating into company profits, it's threatening the safety of workers.

"It's a big problem for retail," said Home Depot CEO Ted Decker on CNBC's Squawk Box. "This isn't the random shoplifter anymore."

The home improvement company is still mourning the loss of two employees - Gary Rasor, 83, and Blake Mohs, 26 - who were killed in separate theft incidents in the past year.

Organized retail crime and theft are growing in both scope and complexity across the country, according to a study from the National Retail Federation - to the extent that former Home Depot CEO Bob Nardelli recently described it as an "epidemic ... spreading faster than COVID."  moneywise.com

Retail & Restaurant Industries Targeted by Ransomware Attacks
Countering ransomware attacks to restaurants and retail

Bolster cybersecurity by addressing three operational domains

The high-profile April 12 cyber attack on NCR, a company responsible for data operations in the restaurant and retail sectors, resulted in businesses receiving a fresh warning regarding an escalating vulnerability: ransomware attacks. In this environment, understanding why certain businesses are targets can help them decide how best to adopt a prevention strategy that saves money and thwarts reputational damage.

Dissecting the NCR ransomware attack

The April cyber attack against NCR was unusual for two reasons: one was that the attack was not on a restaurant chain or retailer but on a company that provides financial services for these companies - particularly point-of-sale (POS) processing. Second, NCR publicized the attack after their incident response process required it to shut down systems functionality for its clients. This attack naturally concerned restaurants and retailers whose customer information is housed in the software.

Operational steps to countering cyber attacks

Restaurants and retailers aiming to counter cybersecurity thefts and ransoms should address three key operations domains.

1. Strengthen security controls. The first of these is addressing access controls, data governance and end-point security, Sedek said. Organizations in these industries need to invest in a cybersecurity infrastructure, containing firewalls, intrusion detection systems and anti-malware software. The systems must be regularly patched and updated to stay ahead, when possible, of vulnerabilities that have been discovered.

2. Invest in backup and recovery. The second key is to invest in a well-structured backup and recovery plan for data, one that regularly backs up data off-site or to a cloud location not accessible from the internal network.

3. Educate the workforce. The third key is the education of employees on how to recognize and deal with cybersecurity attacks.

Implementation of these controls takes commitment from both the business owners and security leaders. "Most importantly," Sedek said, "realize that a company's cybersecurity efforts aren't the sole domain of a company's IT department, but should involve the entire company." grantthornton.com


Attackers Use Microsoft Teams to Deliver Malware
Microsoft Teams Attack Skips the Phish to Deliver Malware Directly

Exploiting a flaw in how the app handles communication with external tenants gives threat actors an easy way to send malicious files from a trusted source to an organization's employees, but no patch is imminent.

A bug in the latest version of Microsoft Teams allows for external sources to send files to an organization's employees even though the application typically blocks such activity, researchers have found. This give threat actors an alternative to complex and expensive phishing campaigns to deliver malware into target organizations - but Microsoft won't be addressing it as a priority.

Researchers Max Corbridge (@CorbridgeMax) and Tom Ellson (@tde_sec) from JUMPSEC Labs' Red Team discovered a way to exploit the Microsoft Teams External Tenants feature to slip malware into files sent to an organization's employees, thus bypassing nearly all modern anti-phishing protections, they revealed in a blog post published this week.

"This vulnerability affects every organization using Teams in the default configuration," Corbridge wrote in the post. "As such it has huge potential reach and could be leveraged by threat actors to bypass many traditional payload delivery security controls."

Teams is Microsoft's widely used hosted messaging and file-sharing app, which already was used by an estimated 91% of Fortune 100 organizations before the Covid-19 pandemic, according to Microsoft financial data. During the pandemic, the use of Teams expanded even further, as many organizations came to rely on it to communicate and collaborate with their remote workforce.

Though Teams is typically used for communication between employees within the same organization, Microsoft's default configuration for teams allows users from outside the company to reach out to its employees, the researchers said. This is where the opportunity arises for threat actors to exploit the app to deliver malware, they said. darkreading.com
 

71% of organizations struggling to keep up with new AI risks, report finds
Most organizations rely on third-party AI tools - yet some don't evaluate their risks at all.

More than 70% of organizations are struggling to keep up with the risks of using artificial intelligence (AI) tools - and should consider using Responsible AI (RAI) programs to stay on pace with the latest advances, according to a June 20 report from MIT Sloan Management Review and Boston Consulting Group.

Significant risks have emerged, particularly with third-party AI tools, which make up 55% of all AI-related failures. This could lead to financial loss, reputational damage, the loss of customer trust, regulatory penalties, compliance challenges, litigation and more. hrdive.com

 
U.S. Cybersecurity Agency Adds 6 Flaws to Known Exploited Vulnerabilities Catalog
The U.S. Cybersecurity and Infrastructure Security Agency has added a batch of six flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.

LockBit Developing Ransomware for Apple M1 Chips, Embedded Systems

4 reasons to consider a career in cybersecurity