CNBC's Three-Part ORC Series Continues

New ORC Laws Rolled Out in Nine States Since 2022
Retailers are shaping a wave of laws to crack down on organized theft - here's how they do it

Nine states have passed new laws cracking down on organized retail theft and Congress is considering federal action.

Since 2022, at least nine states - six so far this year - have passed laws to impose harsher penalties for organized retail crime offenses. Similar bills are pending before legislatures across the country and in the U.S. Senate.

Behind the sweep of legislation are retailers and trade associations, which are using their collective power to get the bills written and past the finish line. They have also seized on a moment when lawmakers in many parts of the country, and from both sides of the aisle, see a political benefit from appearing tough on crime.

The new and proposed laws aim to deter brazen retail crime and go after the so-called kingpins who lead organized theft groups. But critics say the measures may not actually reduce organized retail crime, and could disproportionately harm marginalized groups.
 
The legislative efforts come as more retailers blame rising crime for higher inventory losses, also known as shrink. But they have not shared data that proves how much it is costing them, nor are they required to do so. Experts told CNBC some companies could be overstating theft's impact on their profits to deflect from internal flaws. More references to retail crime could soon come as a string of major retailers gear up to report second-quarter results starting next week.

Now that the Inform Act has become law, retail has set its sights on a new target: the Combating Organized Retail Crime Act (CORCA), introduced in January by Sens. Chuck Grassley, R-Iowa, and Catherine Cortez Masto, D-Nev.
 
CORCA proposes stiffer penalties for theft offenses and calls for a change in the threshold prosecutors must meet before bringing federal theft cases.  cnbc.com

   RELATED: Merchants Push for New Laws to Combat Organized Retail Theft


Are Employee Theft & Self-Checkout the Real Culprits?
Retailers say organized theft is biting into profits, but internal issues may really be to blame

Companies are quick to blame organized theft for shrink losses, but behind closed doors the parallel issues of employee theft and self checkout are their primary focus areas, experts say.

Retailers who blame organized theft for lower profits could be overstating crime's impact to cover up internal flaws or self-inflicted problems, CNBC has learned.

During recent earnings calls, major companies have blamed disappointing bottom lines or shrinking margins in part on roving bands of organized gangs that ransack their shelves. The issue could come up again as a string of major retailers start to report second-quarter results next week.

But behind closed doors, retailers are facing other issues they can better control, including theft by their own employees, that are contributing to losses, according to two sources who advise major retailers. They spoke on the condition of anonymity because they're not authorized to speak publicly about clients.

Many retailers have invested in technology to better understand what leads to shrink, or the gap between the inventory a company has and what it sells. Some companies have since identified theft from employees as a major contributor to losses, even as they blame external theft in public, said one of the sources.

Losses from self-checkout theft have also become a major issue, the people said. While some retailers may be seeing higher rates of shrink because of poor hiring practices and self-checkout machines, others such as Target and Foot Locker could be using retail crime as a crutch to obscure internal challenges, experts told CNBC.

"Shrink has been going up but sometimes it's very difficult to unpack how much is down to theft and how much is down to internal retailer issues and stumbles," Neil Saunders, a retail analyst and the managing director of GlobalData, told CNBC.

"It is a problem, we know that, it does take money off margins, we know that, but there's too much opacity in the way in which it's reported and it is being partly used as an excuse for generally bad performance," Saunders said. cnbc.com

   RELATED: Retail crime could be exacerbated by internal errors & employee theft

   Read Part 1 of the CNBC series here
 

'Stores Simply Feel Less Safe'
New York Times Opinion: What We Lose to Shoplifting
I thought about this sad atmosphere of surveillance during one of my recent visits to San Francisco, where the broader downtown retail environment has been left tattered by store closures. Walking from aisle to aisle pushing a series of buttons, I felt like an imposition on a pharmacy's meager staff. After a string of these requests, I left before securing everything I'd planned to buy. The whole experience felt bad: I was sorry for the shopkeeper, sorry for the employees, sorry for being there, sorry for not buying enough.

The social and economic causes of shoplifting have become a source of debate, as has the extent of the problem. There are complicated questions around criminal enforcement, policing and punishment.

But leaving those issues aside, there is also an undeniable quality-of-life impact from the real or perceived increase in shoplifting. It is felt by shoppers, store employees, security personnel, store owners and our communities - and in ways more serious than awkward encounters over tampon purchases.

The most obvious effect is a sense of increased danger. Stores simply feel less safe. Of the nearly 9,000 reported retail thefts in Chicago in 2022, only about 17 percent resulted in arrests, Wirepoints said. This apparent shift in policing priorities can put increased pressure on store security personnel and frontline workers to police their own stores, even when they are inadequately prepared to do so.

Policies that require employees to remain passive in the face of shoplifting can be frustrating. As one employee quoted in the study put it: "You want me to prevent loss, but at the end of the day, if I can't physically stop someone that I know is stealing, essentially, I'm not loss prevention. I'm just, I'm here to just watch it." Another employee said policies preventing action make shoplifting too easy: "It is not fair. They have restrained our powers. They have tied our hands. The criminals have all the rights, and we don't."

Shoplifting adds pressure to retailers still reeling from Covid-19 and the ongoing pressures of online alternatives. For small shopkeepers, bodegas and mom-and-pops, losses from theft can be devastating to the bottom line. Even large chains like Walmart, Whole Foods, REI and Walgreens have closed or are planning to close major retail locations in cities like Portland, Ore., and San Francisco. While multiple factors are behind the closures, shoplifting is frequently cited as one of them.

Store owners are not the only ones who bear the cost of retail theft. Shoplifting isn't just their problem. We are all paying a price. nytimes.com


D.C. Stores Facing Pressure to Close Over Theft Surge
Shoplifting pressure threatens to shutter Washington, D.C. grocery store, turn area into food desert
Concerns are growing in Washington, D.C. about some major grocery stores being able to keep their doors open due to shoplifting. During a news conference Friday, Washington Councilman Trayon White, D-Ward 8, said he spoke to the regional management of a popular Giant Food store in his district.

"We had the opportunity to meet with some of the leadership of this Giant," White said. "Some of the regional leadership at this Giant, what we heard was disheartening." He spoke out forcefully about the high rate of shoplifting plaguing the store.

"We learned that this Giant has lost over $500,000 in product loss, which is about 20% of the sales. We know it's tough times and we know the price of food has skyrocketed in the last three years. But we cannot afford to hurt ourselves by constantly taking it from the store. It means that everybody is going to be without a place to eat. And enough is enough."

"To date, this Giant has had at least 135 stops from people stealing from the store," he added. "And they almost double that amount that didn't get stopped."

It's one of only four major grocery store locations east of the Anacostia River. And if this store closes its doors, White warned the impacts would be devastating and create a food desert for some Washington residents.

Last month, ANC commissioners and community members gathered at the Giant to speak out about their concerns, pleading that they do not want the store to leave their community. cbsaustin.com
 

Youth crime is on the rise in Chicago - and CTU's school closures may be to blame for the trend
The University of Chicago Crime Lab recently reported a 50% increase in shooting victimizations of school-aged youth 17 years and younger since 2019. Over 90% of victims were not enrolled in school. Earlier analysis by the Crime Lab documented 8% of those arrested were for homicides, 9% for shootings, 32% for robberies and 49% for carjackings were youth 17 years and younger.

What's driving young Chicagoans to commit more crimes? While the causes of crime are complex, there is widespread agreement - from the FBI Director to former Chicago Mayor Lori Lightfoot - that young people being out of school plays an important role. No single act was more responsible for keeping students out of school than the closing of Chicago Public Schools campuses for 17 months beginning in 2020. CPS has lost 87,000 students since 2010, when a radical wing of the Chicago Teachers Union took power.

As if that were not enough damage, the CTU and their supporters' all-out assault on the police undermine their ability to contain crime as the CTU are major public supporters of the anti-police, defund the police movement. illinoispolicy.org

 
Brown County, WI: Rising drug use contributes to increased shoplifting in our area
Ashwaubenon Public Safety says the increase in thefts is heavily tied to an increase in drug use in our area. Capt. Brian Amenson says a large number of thefts are committed by those struggling with drug addiction looking for quick, instant financial gain to support their habit.

Haverford Twp. police report 161% rise in retail thefts

Organised crime fears as shoplifting leaves Scots retailers £90M out of pocket

Security Professional Lost in Historic Maui Wildfires
Allied Universal Mourns Loss of Security Professional in Maui Wildfires, Several Others Unaccounted For
"Like people around the world, I watched in shock as the deadliest wildfire in modern U.S. history devasted Maui last week. I worried about the safety of our valued team members, our customers and the community.

My worries were realized. The Allied Universal team lost a security professional in the fire. Several others remain unaccounted for.

We extend our deepest sympathies to the family and friends of the Allied Universal security professional whose life was lost in the fire near Lahaina. And, we remain hopeful that those who are unaccounted for are safe and will be located soon.

We've opened our Maui office as shelter to employees who lost their homes or are unable to access them. We are working to get much-needed supplies, grief counseling and additional support to our team members and others.

We continue serving our clients on Maui where it is safe to do so, including Kahului Airport. I commend our team members who lost loved ones and their homes but continue working to ensure the safety of people and property.

Allied Universal's top priority is safety - the safety of our team members and the communities we serve. Our thoughts go out to the victims, the survivors, their loved ones, the 29 customers we serve on Maui, the island's community and the entire state of Hawaii." aus.com


Can Technology Stop Workplace Fatalities Surge?
Using Technology to Improve Workplace Safety Training

Companies often turn to technology to ensure they're providing accessible and continuous safety training.

Any accidental or preventable loss of life, whether it's on the job or at home, is nothing short of a tragedy. According to the U.S. Bureau of Labor Statistics, there were over 5,000 fatal work injuries in the United States in 2021, an 8.9 percent increase from the year before. This increase in workplace fatalities illustrates a growing need for robust safety training in professional and commercial settings.

Here are six important trends regarding the use of technology to improve workplace safety training:

Leveraging Learning Management Systems

Online safety training and the learning management systems designed to deliver digital safety content are essential across multiple verticals and within different types of organizations. Customers continue to purchase a wide variety of online safety training courses focusing on OSHA compliance topics.

The Power of Microlearning

It has become clear that lengthy, monotonous training sessions are not as resonant or effective with employees long term. As such, microlearning-or the method of providing employees with short, 2- to 3-minute bursts of refresher training-is growing in popularity.

Bespoke Learning Paths

Due to this pace of change and need for individualization, employers are deploying technology solutions for safety training that allow them to map and store individual learning paths and courses for each of their employees. When the time comes for upskilling and re-training, these learning paths make sure employees receive the vital training they need to not only protect themselves and others, but also to advance their careers.

The Multi-channel Approach - Closing the Skills Gap with 3-D Technology - The Role of Artificial Intelligence - Conclusion: ohsonline.com


Consumers Still Spending - But Growth is Slowing Slightly
NRF Economist Says Growth in Consumer Spending is Slowing
U.S. consumers are still buying more than last year, but spending growth is slowing as the economy settles down amid higher interest rates intended to reduce inflation, National Retail Federation Chief Economist Jack Kleinhenz said today.

"The economy was clearly more resilient in the first half of this year than many expected, and the consumer environment has been positive as inflation has slowed," Kleinhenz said. "Nonetheless, there are ongoing economic challenges and questions, and the pace of consumer spending growth is becoming incrementally slower."

"Consumers are still spending but are under financial pressure and have been adjusting how much they buy while also shifting from goods to services," Kleinhenz said. "While job and wage gains have counterbalanced inflation, the stockpile of savings accumulated during the pandemic is dwindling and is no longer providing as much spending power as previously available." nrf.com  chainstoreage.com


Inflation is Improving for Retailers - But Still a Long Way to Go
Walmart shares a warning for customers about inflation
"In Walmart U.S., general merchandise costs are now lower than a year ago, which is great, but they're still higher than two years ago on like items," he shared. The CEO shared that some categories have remained stubbornly high even as other areas have shown more improvement.

"In the dry grocery and consumables categories like paper goods, we continue to see high single-digit to low double-digit cost inflation. We all need those prices to come down," he shared. "The persistently high rates of inflation in these categories lasting for such a long period of time are weighing on some of the families we serve."

The CEO believes that higher prices in the grocery space also impact customers' budgeting. Basically, if people don't know what their grocery bill will be, not to mention fluctuating gas prices, they may be more conservative in other areas. thestreet.com


Gap closes another mall store amid plans to shutter 350 locations

Major retailers bring $14 billion in revenue to Black-owned brands
 

Senior LP & AP Jobs Market

Director, Safety job posted for Meijer in Grand Rapids, MI
This position leads and is responsible for ensuring store and supply chain/manufacturing safety programming and performance. This position will also analyze internal and external safety trends and develop strategies to drive improvement and maintain compliance with regulatory standards including but not limited to OSHA, DOT and fire code compliance. This position reports to the Vice President of Asset Protection and Safety. meijer.wd5.myworkdayjobs.com


Director, AP & Investigations job posted for Meijer in Grand Rapids, MI
Creates an environment to maximize sales and profit while protecting company assets. Oversees asset protection strategies and objectives related to mitigating shrink and loss, both for malicious and non malicious losses. Protects the company's assets by leveraging data analytics and insights to improve profit results. Directs the shrink analytics program and ensures processes are balanced for both predictive as well as recuperative efforts. meijer.wd5.myworkdayjobs.com
 

Last week's #1 article --

Spirit Halloween To Haunt More Retail Spaces Than Ever, Open 1,500 Stores
Spirit Halloween Store is creeping into vacant big-box space left behind by retailers Bed Bath & Beyond, Kmart, Sears, Tuesday Morning and more. The New Jersey-based company said it plans to pop up in 1,500 locations in advance of Halloween this year, up from the 1,450 stores it debuted in 2022, according to CoStar. bisnow.com

C-level Executives & Managers Targeted
Microsoft 365 accounts of execs, managers hijacked through EvilProxy
A phishing campaign leveraging the EvilProxy phishing-as-a-service (PhaaS) tool has been spotted targeting Microsoft 365 user accounts of C-level executives and managers at over 100 organizations around the world.

As organizations increasingly employ multi-factor authentication (MFA), threat actors have switched to using phishing services such as EvilProxy, which uses reverse proxy and cookie injection methods to steal authentication credentials and session cookies (and thus bypass the extra protection offered by MFA).

Between March and June 2023, Proofpoint researchers detected an new phishing campaign targeting Microsoft 365 user accounts. About 120,000 phishing emails were sent to targeted organizations impersonating legitimate services such as DocuSign, Adobe, and SAP Concur.

When the victim clicks on the email link, they are first directed to a legitimate website (YouTube, SlickDeals, etc.) and then redirected through a series of other websites, to finally land on the phishing page created by EvilProxy, which mimicks recipient branding and attempts to handle third-party identity providers.

The attackers employed special encoding for the sent emails to hide them from automatic scanning tools, then they used legitimate, hacked websites to upload PHP code to decode the email address of each user.

"After decoding the email address, the user was forwarded to the final website - the actual phishing page, tailor-made just for that target's organization," the researchers noted. Once the attackers gained access to the victim's account, they added their own multi-factor authentication method using "My Sign-Ins" to establish persistent access. helpnetsecurity.com


Feds Investigating Chinese Cyberespionage Campaign That Breached Microsoft
Cyber Safety Review Board to analyze cloud security in wake of Microsoft hack

The decision comes in the wake of a high-profile Chinese breach of U.S. officials' Microsoft email accounts.

A U.S. government review board will examine the suspected-Chinese cyberespionage operation that breached Microsoft's email authentication system and nabbed American officials' emails, the Department of Homeland Security announced Friday.

The Cyber Safety Review Board - a public/private entity established via presidential executive order in 2021 in the wake of the SolarWinds breach and launched in early 2022 - will review the incident as part of a broader look at the "malicious targeting of cloud computing environments" and "focus on approaches government, industry, and Cloud Service Providers (CSPs) should employ to strengthen identity management and authentication in the cloud," the agency said in a statement.

The operation targeting top U.S. officials' emails, announced in July but detected in June by security staff at the U.S. State Department, spurred heavy criticism of Microsoft, particularly because evidence of the breach was only apparent if customers paid for a premium logging tier. Microsoft has since announced that customers will have access to expanded logging and storage capability at no additional cost.

"We must as a country acknowledge the increasing criticality of cloud infrastructure in our daily lives and identify the best ways to secure that infrastructure and the many businesses and consumers that rely on it," CSRB Chair and DHS Under Secretary for Policy Rob Silvers said in the agency's statement.

Jen Easterly, director of the Cybersecurity and Infrastructure Security Agency, said in the statement that an "effective shared responsibility model requires a persistent focus on potential systemic risks in cloud environments," and that the board's findings will "advance cybersecurity practices across cloud environments and ensure that we can collectively maintain trust in these critical systems." cyberscoop.com


Threat Intel Efforts Need Stepping Up
Threat Intelligence Efforts, Investment Lagging, Says Opswat

In a survey, 62% of respondents admited their threat intel efforts need stepping up.

Almost two-thirds of organizations said their threat intelligence programs need improvement and only 22% of surveyed respondents said they have fully mature threat intel programs, according to a report issued at Black Hat USA this week by security vendor Opswat.

And while few (11%) are currently using artificial intelligence (AI) for threat detection, 56% are optimistic about its uses going forward, while 7% remain skeptical of AI's value. Organizations face common challenges, according to the vendor: detecting known and unknown malware, dealing with inadequate solutions, and making do with compromised tools.

Opswat surveyed 300 IT professionals who work in malware detection, analysis, and response. The survey reveals what organizations are doing to manage the threat landscape, the challenges they face, as well as their relative maturity levels and how they're preparing for obstacles that will ultimately arise.

"Threat intelligence plays a crucial role in safeguarding critical assets," Jan Miller, CTO of threat analysis at Opswat, said in a statement. "Understanding the evolving threat landscape empowers organizations to stay one step ahead of malicious actors, and in this rapidly changing cybersecurity landscape, it becomes the critical strategic advantage." darkreading.com


Europe: Credit Fraud: Interpol Busts Phishing-as-a-Service Platform '16Shop,' Leading to 3 Arrests
Interpol has announced the takedown of a phishing-as-a-service (PhaaS) platform called 16Shop, in addition to the arrests of three individuals in Indonesia and Japan. 16Shop specialized in the sales of phishing kits that other cybercriminals can purchase to mount phishing attacks on a large scale, ultimately facilitating the theft of credentials and payment details from users of popular services such as Apple, PayPal, American Express, Amazon, and Cash App, among others. "Victims typically receive an email with a pdf file or link that redirects to a site requesting the victims' credit card or other personally identifiable information," Interpol said. "This information is then stolen and used to extract money from the victims." No less than 70,000 users across 43 countries are estimated to have been compromised via services offered on 16Shop.  thehackernews.com

 
Getting the best possible outcome in ransomware negotiation

Downfall attacks can gather passwords, encryption keys from Intel processors

Sacramento, CA: Thieves steal around $80K worth of dirt bikes from North Highlands dealership
Less than a minute. Capitol Yamaha said that is how long it took for a group to ransack its North Highlands dealership and steal eight dirt bikes before placing them into a U-Haul early Sunday morning. The store said the bikes cost about $10,000 each. Seven people waltzed inside after maneuvering the front doors. Capitol Yamaha declined to do an interview but did allow CBS13 to share their video in hopes of catching the people behind this act. It is currently offering a $2,500 reward to anyone with information that can help lead to an arrest. "It's a big hit and it's not just about the monetary losses," said Rachel Michelin, president and CEO of the California Retailers Association.  cbsnews.com


Bakersfield, CA: Police recover $24,000 worth of stolen merchandise; two men arrested
The Bakersfield Police Department was able to recover $24,000 worth of stolen merchandise inside a home in southeast Bakersfield Friday. Detectives assigned to the Organized Retail Theft unit conducted a search of a residence in the 300 block of Waycross Street pursuant to a search warrant, related to a retail theft investigation. During the search, detectives recovered $24,000 worth of stolen merchandise from Home Depot, Lowe's, and Walmart. Miguel Nava, 37, and Tomas Martinez, 62 were arrested for charges associated with possession of stolen property, conspiracy, and grand theft.  bakersfieldnow.com


Lincoln, NE: Thieves steal more than $11,000 worth of purses from Dillard's at Gateway Mall

Detroit, MI: Suspect arrested after $2,000 worth of items stolen from Nike store in Downtown Detroit

Los Angeles, CA: Woman with pet allegedly steals $400 worth of merch from Goodies LA store