The D&D Daily Mobile Edition
LP, AP & IT Security's #1 News Source

11/13/19 D-Ddaily.net
 

 





 

 


 


Mass Shootings Raise Questions About Security and Training

Perpetrators at workplaces are typically insiders who know safety procedures, study finds


Mass shooters who target schools and workplaces are typically insiders such as students or employees, calling into question the effectiveness of security measures and training, according to one of the most comprehensive studies of the subject.

Barriers and locks meant to block outsiders and active-shooter drills do little because most attackers already have access and are aware of the procedures, said the authors of the study, Jillian Peterson and James Densley. The university professors have created a mass-shooter database that goes back more than 50 years.

The most common site for a mass shooting since 1966 is the workplace, Mr. Densley and Ms. Peterson found. Next was a category that includes restaurants, bars and nightclubs, followed by retail establishments, schools, houses of worship and colleges. wsj.com


What a Security Products Blacklist Means for End Users & Integrators
A recent US Commerce Department blacklist of several Chinese entities leaves a looming question: What happens if your products are now prohibited?

The recent blacklisting by the US Department of Commerce bars 28 Chinese security and technology companies from buying parts and components from US firms without US government approval. Among the companies named are two of the world's largest video surveillance manufacturers, Hikvision and Dahua Technology, and several startup firms that specialize in AI, voice recognition, and data. The US government accuses them all of playing a role "in the implementation of China's campaign of repression, mass arbitrary detention and high-technology surveillance," the Commerce Department filing states.

These prohibitions are causing complications for IT and physical security professionals, especially those with government contracts. They need to weigh the security risks of using these tools versus the risk of not using them. A complex international supply chain also makes it hard to evade all these potential entrapments.

Questions About Supply Chain Security Now in Play
Danielle VanZandt, security analyst for Frost & Sullivan, says Dahua's and Hikvision's positions within the overall global digital surveillance market makes their blacklisting somewhat of a shock, with the immediate effects touching off significant questions among US partners, end users, and supply chain partners about the state of the security products supply chain.

The Path Forward if You're Impacted
What if you are using products from an impacted entity? The instructions for how to proceed are murky. VanZandt says she only recommends rip-and-replace to end users who were already considering updates to their systems. It is unnecessary to incur the huge expense that a total system replacement would require based solely on the blacklist. However, she does not recommend that end users or systems integrators just "hope for the best" either when it comes to the security products they are using. The list could present an opportunity for a fresh evaluation of systems in place. darkreading.com

U.S. Adds 22 to Commerce’s Entity List


90 Voice Fraud Attacks Occur Every Minute
Pindrop®'s annual Voice Intelligence Report has uncovered skyrocketing fraud rates, with 90 voice channel attacks occurring every minute in the U.S.

Additional key findings include:

Voice fraud continues to serve as a major threat, with rates climbing more than 350 percent from 2014 to 2018

The 2018 fraud rate is 1 in 685, remaining at the top of a five-year peak

Insurance voice fraud has increased by 248 percent as fraudsters chase policies that exceed $500,000

In 2018, 446 million records were exposed from more than 1,200 data breaches

The industries facing the highest fraud risks include insurance (1 in 7,500 fraudulent calls), retail (1 in 325 fraudulent calls), banking (1 in 755 fraudulent calls), card issuers (1 in 740 fraudulent calls), brokerages (1 in 1,742 fraudulent calls), and credit unions (1 in 1,339 fraudulent calls)

The report details emerging fraud threats, the birth of the conversational economy, and why voice authenticated customer experience is the next revenue battleground for enterprises.

In the report, Pindrop highlights how synthetic voice attacks will soon become the next form of data breaches. In the near future, we will see fraudsters call into contact centers utilizing synthetic voices to test companies on whether or not they have the technology in place to detect them, particularly targeting the banking sector. securitymagazine.com

Two Tuna Co. SVP's Admit to Price-Fixing in Ex-Bumble Bee CEO Trial
A former StarKist executive testified Tuesday in the criminal price-fixing trial of former Bumble Bee CEO Christopher Lischewski, highlighting for a California federal jury the tuna industry leadership’s close relationships and how he worked with executives at Bumble Bee and Chicken of the Sea to fix prices.
StarKist’s former SVP of sales and trade marketing, Steve Hodge, told the jury that he participated in the price-fixing scheme with Bumble Bee and Chicken of the Sea in order to “compress the levels of competition” and to “keep a level playing field” between the leading canned tuna companies. Last week, the jury heard similar testimony from Walter Scott Cameron, Bumble Bee's former senior vice president of sales who reported directly to Lischewski, on how exactly he participated in the price-fixing conspiracy and that he had entered a plea deal with the government. law360.com

H&M Wants Worker Bag Check Class Cert. Revoked
H&M has urged a California federal judge to decertify classwide treatment on claims that workers weren’t paid for time spent in security checks after their shifts ended, arguing the clothing chain doesn’t have a uniform practice of requiring every worker to go through such a check post-shift. The company said Thursday there were a number of reasons to undo an August 2018 decision in which U.S. District Judge Edward Davila granted class certification on claims stemming from H&M Hennes & Mauritz LP’s post-shift inspections. For one thing, the company said that there isn’t a common policy that all workers have to get checked after they clock out, claiming that only those with bags need to be checked. law360.com

Hong Kong Protesters Direct Anger at Police as Violence Flares
Public anger at Hong Kong’s police force has become a driving force behind a protest movement that is increasingly marked by violent confrontations, after beginning as peaceful opposition to Beijing’s growing influence over the city’s affairs. That fury was on full display after police shot a 21-year-old protester at close range on Monday, marking the third such incident during this year’s unrest and triggering more clashes throughout the day. The man, identified by friends as Patrick Chow, a hotel-management student, remained in critical condition after undergoing emergency surgery. wsj.com

Hong Kong defies protests:
Causeway Bay remains the most expensive shopping street for retail

The Cushman&Wakefield ranking uses data collected before the protests started.
New York’s Fifth Avenue and London’s New Bond Street are placed in second and third position. themds.com
 



Black Friday Just Isn’t What It Used to Be
Online Shopping on Thanksgiving - Sales Throughout November - The Amazon Effect

Apparently, Black Friday is declining in its impact on holiday spending. According to PwC’s holiday outlook report, Black Friday is being “muted” by changing consumer behavior. The report also found that shoppers plan to spend about $1,200 this year on gifts and items for themselves. The PwC data follows forecasts that vary widely, and show apparel sales coming in about flat this year.

PwC surveyed shoppers and found that
“only 35 percent of consumers plan to shop on Black Friday this year — dropping a full 38.9 percent from 2015.” The researchers also found that 49 percent of shoppers said “they plan to finish their holiday shopping after Black Friday week.”

This compares to 19 percent of those polled who are shopping throughout Black Friday week and 10 percent who are shopping in “early November.” Six percent have either completed or planned to complete their shopping before Nov. 1.

Some of the shifts in holiday spending include
more online shopping taking place on Thanksgiving Day. Other factors muting the impact of Black Friday include more sales throughout November as well as “the Amazon effect.”

“Amazon’s dominance and the success of Prime Day have changed consumer behavior,” authors of the report said. “Shoppers realize there are opportunities for deep discounts beyond Black Friday and Cyber Monday, essentially causing buying patterns to become more dispersed.” wwd.com

Expect ‘roller-coaster’ holiday shopping season, advises NPD
Retailers can expect a good Black Friday weekend, but a mediocre Cyber Monday will follow as online growth continues to level off and political distractions around the globe take a bite out of leisure-time spending, according to The NPD Group Holiday 2019 Insights. NPD notes that shopping intentions are divided between consumers who plan to spend more (20%) than last year and those who plan to spend less (16%), with the biggest change among the largest group of consumers — those who plan to spend the same amount (64%) they did last year. chainstoreage.com

UK Department Store Sector Has Seen Unprecedented Difficulties
Two of the biggest chains entering administration: House of Fraser in 2018 and Debenhams in 2019

Retailers in the UK department-store sector have already tried investing in digital, focusing on private labels and creating better in-store experiences - so far, these actions have not been enough to revive the top line. Given the sustained structural shifts in retailing, we expect to see a leaner sector with fewer stores, even if not fewer chains, in the coming years. coresight.com

Gift cards are a top target for scammers this holiday season
There are multiple gift card scams that are becoming increasingly popular, according to security experts.

One involves scammers using a card reader to record — or simply writing down — a card’s serial number in store before it is sold. Then, they scratch off the decal protecting the cards’ PINs and record those, too, replacing the covering with tape that can be bought relatively cheaply online, according to Krebs on Security, a popular tech security blog.

Other scammers use bots to test out millions of combinations of gift card numbers and PINs on retailer websites. Once they access an account, they drain the money still left on the cards, either by selling it on the dark web or buying products or services themselves.

It’s not just gift cards. Thieves are using
similar tactics to access member accounts on retailer websites to steal any loyalty points the member may have accumulated (think Sephora’s Beauty Insider points). cnbc.com


Consumers plan to spend more than $200 on gift cards this year

CNBC Investigation - Originally Aired in 2017: Gift card crime fueling opioid addiction across the US
 



US Supreme Court weighs major digital privacy case involving cellphone data
Serial armed robber says police needed a warrant to track his location during crime spree

The U.S. Supreme Court on Wednesday takes up a major test of privacy rights in the digital age as it weighs whether police must obtain warrants to get data on the past locations of criminal suspects using cellphone data from wireless providers.

The justices will hear an appeal by a man named Timothy Carpenter convicted in a series of armed robberies in Ohio and Michigan with the help of past cellphone location data that linked him to the crime locations. His American Civil Liberties Union lawyers argue that without a court-issued warrant such data amounts to an unreasonable search and seizure under the U.S. Constitution‘s Fourth Amendment.

Law enforcement authorities routinely request and receive this information from wireless providers during criminal investigations as they try to link a suspect to a crime.

Police helped establish that Carpenter was near the scene of the robberies of Radio Shack and T-Mobile stores by securing from his cellphone carrier his past “cell site location information” tracking which cellphone towers had relayed his calls.

The legal fight has raised questions about the degree to which companies protect their customers‘ privacy rights. The big four wireless carriers, Verizon Communications Inc, AT&T Inc, T-Mobile US Inc and Sprint Corp, receive tens of thousands of these requests annually from law enforcement. stockdailydish.com

A Guy Who Stole Phones From RadioShack Could Be The Next Face of Digital Privacy


SHRM: Politics in the Workplace
How common do you think politics and the discussion of political issues have become over the last four years?


While most workplaces are inclusive and mostly inclusive about differing political opinions... over a third are not.

For decades, conventional business wisdom has held that employees should check their political opinions at the door. A new SHRM survey, however, shows that not only are political conversations occurring at work, they're on the rise—and causing conflicts:

56% of U.S. employees say discussion of political issues has become more common in the last four years.
42% percent have personally experienced political disagreements in the workplace.
34% say their workplace is not inclusive of differing political perspectives.

The findings suggest that political topics like race, sex and gender make up a dimension of diversity that workplace cultures should include and embrace by facilitating civil conversations. shrm.org

Surveillance video released of burglars who raided billionaire Mall of America mogul’s New York mansion
Burglars ransacked New York mansion of billionaire Don Ghermezian Saturday evening, stealing $140,000 worth of luggage and jewelry. Police released video footage of the suspects walking outside the Ghermezian’s home in an upscale Bronx neighborhood.

Ghermezian is CEO of Triple Five Group, the Canada-based real estate developer behind Mall of America and the recently-opened American Dream mall in East Rutherford, New Jersey. cnbc.com

What Are the Privacy Rights of Employees?

Famed Consultancy McKinsey & Company Opens Store
   - 'Modern Retail Collective' at Mall of America


Juul to Cut 650 Jobs, Slash $1B in Costs

Columbia, SC: Firehouse Subs employee fired after writing racial slur on receipt

Walgreens may get scooped up in the largest private equity deal in history



Quarterly Results
Advance Auto Parts Q3 comp's up 1.2%, sales up 1.6%


All the News - One Place - One Source - One Time

Thanks to our sponsors/partners - Take the time to thank them as well please. If it wasn't for them The Daily wouldn't be here every day for you.
  

 


 


 


 


 











 

 




 


Companies Failing Interim Security Test
PCI DSS payment security compliance drops again Worldwide
Worldwide, barely one-third of companies are maintaining full compliance with the PCI DSS security standard – and the numbers are falling.

Compliance with the Payment Card Industry Data Security Standard (PCI DSS) has fallen for the second year in a row to just 36.7% globally, the lowest level in five years, according to Verizon's "2019 Payment Security Report," published Nov. 12.

The decline in successful interim security audits is steep. In 2016, more than half of companies — 55% — taking a practice run through the painful compliance process mandated by PCI DSS passed the interim compliance audit. The ability to pass the assessment is a measure of the stability of a company's compliance processes and security controls, says Ciske Van Oosten, senior manager of global intelligence for Verizon's Security Assurance Consulting practice.

The PCI DSS requirements organizations most often failed to maintain include No. 11 ("Test Security Systems and Process"), No. 6 ("Develop and maintain secure systems"), and No. 8 ("Authenticate access"). A third of companies — the largest portion — failed to run regular network and vulnerability scans (requirement 11.2), according to Verizon's report. Twenty-eight percent of companies failed to protect software components and applications from known vulnerabilities (requirement 6.2), and 27% failed to recheck security control flagged by penetration testing to ensure that issues were fixed (requirement 11.3.3).

"The largest compliance drop occurred against Requirement 6, as organizations struggled to maintain effective vulnerability management, software development and change processes," the report stated. "It is then perhaps not too surprising that Requirement 11 remained the poorest performer—both in overall compliance and control gap—as organizations struggle to sustain compliance with security testing requirements year after year."

Organizations in the Asia-Pacific (APAC) region were the most likely to maintain compliance at 69.6%, compared to 48% in Europe, the Middle East and Africa (EMEA) and just 20.4% in the Americas, said Verizon.

With the latest version of the PCI DSS standard 4.0 launching soon, businesses have an opportunity to turn this trend around by rethinking how they implement and structure their compliance programs.” computerweekly.com darkreading.com

Russian National Extradited for Running $20M Online Criminal Marketplace
Russian national appearance in federal court yesterday on charges related operation of two websites devoted to the facilitation of payment card fraud, computer hacking, and other crimes. Aleksei Burkov, 29, arrived at Dulles International Airport last night after being extradited from Israel.

Burkov ran a website called “Cardplanet” that sold payment card numbers (e.g., debit and credit cards) that had been stolen primarily through computer intrusions. Many of the cards offered for sale belonged to United States citizens. The stolen credit card data resulted in over $20 million in fraudulent purchases made on US credit cards.

Burkov allegedly ran another website that was invite-only club where elite cybercriminals could advertise stolen goods and services. To obtain membership in Burkov’s cybercrime forum, prospective members needed three existing members to “vouch” for their good reputation among cybercriminals and to provide normally $5,000, as insurance.

Arrested at Ben-Gurion airport near Tel Aviv in December 2015. And just extradited to US. He faces a maximum of 80 years in prison. justice.gov

Editor's Note: Obviously the FBI, who is constantly monitoring these hackers movements, knew he was on a plane landing in Tel Aviv for some reason and intercepted him or had him intercepted.

We've read a number of accounts and articles that claim that for the most part it's the FBI tracking these hackers and just waiting for them to leave their protected areas in Russia and neighboring country's. With taking vacations being the #1 reason they were traveling. In one case they literally, according to one foreign media source, "kidnapped" the hacker at a restaurant on his first night on vacation.

It's a great testimony for the FBI and their never ending pursuit of these criminals. The biggest of which are now sitting in U.S. Federal prisons.


Albertson's Urges Dismissal Of Employee's Biometric Suit
Albertson’s argued Tuesday that it shouldn’t have to face a lawsuit for collecting employees’ fingerprints because there is no functional difference between it and the types of businesses excluded from liability under Illinois’ biometric privacy law.

If the goal of Illinois’ Biometric Information Privacy Act is to protect individuals’ biometric information, then the statute’s exceptions for financial institutions and government contractors “do nothing” to achieve that goal, Mark Eisen, counsel for New Alberston’s Inc., told Cook County Circuit Judge Anna Loftus. The company, which owns the Jewel-Osco chain of grocery stores, says BIPA is unconstitutional and wants the court to dismiss a lawsuit by former pharmacist Gregg Bruhn alleging that it unlawfully collected fingerprint data from pharmacy employees. law360.com

PayPal becomes phisher’s favorite brand, Office 365 phishing techniques evolve
PayPal has overtaken Microsoft to claim the number one ranking for phisher’s favorites for the first time. Netflix was not far behind as the streaming giant moved up to the third spot, according to Vade Secure. In Q3 2019, Vade’s AI engine detected 16,547 unique PayPal phishing URLs for an average of nearly 180 per day. This represents a 69.6 percent YoY increase. Impersonating PayPal, which had more than 286 million active user accounts in Q2, is clearly a highly profitable practice for cybercriminals, with no letup in sight. helpnetsecurity.com

Tech startups offer competition for Amazon Go
AiFi and Grabango are two technology startups that are developing autonomous systems to enable consumers to shop in stores without having to use a traditional checkout. Grabango is currently working with Giant Eagle to test its technology in a store environment. cnbc.com

FTC Blog: When third-party service providers are party to sensitive data

10 Data and Analytics Trends for 2020

 


 


Civil Rights Concerns in Canadian Stores

Businessman with China ties looks to bring face-recognition tech to Canada stores

Human-rights advocates say they’re worried that the technology at the heart of China's digital surveillance apparatus could be introduced to Canada

As a rare lawsuit pushes back against China’s ubiquitous use of facial recognition systems, a Toronto-area businessman with close ties to Beijing is looking to implement the technology in Canada, prompting concern from privacy and human-rights activists. Wei Chengyi, owner of the Foody Mart grocery chain, confirmed the company is considering introducing payment by Chinese-made facial recognition devices at its stores in Ontario and B.C., and suggests the firm is just moving with the times.

The payment systems capture an image of the shopper’s face which is then linked to his or her account, enabling the person to make a purchase simply by looking into a camera — no card, cash or phone needed. It could be the first such use of the technology by a North American retailer.

Foody Mart is planning to buy the system from SnapPay, a Toronto firm that distributes Chinese payment gear from tech giants Tencent and Alibaba, Ryan Li, another company executive, told Yahoo Finance recently.
nationalpost.com

'Treated as a criminal': Walmart receipt and bag checks anger customers.
Your rights explained
An apparent step-up of receipt and shopping bag checks at Walmart has sparked customer complaints, raising concerns about shoppers' rights.

The Canadian Civil Liberties Association (CCLA) said it's investigating the practice of retailers doing routine security checks at the exit, concerned that the way they're conducted may jeopardize customers' rights. Michael Bryant, CCLA's executive director and general counsel, said retailers should get consent before checking receipts or bags. And if no consent is provided, he said, customers are under no obligation to comply.

In a 2016 ruling on a case involving a suspected shoplifter, an Ontario Superior Court judge wrote that a retailer can detain a suspect if there are reasonable grounds, but — even then — it would have to get consent to do a search.

Walmart didn't directly address questions from CBC News about customers' rights including what happens if shoppers refuse receipt checks. The retail giant also didn't say if it has stepped up its security checks.
cbc.ca
 



Shoppers cautioned against trying to stop Liquor Mart thefts on their own;
Police urge customers to 'step back'
New video posted to social media that appears to show shoppers physically intervening in a Liquor Mart theft highlights the growing frustration Manitobans are feeling about the problem, but Winnipeg police are warning people it’s not a good idea to get involved. Store employees and security guards have been told not to physically intervene but it appears some shoppers seem to be disregarding the warning and may be putting themselves at risk by attempting to stop shoplifters.

As frustrating as it is to see somebody committing a crime in front of you and seemingly get away with no consequence, you need to step back,” said Winnipeg Police Service Const. Jay Murray. “If you witness it, contact the Winnipeg Police Service if it’s here in Winnipeg.

On Saturday at around 8:30 p.m. a video posted to Facebook shows two people physically intervening with two other people who appeared to be attempting to walk out of a Liquor Mart on Plessis Road without paying for products. The video showed one person being tackled and held to the ground. Winnipeg police couldn’t immediately comment on the specifics of the incident.
ctvnews.ca

Winnipeg police chief reallocating officers to deal with surge in crime
Winnipeg’s police chief says officers are being reallocated to different duties to help the city deal with increased violence and property crime. “The level of violence, the level of property crime—it’s bad. It’s alarming for all of us.” There have been 40 homicides in Winnipeg so far this year—one fewer than the 2011 record. Eleven of those occurred in the last 30 days.

Additional officers are being assigned to the homicide unit to address a backlog. Officers are also being moved from other areas to general and foot patrol downtown. Smyth said that will mean fewer resources for the traffic division and crime prevention initiatives. It also means fewer officers doin
g checkstops during the busy holiday season. Smyth added the measures are temporary. canadiansecuritymag.com

Bottle stop? In wake of rising thefts, rural vendor takes on-demand stance on pricier booze
 



Luxury Apparel Market in Canada to See Continuous Gains into 2023: Report
Talk About Optimistic

A new report estimates that the Canadian luxury apparel market over the next five years will increase by 5.8 per cent in 2019 and by 18 per cent from 2019 to 2023 to $3.2 billion.

The report said the competitive intensity in the Canadian luxury apparel retail market over the next five years will continue to increase and will be driven by a number of developments including: Increase in luxury apparel retail doors in both A and B malls and off-price malls (Outlets), increase in flagships, expansion of High Street areas, growth in e-commerce sales, and expanding size of existing stores.

We have an increase in foreign tourism too . . . Then lastly we have an increase in Millennial purchasing of aspirational luxury brands.” The key is the accessibility. Quite simply, today there are more luxury retail stores in Canada which exposes many more Canadians to that segment of the retail market.

All of this but, there's also a couple of concerns Chinese tourism could slow and the Canadian economy decrease depending on the NAFTA agreement. Then you've got supply probably growing at 50% greater than demand which means the market is very vulnerable in any downward trend in growth of the market.
retail-insider.com


ADT Completes Sale of Canadian Operations
ADT Inc., the number one smart home security provider serving residential and business customers in the U.S., today announced that it has completed the sale of ADT Security Services Canada, Inc., to TELUS Corporation. The transaction comprises all of ADT Canada’s operations and assets.
adt.com

Canadian Tire to save $200M a yr. - Centralizing operations for Mark’s & SportChek

Amazon to open first fulfillment center in Quebec

Ikea to Launch Small Urban Format Stores in Canada Beginning in Downtown Toronto

Canada's Indigo turns to new merchandise to save itself — but will that be enough?

Calgary family tired of having packages stolen from front step

Vancouver woman 'body shamed' at Richmond store selling plus-size clothing
 


 

Etobicoke, ON: Victim of daylight mall shooting was a veteran mobster linked to one of Canada's most powerful Mafia clans
The man shot and killed outside an upscale Etobicoke restaurant Monday was a veteran mobster and enforcer who provided security for some of Toronto’s powerful Mafia figures.

Antonio Fiorda, 50, went by the simpler name Tony, but was known on the street by a more memorable nickname: “Scratch.” The targeted daylight attack on Fiorda in the parking lot of a busy strip mall — across the road from Sherway Gardens, a large shopping mall — further highlights the instability in Canada’s underworld, both in Ontario and Quebec. In 1996, Fiorda was charged after Toronto police seized an AK-47 assault rifle, a pipe bomb and other explosives from a North York home, a charge he disputed. He did prison time for that and vowed to never return.
nationalpost.com

Alberta & Sask.: Man accused of buying $30k in toys & DVDs from stores for a fraction of their value
Police have seized over $30,000 worth of DVD sets and action figures they allege were purchased fraudulently from big box stores in southern Alberta and southwest Saskatchewan for a fraction of their actual value. Police said stores in at least seven cities were targeted, including outlets in Calgary, Medicine Hat, Alta. and Swift Current, Sask.

Medicine Hat Police Staff Sgt. Cory Both said investigators allege the suspect manipulated the bar codes on the products and then paid for them at automated checkouts, with the intention of selling them later. Both said it allowed the suspect to make the purchase without store staff noticing the discrepancy between the actual price of the items and what appeared on the register. cbc.ca

Airdrie, AB: Three men charged after 'targeted' shooting, evacuation at Alberta mall

Edmonton, AB: Alleged ISIS funder extradited to United States

Burlington, ON: Duo steals 14 bottles of wine from LCBO worth more than $1,700

Edmonton, AB: Police seek help locating suspect in 25 liquor store thefts

Portage la Prairie, MB: RCMP arrest six in liquor store theft, seize 40 bottles

Uxbridge, ON: 3 charged after allegedly stuffing $4,000 of alcohol into suitcase, bag

Calgary, AB: Suspect charged after multiple poppy box thefts


View Canadian Connections Archives
 

 


 


 


 

National Retail Federation Leadership

How We Got Here &
Where We're Going

Joe LaRocca, VP & Senior Advisor, Loss Prevention, RetaiLPartners
Rich Mellor
, Former VP of Loss Prevention

For over 25 years, the NRF LP Council has been focused on elevating, developing, and inspiring our industry. In this LPNN interview, hear from two industry pioneers who helped lead the NRF’s LP efforts. Joe LaRocca and Rich Mellor talk about the greatest challenges and successes from their tenure as Vice Presidents of Loss Prevention for the NRF – including driving ORC efforts and awareness, developing the NRF Protect Conference, testifying before Congress, and more.

Read our series of articles on the NRF LP Council leadership - in their own words - here.

Episode Sponsored By

 


 


 


 


 


 



To Err is Human. To Squat is Criminal
Maliciously Misleading Domain Names are Everywhere Online


Lookalike domain names are often used in a phishing emails, masquerading as a link to a legitimate website and encouraging the recipient to click.

Instead of securityweek.com, imagine someone keyed in securitywek.com and registered it as their own domain? What would happen is that anyone who made that easy mistake sending an email to the typo’d URL or visiting the squatted website would find their message going somewhere other than where they had intended or, worse, that their browsing session is potentially interrupted by a malicious destination. Any information exchanged, pilfered or just simply tracked could help enable more malicious attacks, the site visitor could become susceptible to misinformation or the spoofed organization could become the easy victim of fraud.

What if the lookalike domain name was used in a phishing email, masquerading as the link to a legitimate website and encouraging the recipient to click on it? For example, instead of Sony.com, the name was rendered as S0ny.com, where the letter ‘o’ was replaced with a zero. How many people would notice the difference?

That’s not just a theoretical conjecture; it’s an established tactic in the world of cybercrime. It even has a name: Domain typo-squatting. And its growth has spawned a lobbying group – The Coalition Against Domain Name Abuse, or CADNA – to advocate for new government regulations. That’s because the practice of typosquatting is a lot more extensive than most people realize. According to FairWinds Partners, an internet strategy consulting group, the top five misspellings of ‘myspace.com’ each receive over three million visitors a year.

The problem is compounded by the fact that most internet users access web sites through direct navigation – by manually keying in the address – rather than using search engines. And there are cybersquatters ready and waiting for just about any keyboard error. In the case of Apple’s iPhone, more than 20,000 registered domain names incorporate the word ‘iPhone’ and nearly 500 more are just a single character away from that name, many of which were registered to locations in China. securityweek.com

What keeps Amazon CEO Jeff Bezos awake at night?
Worrying about the Amazon effect has caused sleepless nights for more than one business heavyweight, from FedEx CEO Fred Smith to WPP founder Martin Sorrell. But what concerns Jeff Bezos, CEO of one of the world’s most valuable brands, enough to keep him sleepless in Seattle?

However, Amazon also faces obstacles, perhaps most importantly how to be a better partner to other businesses. For company leaders that stay attuned, this combination of growth and new challenges could bring opportunities to either partner with or compete against Amazon.

Problems like counterfeit products and brand safety, among others, that negatively impact the Amazon customer experience, could be weighing on Bezos, according to Mark Power, founder and CEO of Amazon consultancy Podean, as well as author of “Amazon for CMOs.”

That Amazon is taking these issues seriously is evident in a recent report that it plans to spend billions of dollars to fight the onslaught of counterfeit goods.

Amazon faces other challenges — anemic international growth, efficiently managing a growing organization and regulatory scrutiny, for example — but none of these currently rise to the same level as convincing businesses that it can play nice. retaildive.com


"DTC Friday" Nov. 15th - Black Friday's New Rival?
Former AOL and Google exec Tim Armstrong is pronouncing a day for direct-to-consumer brands to rival Black Friday and promising them an audience of at least 100 million.

Armstrong's new company, the dtx company, will promote nearly 50 brands including swimwear brand Andie Swim and kids brand Rockets of Awesome collectively on TV, billboards and digital media to reach at least 100 million people in the US, said Armstrong. businessinsider.com



 


 



Redlands, CA: Suspects Sought in Brazen Robbery at Nike Store in Redlands
Cellphone video captured at least five men, unfazed by onlookers and cameras, nonchalantly leaving a Nike store in Redlands carrying armloads of merchandise they hadn't paid for. Police confirmed that a group of men stormed into the Nike Factory Store at the Mountain Grove Shopping Center around 8:30 p.m. Monday and grabbed what they could before taking off. The same store has been targeted by robbers multiple times before, but it's not clear if the crimes are connected, police said. ktla.com

Must-See Video

Arcadia, CA: Victoria’s Secret in Westfield Santa Anita reports Grab & Run of over $2,000 of merchandise
On Nov. 7th, around 11:30 a.m., an officer responded to Victoria's Secret regarding a commercial burglary report. Two suspects entered the store with "booster bags" and fled with $1,045.00 worth of merchandise. The suspects were followed to the parking lot by loss prevention and ultimately fled with another suspect who had stolen an additional $1,009.55 worth of merchandise. patch.com

Millburn, NJ: Bloomingdale shoplifter flees with $1,395 in coat
On November 8, 2019 Millburn Police Officer O’Neill responded to Bloomingdales on a theft report. Bloomingdales personnel report a black female wearing all black concealed 3 coats valued at $1395.00 in a bag and left the store without making payment. The incident is under investigation by the Millburn Police Detective Bureau. tapinto.net

Millburn, NJ: Abercrombie & Fitch Shoplifter arrested at Short Hills Mall with nearly $500 of merchandise
On November 5, Millburn Police responded to the Abercrombie and Fitch on a theft report. Abercrombie personnel report 48 year old Boone Lacy concealed $493.00 worth of merchandise in a bag and left the store without making payment. Mr. Lacy was placed under arrest and charged with shoplifting before being remanded to the Essex County Correctional Facility. tapinto.net

Millburn, NJ: Suspect in Sunglass Hut, Tumi and Lululemon thefts arrest at Short Hills
On November 7, 2019 Millburn Police responded to the Sunglass Hut on a theft report. Sunglass Hut personnel report 40 year old Anupam Dass concealed a pair of sunglasses valued at $213.00 in his sleeve and left the store without making payment. Mr. Dass was placed under arrest and found to be in possession of stolen property from the Lululemon and Tumi stores. tapinto.net
 


 


 



Shootings & Death
s

Oklahoma City, OK: A person wanted in connection with a deadly shooting during an armed robbery at a metro gas station
According to police, the incident started as an armed robbery at a gas station. Police said one person inside the store is dead. The victim has been identified as 63-year-old Ross Garrett. Police said they received another call that led them to the suspect, later identified as 39-year-old Justin Anderson, at a home just miles away. Anderson then barricaded himself inside the home, prompting a standoff. Police officials confirmed that during the standoff, Anderson opened fire on the officers. That’s when officers returned fire, shooting and killing the suspect. koco.com

Tuscaloosa, AL: Man on trial in store Gas Station Clerk’s death
Testimony began Tuesday in the trial of one of the two men accused of killing a convenience store clerk last year. Dewan Latrell Hampton, 33, and Michael Wayne Burrell, 53, were both accused of murder in the death of Shelia Corley Britton, 56. Britton died from a head injury she suffered after being dragged from a car occupied by the men as they left the Shell Station. Police said the two men stole three 12-pack cases of Corona worth $45 from the gas station. “The driver put the car in reverse as Britton attempted to retrieve the beer from the vehicle,”. “As the driver pulls forward, Britton was jerked off her feet and struck the ground.” She sustained a laceration to the back of her head. Doctors performed surgery, but she succumbed to the injuries four days later. tuscaloosanews.com

Baltimore, MD: Baltimore City Police Release Video In Fourth Officer-Involved Shooting In 2019; outside Rite Aid
For the first time, Baltimore City police have released video of a deadly officer-involved shooting in North Baltimore on October 30th. “We want people to see what our officers go through,” said Deputy Commissioner Brian Nadeau of the Public Integrity Bureau. The violent encounter unfolded outside of a Rite Aid in North Baltimore. 24-year-old John Feggins was shot and killed in the incident. Police released excerpts of two body-worn camera videos and surveillance video from outside the drug store on York Road.  cbslocal.com

Long Beach, CA: Update: Video shows Police fatally shooting man as he tried to rob 7-Eleven

Victoria, Australia: Police are offering a $350,000 reward for information on an attempted armed robbery and shooting at a Melbourne C- store

 


Robberies, Incidents & Thefts

Montgomery County, TX: Aggravated robbery suspect apprehended; linked to multiple Walmart Robberies
A media advisory from the Montgomery County Sheriff’s Office says a joint investigation helped investigators from multiple law enforcement agencies link multiple Walmart robberies to a single suspect. 23-year-old Davantae London of Tomball was reportedly identified as the suspect of eight robberies. An arrest warrant was filed for London’s arrest in Harris County and he was arrested on October 28. The media advisory says London confessed to the robberies, including the robbery that took place in the Walmart located in College Park. texasbreakingnews.com

Harris County, TX: Kroger Shoplifter arrested by Deputies, armed and warrants for Burglary, Robbery and Thefts
Harris County law enforcement successfully apprehended an armed suspect who was wanted for multiple felonies. Romeo Cruz, 21, was located on November 9 after shoplifting at Kroger. After a short chase, Harris County law enforcement successfully apprehended an armed suspect who was wanted for multiple felonies. He was identified and found to be in possession of a black semi-automatic handgun. Upon further investigation, deputies discovered he had open warrants in Harris County for Burglary of Habitation, Aggravated Robbery, and two for Theft. texasbreakingnews.com

Houston, TX: Thief drags woman down mall escalator as he tries to take her purse
The incident happened at the end of October at The Galleria in Houston. The suspect followed the woman after she withdrew money from a nearby bank. In the video the thief is seen approaching the woman from behind on the escalator as she was riding it up from a parking garage toward a store. Police say there was a woman in front of the victim on the escalator. She asked a question, which police say distracted the victim, at that moment, the man tried to grab her purse. The woman does not let go and he is seen dragging her across the floor. The suspect managed to run off with the woman's purse. According to reports the woman suffered bruises and scratches. Police are searching for the suspect. abc13.com

Napa, CA: Kay’s Jewelry store ransacked at Napa Premium Outlets

Brick, NJ: Increased Police Patrols protecting Retailers; Selective Enforcement Team and Drug Enforcement Unit


 

 


 


 



None to report.
 

Submit Your New Hires/Promotions
or New Position

See all the Industry Movement

 


 


 


 


 


 

 

 


Feature Your Job Here For 30 Days -
70% Aren't On The Boards

Post your job listing



Featured Job Spotlights

Regional Loss Prevention Manager
Greater Toronto Area, Canada

Become the Newest Member of the VF Family. As the Regional Loss Prevention Manager, you will have the critical function to support an entire region of stores and serve as the subject matter expert in loss mitigation. You will have the great responsibility to own and oversee all matters and investigations of internal and external theft...


Senior ORC Investigator
Boca Raton, FL

The Senior Investigator is part of a fast-growing, ever changing environment that partners with Store Operations to ensure we provide the best experience to our customers. The Senior Investigator is responsible for assisting with implementing a strategy to combat organized retail crime and external theft across the TJMaxx and Marshalls brands...


Loss Prevention Investigator
Seattle, WA

The Loss Prevention Investigator is part of a fast-growing, ever changing environment that partners with Store Operations to ensure we provide the best experience to our internal and external customers. With a focus on internal cases, the Investigator takes complex investigations head-on through establishing solid partnerships with store and LP leadership...


Loss Prevention Investigator
San Jose, CA

The Loss Prevention Investigator is part of a fast-growing, ever changing environment that partners with Store Operations to ensure we provide the best experience to our internal and external customers. With a focus on internal cases, the Investigator takes complex investigations head-on through establishing solid partnerships with store and LP leadership...

 

Area LP Manager
San Jose or Fresno, CA

The Area Loss Prevention Manager (ALPM) drives shrink improvement and asset protection programs for two (2) to four (4) Districts which contain approximately 25-65 Ulta Beauty Stores. The Area Loss Prevention Manager is responsible to assess store procedures, promote awareness and methods to prevent, protect and control losses...

Area LP Manager
Sacramento, CA

The Area Loss Prevention Manager (ALPM) drives shrink improvement and asset protection programs for two (2) to four (4) Districts which contain approximately 25-65 Ulta Beauty Stores. The Area Loss Prevention Manager is responsible to assess store procedures, promote awareness and methods to prevent, protect and control losses...

Regional Asset Protection Manager (North East)
Boston, MA

The successful candidate will be responsible for the management of the Asset Protection function in their assigned area. Guide the implementation and training of Asset Protection programs, enforcement of policies and procedures, auditing, investigations and directing of shrink reduction efforts...


Area Loss Prevention Manager
Charlotte, NC

Our Area Loss Prevention Managers ensure safe and secure stores through the objective identification of loss and risk opportunities. Our Area Loss Prevention Managers plan and prioritize to provide an optimal customer experience to their portfolio of stores. They thrive on supporting and building high performance teams that execute with excellence...


Area Loss Prevention Manager
Seattle, Portland or Salt Lake City

Our Area Loss Prevention Managers ensure safe and secure stores through the objective identification of loss and risk opportunities. Our Area Loss Prevention Managers plan and prioritize to provide an optimal customer experience to their portfolio of stores. They thrive on supporting and building high performance teams that execute with excellence...


Area Loss Prevention Manager
Calabasas, CA

Our Area Loss Prevention Managers ensure safe and secure stores through the objective identification of loss and risk opportunities. Our Area Loss Prevention Managers plan and prioritize to provide an optimal customer experience to their portfolio of stores. They thrive on supporting and building high performance teams that execute with excellence...

 

Loss Prevention Operations Specialist
Tucscon, AZ

The Loss Prevention Specialist will oversee the Burglar/Fire Alarm and overall Physical Security function for stores including CCTV for all new stores, renovations, acquisitions, closing, existing stores and warehouses. In addition, this position supports the security/property control component for the Corporate Headquarters main campus...


Featured Jobs


JOB TITLE COMPANY CITY/STATE DATE ADDED

Vice President
VP Risk Management Delaware North Buffalo, NY Oct. 1
VP, Asset Protection, North America Ralph Lauren Nutley, NJ Oct. 30

Director

Dir. Loss Prevention, Safety & Security

Al J Schneider Company

Louisville, KY

Sept. 12

Dir. Loss Prevention B-Mart Eugene, OR Nov. 7
Dir. Risk Management & Insurance Carvana Phoenix, AZ Oct. 30
Dir. Internal Audit Cracker Barrel Lebanon, TN Aug. 27
Dir. Organized Retail Crime Family Dollar Chesapeake, VA Nov. 5
Dir. Risk & Analysis Genesco Nashville, TN Nov. 5
Dir. of Security Liberty Compassion Clinton, MA Oct. 28
Dir. Loss Prevention Lovesac Stamford, CT Aug. 12
Dir. Internal Audit Michaels Irving, TX July 12
Dir. of Asset Protection MobileLink/Cricket Wireless Sugarland, TX Nov. 12
Dir. of Loss Prevention Operations Nike Beaverton, OR Oct. 16
Program Dir. LP & Security Peloton Interactive New York City, NY Nov. 12
Dir. Loss Prevention Petco San Diego, CA Aug. 22
Cybersecurity & Privacy Protection Dir. PwC Seattle, WA Nov. 5
Dir. Security/Risk Southern Glazers Wine & Spirits Las Vegas, NV Sept. 25
Dir. Risk Safety Super Valu Providence, RI Sept. 24
Dir. Enterprise Security US Cellular Chicago, IL June 13

Corporate/Senior Manager
Sr. Loss Prevention Manager Carvana Phoenix, AZ Oct. 30
Sr. Loss Prevention Manager Gap Inc. San Francisco, CA Oct. 29
Information Security Strategy Manager Gap Inc. San Francisco, CA Nov. 5
Mgr. Risk Management Harvest Health & Recreation Tempe, AZ Oct. 30
Sr. Manager of Investigations - Asset Protection JCPenney Plano, TX Nov. 8
Sr. Security Project Manager Verizon Waltham, MA Oct. 30

Corporate Security Mgr.

VF Corporation

Denver, CO June 18

Sr. Manager Security Operations

The Walt Disney Company Burbank, CA Oct. 14
Compliance Investigations Manager Walgreens Boots Alliance Deerfield, IL Nov. 5


New Today

Sr. Manager, Product Security Awareness Nike Beaverton, OR Nov. 13
Associate Program Manager, LP Operations Gap Inc. San Francisco, CA Nov. 13
 



 


 


 


 

 


 


 


 


 


Perception becomes reality slowly on a macro level and it's difficult to change it if it's incorrect or doesn't portray the truth. It's the same reason law enforcement separates witnesses to ensure clarity and truth. The group mind becomes influenced by opinion and agendas and distorts the true reality. One can only rely on daily vigilance based on doing what's right to hopefully impact the individuals one works with on a daily basis to carry the experience forward and be witness to what is right.

Just a Thought,
Gus

 

 


 

Post Your Tip or Advice!
(content subject to approval)


 


  

     


See More Events

Recruiting?
Get your job e-mailed to everyone... everyday
Post on our Featured Jobs Board!


 

Not getting the Daily?
Is it ending up in your spam folder?
Please make sure to add d-ddaily@downing-downing.com to your contact list, address book, trusted sender list, and/or company whitelist to ensure you receive our newsletter. 
Want to know how? Read Here
 

SUBSCRIBE
FEEDBACK
www.downing-downing.com
Advertise With The D&D Daily


36615 Vine Street, Suite 103
Willoughby, OH 44094
440.942.0671
copyright 2009-2019
all rights reserved globally