Web version / Mobile version



 7/14/17 Subscribe Free LP, AP & IT Security's #1 News Source d-ddaily.net

Facebook Twitter Linkedin



2017 ORC in Idaho Conference
July 25

Twin Cities ORC Association Annual Conference & Training
Aug. 15-16

2017 Safety Leadership Conference
Sept. 11-13

NE Loss Prevention Expo
Sept. 14

Retail Council of Canada LP Conference
Sept. 19

ASIS International
63rd Annual Seminar

Sept. 25-28

RFID in Retail and Apparel
Sept. 26

California ORC Association Annual Training Conference
Sept. 28-29

National Association of Bunco Investigators Annual Training Converence
Oct. 11-12

Colorado Organized Retail Crime Alliance Conference
Oct. 17

See More Events

Eyes Forward: The Future of LP & Using Social Media
Chad McIntosh &
Tom Meehan

Quick Take 19

See more episodes

Henry Johnson, CFI promoted to Senior Director Support Services for Memphis Goodwill, Inc.

Henry will now be responsible for supporting the business operations in the areas of loss prevention, risk management and information technology within the retailer. Henry just joined the retailer in April as their Director of Loss Prevention. Before that he held various loss prevention and operations positions for Family Dollar including Regional Director Store Operations, Director of Loss Prevention and Regional LP Director. He was also a Senior LP Manager for JCPenney for over six years. Congratulations Henry!

Submit Your New Corporate Hires/Promotions or New Position

House Dem Calls For Hearing On Amazon-Whole Foods Tie
The top Democrat on the House Judiciary's antitrust subcommittee on Thursday said he wants a hearing looking into Amazon's $13.7 billion bid to buy Whole Foods, saying the proposed acquisition could be bad for American wages if the marketplace becomes less competitive as a result.

In a letter addressed to the Chairman of the House Judiciary Committee Bob Goodlatte and the subcommittee's head Tom Marino, U.S. Rep. David Cicilline, D-R.I., raised questions about how the proposed merger might affect retail grocery stores in the future and whether the current antitrust laws are enough to guarantee that families in the United States have access to low prices and choice when it comes to their food. He also raised concerns about Amazon's size and consumer reach, and whether those competitive advantages will chill innovation in the grocery and food-delivery realm.

Editor's Note: This could end up being the one of the most pivotal transactions in retail history - the one transaction that changes retail forever. So it's not surprising to see the U.S. government getting involved. What is surprising is that Trump has left two seats vacant on the FTC that monitor and regulate such transactions. Especially with what we just saw with Walgreens and Rite Aid. Clearly the administration isn't even looking at the retail industry and there's serious doubt this congressman will have any impact on the outcome. law360.com

CEO of World's 2nd Biggest Security Co. Briefly Declared Bankrupt After ID Theft
Hacked and Stacked & He Didn't Even Know It

Securitas CEO Alf Göransson, who was listed in 2012 as Sweden's 15th highest paid chief executive, had his personal identification stolen at the end of March, when someone applied for a loan in his name, the company said in a statement.

The hacker used Göransson's identification to seek a loan of an undisclosed amount, without Göransson's knowledge.

On Monday, the Stockholm District Court declared Göransson bankrupt without informing the CEO prior to its decision, Securitas said.

The decision was reversed on Wednesday at Göransson's request.

Maria Hellberg, a judge at the court, said that bankruptcy applications can be made in Sweden by mailing a signed declaration of insolvency, without the signature being notarised, and there is no fee to file the application.

"This is extremely rare case," she said. "I have never heard about anything like this."

Göransson said in a statement that he has not received any information about the falsified loan, including the sum and whether or not it has been paid out.

Securitas has 335,000 employees in 53 countries. It offers security, consulting and investigative services.

Göransson has been president and CEO of the firm since 2007. retailrisk.com

The Biggest Dark Web Marketplace in the World - Shut Down By International Effort
Site Operator Found Hung in His Cell After His Arrest
There Could Be a lot More To This Story That We'll Never Hear

The closing of AlphaBay, an anonymous marketplace that listed for sale drugs, counterfeit credit cards and other illegal goods, came after coordinated action by the U.S., Canada and Thailand, the people said.
The action included the arrest of Alexandre Cazes, a Canadian citizen who allegedly was one of the site's operators, they said. He was found hanged in his cell Wednesday in Thailand.

Mr. Cazes was taken into custody July 5 in Thailand "with a view toward extradition to face federal criminal charges in the United States."

The same day, members of the Royal Canadian Mounted Police's high-technology crime unit executed a search warrant at a residence in Trois-Rivières, Quebec, said Camille Habel, a sergeant with the RCMP in Montreal.

AlphaBay was more diverse, selling stolen credit-card numbers, drugs, online-fraud tutorials and guns. In the first six months of 2017, AlphaBay sold more than $5 million in stolen credit-card numbers, Mr. Barysevich said. "AlphaBay was the biggest marketplace on the Dark Web," he said.

Total sales on the site averaged between $600,000 and $800,000 a day, earning AlphaBay's operators millions of dollars each year in commissions.

AlphaBay's operators had millions of dollars in the digital currency bitcoin, much of it held in escrow for the site's illicit transactions, based on two bitcoin wallets that have been linked to the website, Mr. Barysevich said. The site's abrupt shutdown last week fueled speculation its operators had absconded with millions of dollars of the digital currency.

Editor's Note: We had reported on this earlier on the Daily. Now we find they're focused on two Canadians operating on Tor in Montreal. One's now dead by suicide, apparently, and the other is still on the loose. Who else may be involved and how many operators there was isn't being reported yet. But to be generating $600,000 to $800,000 a day you have to have a rather small army to carry it out and a network of mules worldwide. Needless to say, everybody is running for the hills now and how far do their connections go is the question, and was that hanging a suicide or is it covering something else up? We'll keep you up to date.  wsj.com

Group Plans Protest After Feds Decline To Charge White Cop Who Fatally Shot John Crawford
The criminal justice system appears to let some people "get away with murder," the family's lawyer says.

Civil rights leaders in Dayton, Ohio announced plans on Wednesday to rally at the federal courthouse to protest the decision not to charge the officer who fatally shot John Crawford III in 2014, Fox 45 reports. Beavercreek, Ohio police Officer Sean Williams, who is White, responded to a call about a man waving a rifle in a Wal-Mart store. Williams said that Crawford, 22, failed to obey his commands, and fearing for his life, Williams shot Crawford. Crawford, it turned out, was holding an air rifle he removed from a store shelf. mycolumbuspower.com

Houston Gangs Busted in Multi-State Pharmacy Burglaries
Twenty-Four Charged in Arkansas as Part of Largest Nationwide
Health Care Fraud Enforcement Action in DOJ History

While the main focus was a nationwide effort involving 412 charged defendants across 41 federal districts and included 115 doctors and nurses, a sub group of gang members were also arrested.

In the first Arkansas case charges stem from an early-morning burglary on February 25, 2016, of the Health-Way pharmacy in Beebe. On December 7, 2016, the four suspects in the burglary, all from Houston, Texas, were charged with conspiracy to break in a business premises registered with the DEA to dispense controlled substances.

Obviously they rolled over as you'll see when you continue reading.

Following the arrest of the initial four defendants, an ongoing investigation by the DEA Tactical Diversion Squad uncovered a network of individuals who were traveling between states to commit pharmacy burglaries. During the investigation, the DEA canvased law enforcement agencies from nearby states for similar pharmacy burglaries, and developed evidence linking eight additional defendants to the defendants from Beebe. Physical and electronic evidence from numerous burglaries in several states, including Arkansas, Nebraska, Indiana, Illinois, Iowa, Kentucky, Virginia, and Texas, showed that the individuals involved were members of local street gangs in the Houston area.

These gangs stole more than 120,000 Schedule II pills during these burglaries, with a street value of at least $1,050,000. On July 6, 2017, a superseding indictment was returned in the Eastern District of Arkansas adding an additional count charging the other gang members with conspiracy to possess with intent to distribute Schedule II, III and IV controlled substances. justice.gov
Zara deploys RFID in All 2,200 Stores Worldwide
Rest of Inditex's Chains to Follow

Zara is leading Inditex's technological innovation. As a result of the company's investment program in technological innovation and logistics, the Spanish group has now completed the process of installing RFID for identifying SKUs in all the stores across its largest chain

According to the group's annual statement, the roll out of the technology across the Zara network concluded last year, following five years of development. The goal is to now replicate it across the rest of the brands in the group. 

The technology has enabled the retailer to use digital tags as well as interactive dressing rooms. 
The Spanish group has worked on the implementation of this technology across its network for the past few years and predicts that the system will work across the majority of its chains and stores by the year 2020.

Zara counts more than 2,200 stores across the world. Currently, Inditex has already begun extending its system to the Massimo Dutti and Uterqüe networks, soon to be followed by Pull&Bear.  fashionnetwork.com

Retail group's back-to-school projection doesn't jive with recent numbers
NRF Under Fire for their 10% BTS Increase Prediction

Amid the carnage of widespread retail bankruptcies, store closings and tumbling sales, a national retail group on Thursday predicted the soon-to-start back-to-school shopping season will turn out to be the second-largest season ever.

Say what?

Overall back-to-school spending will grow 10 percent from last year, to $83.8 billion, the National Retail Federation said on Thursday.

The bullish forecast left some scratching their heads and wondering if a new crystal ball is in order.

"We are looking for 1 to 3 percent growth in back-to-school," said apparel analyst Eric Beder of FBR & Co. "We haven't seen mall traffic improve or double digit comparable sales. The reality is that this will be a slow growth business."

Don't tell that to the NRF. nypost.com

Sales fizzle in June
Retail sales unexpectedly slipped 0.1% in June after being unchanged in May. Sales were up 3.2% unadjusted from June 2016, according to the National Retail Federation, and 3.9% on a three-month moving average year-over-year. (The numbers exclude automobiles, gasoline stations and restaurants.)

Sales in June were driven by online and other non-store sales. Building materials and furniture also reported gains, perhaps reflecting a stronger housing market. chainstoreage.com
"Severe Cash Crunch"
Sears Canada in Dire Straights
They Tried to Cut Off Pensions, Benefits & Severance Package
Dozens of former Sears Canada employees packed a Toronto courtroom Thursday to hear the retailer ask for approval to kick-start the process of putting itself up for sale while it is under creditor protection.

Lawyers for Sears Canada, its lenders, retirees and former employees were before Judge Glenn Hainey to discuss, among other issues, whether the department store owner should be permitted to proceed with a sale.

Sears Canada wants to close dozens of stores in the coming weeks while it negotiates with potential buyers who might acquire some or all of the company's remaining assets, pending court approvals.

Earlier in the day, Sears Canada struck a deal over benefit and pension payments to retired employees. The retailer had initially asked the court for permission to immediately halt payments for pension, health and dental benefits for former employees, retirees and surviving spouses due to a severe cash crunch, but later agreed to continue payments to retirees until Sept. 30.

Sears Canada's chief financial officer says it's "crucial" to begin liquidation sales of inventory no later than July 21 and completing them by Oct. 12.

In addition to the job cuts at its head office, Sears plans to lay off more employees as it shutters 59 locations across the country.

Sears Canada had announced in June that in addition to the store closures, it was cutting approximately 2,900 jobs as part of a restructuring under the Companies' Creditors Arrangement Act.  therecord.com
20+ Line Up to Buy Sears Canada and/or its Assets
Lambert Interested - Conflict of Interest?
He Must be Chomping at the Bit For the Real Estate

FTI Consulting, which is monitoring the bankruptcy process, noted that "a number of stakeholders are concerned as to the potential conflict of interest presented by the development and submission of a management bid."

Meanwhile, the retailer's majority shareholders - namely Eddie Lampert (Sears Holdings' CEO), his hedge fund ESL Investments and another investor group, Fairholme Capital Management - are trying to obtain internal Sears Canada documents about its restructuring plans. The motion comes after the group signaled interest in a deal with Sears Canada. retaildive.com

America's No. 1 retail experience: Mall of America
When Chain Store Age embarked on a search for the Top 10 Retail Experiences in the nation, it was hard for us to look past a 5-million-sq.-ft. mall in Minnesota with a roller coaster and a comedy club, as well as a Hard Rock Café and a just-opened GameWorks, where customers can bowl, play laser tag and video games (and dine). And next month, golfers will be able to play putt-putt under blacklight at a new 1950s's rock-and-roll themed mini golf course.

We're really appreciative of this recognition," said Jill Renslow, senior VP of marketing and business development for MOA. "The Ghermezian family had a vision that if they made experience number one, people would come from around the world to visit Mall of America. That original vision continues today."
It's been 25 years since the Ghermezians' Triple Five development company threw down the gauntlet for experiential retail on the site of the demolished Metropolitan Stadium in Bloomington. But customer experience has continued to evolve at MOA with new attractions that include SeaLife Aquarium, Flyover America, and The Crayola Experience.

The latest innovation is a testament to MOA's maturity as a retail experience provider. The property's got the traffic - some 40 million visitors a year.

#2. Brickell City Centre's Climate Ribbon

#3. Easton Town Center and Fashion's Night Out

#4. Woodbury Common

#5. The Grove and Uber

#6. Waterside, a Conscious Place

#7. Taste of Turkey Creek and The Battle of Bristol

#8. Starwood's Live 360

#9. Outlets of Little Rock's Food Truck Festival

#10. Avalon's Noon to Night chainstoreage.com
RFID Journal to Hold RFID in Retail and Apparel Event in New York City
RFID Journal announced today that it will hold its third annual RFID in Retail and Apparel executive conference on Sept. 26 at New York City's Helen Mills Theater. This exclusive, invitation-only event for retailers and brand owners will feature case studies presented by end users already utilizing radio frequency identification, as well as technology companies showcasing their latest products.  rfidjournal.com
Victoria's Secret to Pay $12 Million to California On Call Workers

Department Store Sales Continue Drop in June 4.2% - "Spiral Looks Set to Continue"

Shipping Companies Expect Big Spike in Package Theft After Amazon Prime Day

Costco June Comp's up 6.3%

Senior LP/AP Jobs Report Monday

Q2 & 6 Month Robbery - ORC - Retail Violent Death Reports Coming Over Next Two Weeks


Come see Chipotle's Brand Expert William Espey speak at RLPSA's Annual Conference,

The Restaurant Loss Prevention & Security Association (RLPSA) is excited to add Chipotle's Branding Creative Lead, William Espey, as a keynote speaker to its food and restaurant-specific agenda for the 38th Annual RLPSA Conference & Expo in Las Vegas, July 30 - August 2, 2017. Espey will share crisis management essentials as he reflects on vital lessons on brand loyalty from the recent Chipotle crisis.

Download the full agenda and register at rlpsaannualconference.com

All the News - One Place - One Source - One Time
The D&D Daily respects your time & doesn't filter retail's reality

After All the Breaches Few Retailers Have Staffed a CISO Position
Very few retailers have gone down the path of naming a CISO, and more often make data security the responsibility of other IT executives and teams. Staples became one of the exceptions a couple of months ago when it appointed Brett Wahlin as its own first-ever CISO.

Retailers have not gotten much better at handling security attacks than they were before. Too often, hacked retailers don't offer many details on what actually happened during attacks that often last for months. More information security leadership isn't an easy antidote to the attacks and threats, but at the very least it sends the message to customers that retailers are finally taking information security issues seriously.

Neiman Marcus, who was one of the first to name one three years ago after their breach, just lost theirs and hasn't signaled they'll rehire one. retaildive.com

Barnes & Noble Breached Customers Who Sued File Appeal After 3rd Dismissal
An Illinois federal judge last month had dismissed the group's complaint for a third and final time, saying the class representatives had failed to show economic damages from the alleged theft of personally identifiable information from Barnes & Noble PIN pads at checkout counters. The customers filed a notice of appeal Tuesday.

The case, which spans five years, alleges breach of contract, invasion of privacy and violations of various Illinois and California consumer fraud and breach reporting statutes stemming from a 2012 security breach that compromised credit and debit cards swiped at PIN pad terminals at 63 stores in nine states. law360.com

Mining the Dark Web is Risky Business
Is your data being sold on the dark web?

Monitoring the dark web to see if your data is being sold there is risky, but solutions and services are available to help.

According to the FBI, there are only about 800 criminal internet forums worldwide. While their impact might be large, the number of people using them often isn't.

When it comes to criminally oriented dark web sites, not all of them are of interest to enterprise InfoSec professionals. "There's a large part of the dark web that deals in human trafficking and drugs and that kind of thing, that has become the majority of the illegal traffic on the web, and it doesn't affect corporate networks."

According to Terbium Labs, the number of forums of interest to enterprise cybersecurity professionals has grown from a few dozen in 2015 to a few hundred today, many of them highly specialized. The part of it that's of interest to security researchers is growing but it still reasonably manageable in size.

A company can set up a dark web data mining operation and become productive in about a day. "Most businesses already have all the tools on hand for starting a low-cost, high-return dark web intelligence operation, within their own existing IT and cybersecurity teams," he said. "And most large enterprises are either starting this or already have it in place."

According to ThreatQuotient's Couch, however, most companies would be better off letting someone else do the digging. "There are a lot of risks you run, from law enforcement and other perspectives, from interacting on the dark web," he said.

A safer, and more cost effective, approach is to use vendors like SurfWatch, Terbium and Recorded Future that offer monitoring, indexing or alerting services, helping companies react to, or stay ahead of, dark web threats. That could be someone posting sensitive company records, discussing a planned attack or selling a vulnerability in software a company uses.

According to Adam Meyer, chief security strategist at SurfWatch, companies like his have improved their ability to mine the dark web over the past two years - and to keep up with changes. "Shops go down, shops go up, sites change their URLs, law enforcement comes in and sites scatter," he said. "It's a fluid environment." Sometimes, sites shut down to rip off their customers.

Editor's Note: Such as the article below this one!

Doing business with criminals is a risky proposition. Some dark web marketplaces position themselves as trusted brokers, offering escrow accounts to guarantee delivery and payment. "The more users they have, the more money they have in the escrow," said Meyer. "At some point, the operators look at that bank account and say, 'We can just take the money and run.' There's no honor among thieves."

"They are well aware that almost every large company is crawling the dark web in some way or working with different vendors or providers of such data," said Andrei Barysevich, director of advanced collection at Recorded Future, Inc. "We rarely see really valuable data openly advertised."

Instead, criminals are making deals on a one-on-one basis, with an established circle of trusted counterparties. That's when it helps to have people in place, he said.

"Our analysts and agents who are deeply embedded in these communities are getting direct messages from sellers notifying them that they have this information for sale, that information for sale," he said.

Editor's Note: At the end of the day no matter how sophisticated they want to sound, the bottom line is UC's work in every environment, and that's what they're talking about here. It's just like hiring an outside security company to put UC's in a store or a distribution center. The big difference is that they're already in place and know some of the players, but the fact is they're applying the same behavioral influencing skills that any UC would be using. csoonline.com

Dealing with Due Diligence
Companies will find themselves evaluating third-party cybersecurity more than ever -- and being subject to scrutiny themselves. Here's how to handle it.

Due diligence is becoming an increasingly important part of any cybersecurity strategy. Not only will companies often find clients checking their services for cybersecurity readiness, but they'll also face regulations demanding that they subject their own service providers to similar scrutiny.

The problem when conducting due diligence is that companies aren't guaranteed a detailed response from the service provider. Depending on the customer and vendor's relative sizes, companies may get no response at all. Hyperscale service providers, like Google or Amazon, are unlikely to let many, or any, companies into their data centers for a look around, or spend much time filling out RFPs for businesses.

Thankfully, cybersecurity auditing standards make evaluation of third-party services far easier. Gathering together due diligence questions into standardized, approved question sets makes it possible for even smaller customers to get a handle on a service provider's cybersecurity readiness.

The National Institute for Science and Technology (NIST), which develops voluntary best-practice cybersecurity guidelines, recommends that companies use its cybersecurity framework as the basis for due diligence. On its own, the NIST framework can be challenging to navigate, particularly for small and midsize firms. eSentire has distilled the NIST framework into an easy-to-follow workbook that will help identify a firm's security risks and develop policies to support cybersecurity governance. darkreading.com

Securing your Cloud Stack from Ransomware
Poor configuration, lack of policies, and permissive behaviors are three factors that can leave your cloud infrastructure vulnerable to ransomware threats.

For enterprises that use the cloud, the key to being protected starts with understanding the layers that make up the components of their cloud stack. These different layers create multiple potential targets, and for the informed, they each represent a piece of the cloud environment that can be secured against potential threats.

Ransomware, for example, doesn't have to be terribly complex stuff. To be effective, it just needs access. By paying attention to the different pieces of the cloud stack, and addressing their unique security needs, your environment can be far more resistant to ransomware threats.

Identity Management
Besides enforcing secure passwords and multifactor authentication (MFA), apply the "least privilege roles" concept: Only give users access to the least amount of accounts and systems that allow them to be productive.

Secure the Cloud Compute Layer
Take steps to secure your compute layer to ensure availability of systems and data, and to keep bad actors from using your compute power to further spread malware across your business and the Internet.

Use a Jump Host
A jump host is placed in a different security zone and provides the only means of accessing other servers or hosts in your system. It is an extra step that will add a layer of security complexity to keep hackers out of your system.

Create Hypervisor Firewall Rules
The most effective way to manage firewalls is at the hypervisor level because you can restrict or set limits on both ingress and egress traffic. Take care to set definitive rules about what, how much, and who can send, receive, and access both inbound and outbound data.

Only Use Trusted Images
Build your images or templates from scratch or get them from very trusted sources like AWS or Microsoft.

Manage Data Access for Cloud Storage
Identity and Access Policies (IAM) policies and Access Control Lists help you centralize the control of permissions to your storage.

Encrypt, Encrypt, Encrypt
When using public cloud infrastructure, it is imperative that your data is encrypted both in transit and at rest.

No Delete Rights or MFA for Delete
You can set up roles in your cloud infrastructure that do not allow the user to delete any data.

Don't Allow Services to Call Home to SaaS Systems Like Github
All it takes is for a bad actor to get access to your Git repo, and they can infect and potentially get access to more of your systems the next time one of your systems calls home. darkreading.com
Cybersecurity & Privacy - Director for PricewaterhouseCoopers LLC, San Francisco, Los Angeles, San Jose, Dallas, Houston, Seattle
Boards of Directors and executive management recognize the ever increasing importance of effective risk management efforts in meeting their organization's strategic objectives.

PwC's Risk Assurance practice has developed a holistic approach to risk that protects businesses, facilitates strategic decision making and enhances efficiency. Our holistic approach is complimented by the extensive risk and controls technical knowledge and sector-specific experience our Risk Assurance professionals possess.

The Cybersecurity, Privacy and IT Risk team is part of Risk Assurance. Our team of professionals help clients develop a vision for their cybersecurity and privacy program, design and build a sustainable and agile program, operate aspects of the program and provide an independent review and assurance of their program to Management or 3rd party stakeholders. pwc.com

White Paper - Specialty Beauty Retailer Offender, Shopper, Employee Feedback Study: LM Tag

The Loss Prevention Research Council (LPRC) conducted a series of in-person survey interviews in the Gainesville, FL. A specialty beauty retailer's StoreLab in order to understand the impact of the LM Tag on associates, shoppers and shoplifters. This research focused on the LM Tag's impact on protecting high end fragrances, one of the specialty beauty retailer's high loss products.

Shopper Feedback
93% of customers rated the LM Tag's effectiveness above a 5, indicating they think the LM Tag is effective at preventing theft.

Employee Feedback
90% of the associates surveyed agreed that they like the LM Tag and that it is easy to apply.

Offender Feedback
In this study, all 7 shoplifters indicated they would not attempt to steal a product that was protected by the LM Tag.

Click here to download the complete report.

The LM Tag from Intelligent Loss Prevention uses the combination of a light sensor and motion detector to notify when a product is both in motion and concealed. It alarms at the point of theft, making it the only device on the market that has the ability to alert you before product walks out the door.

Solution Providers 'Top 4'


Originally Published 5-27-14

Roger Leyden, Founder, President and CEO of Se-Kure Controls, and John Mangiameli, VP of Business Development, discuss the diversified approach Se-Kure Controls takes as a solution provider in the retail LP industry. With a variety of technologies that display products, create a safe environment and defend against theft, this international company offers over 800 security products in its extensive catalogue of solutions. Roger and John talk about Se-Kure Controls' ability to respond quickly to customers' requests, while providing unique solutions tailored to retailers' specific problems.

Solution Providers: Have a video or commercial you want to publish? Contact us 

Average Web Site is Hacked 22 Times Daily
Study: Backdoors Found on 73% of Compromised Websites

No such thing as 'too small to hack,' according to research from SMB security provider SiteLock.

The average website is attacked 22 times per day, according to findings released Wednesday by SiteLock, which specializes in security for small- to midsized businesses.

While most SMBs are not commonly targeted by highly sophisticated attacks, "what they do face is more attacks," SiteLock president Neill Feather said in an interview with Dark Reading last month.

SMBs' websites are often used by cybercriminals "as a vector for monetization," he says.

And it isn't just e-commerce sites. For example, blogs with active comment sections may be popular targets for spam, malvertising, and "resource theft," according to the study. Twenty-one percent of the compromised sites - in SiteLock's database of approximately 6 million - contained spam and 6% were being used to send automated attacks. 

Thirty-nine percent of the hacked sites were infected with shell programs, and 73% contained backdoorsdarkreading.com

E-commerce verification processes face regulatory pitfalls
E-commerce protection measures often focus on how to safeguard the consumer, but merchants also need security to counter the threat from fraud.

There are a number of ways in which payments companies are helping these merchants to reduce the risk of loss of earnings due to fraud. Daniel Kornitzer, chief product officer at digital payments provider Paysafe, says there is often a defined pattern of behaviour that is flagged up when fraud is taking place on an account.

"Fraudulent transactions will often have suspicious characteristics, such as repeated logins, unusual addresses or unusual payment amounts, and overuse of odd or free email addresses," he says. "These anomalies can be spotted by analysing a merchant's order and transaction data. Acquirers can also help by notifying a merchant of suspicious chargeback and authentication activity."

Kornitzer says that payments have remained vulnerable to attacks despite all of the processes now in place to check the validity of transactions. There are, however, a range of signifiers that are unique to the individual, and any variations outside of this can also be a sign of fraud. Read more. euromoney.com

AI Use at Walmart Boosts eCommerce Numbers
Through the use of machine learning, Walmart is helping to streamline its operations with faster shipping via associated deliveries and improved personalization for its customers. Given the fact that Walmart's eCommerce revenue increased by 63 percent year over year last quarter, it looks as though its AI integrations have helped to bolster its reputation as an eCommerce competitor against the likes of Amazon. pymnts.com

Comment: Amazon, brands & the war on counterfeits: a guide to protecting your rights

Update: Birmingham, AL: Brothers sought in theft of 113 cell phones, $54k cash from T-Mobile arrested
Vincent Warren Long, 28, and Joseph Daniel Long, 21, both are charged with first-degree theft. Two brothers sought in a "staged" burglary at a Center Point cell phone store where one of them was the assistant manager have been arrested. Deputies responded about 1 a.m. on June 4, 2017 to a burglary alarm at the T-Mobile store on Center Point Parkway. Deputies contacted the store manager who met them at the scene and found 113 cell phones, as well as a large amount cash, missing from the store. A sheriff's detective assigned to the case checked surrounding businesses for video surveillance cameras. A nearby ATM was found to have a camera that had a clear view of the front of the T-Mobile store, and a review of that video showed two men both wearing T-Mobile shirts loading items into their vehicles after the store had closed. al.com

Rochester, MN: Women used children as spotters to shoplift baby formula
The Minnesota Bureau of Criminal Apprehension is asking for the public's help in identifying two women who allegedly shoplifted a large amount of baby formula from a Walmart in Rochester on at least two separate occasions. The thefts occurred on May 1 and June 21. The women reportedly used children to act as spotters for them while they stole the baby formula. In one of the thefts, one of the women was stopped and abandoned her shopping cart after being confronted by a store manager, but the other woman still managed to leave with the concealed formula. fox9.com

La Mirada, CA: Thieves Throw Red Bull at Store Clerk During Robbery, fled with $700 of merchandise
Two children and two adults threw cans of Red Bull at an AM-PM mini-mart clerk in La Mirada Monday night when he tried to stop them from stealing multiple cases of the energy drink. According to the clerk, the robbery started when a woman headed to the register with two young boys to distract him with questions about cigarettes. The boys then ran off with several cases of Red Bull valued at $700. nbclosangeles.com

Update: Kansas City, MO: Mother of 5 to recover after shoplifters slam into her SUV while running from police
A single mother of five is unable to work after she was seriously hurt when suspected shoplifters slammed into her family's SUV while they were running from police. Gary Butler and Andre Allen are facing several counts of felony assault and resisting arrest due to fleeing after the wreck. That day, the mother and three of her five children were headed to a bookstore. Then they planned to go shopping for shoes. Instead, they found themselves in the wrong place at the wrong time. Police say Allen and Butler stole from Sportibles, Victoria's Secret, and Champs inside the Independence Center Mall. kctv5.com

Thousand Oaks, CA: Two Arrested with cart full of merchandise fleeing Kohl's; charged with Felony grand theft

Maidenhead, England: 40 Saxophones have been stolen from a family run music shop; valued at over $100,000

Bournemouth, England: Woman arrested after more than $1,300 worth of Legos stolen

Submit your ORC Association News

Visit the ORC Resource Center

Shootings & Death

Las Vegas, NV: 2 Security Guards shot at Miracle Mile Shops following Sunglass Hut Robbery
A pair of Security Guards at the Miracle Mile Shops on the Strip were shot Thursday night when they confronted two robbery suspects in the parking garage of the mall, authorities said. According to police, the security guards responded to a call about 7:45 p.m. that the Sunglass Hut was being robbed. The guards chased the two suspects to the parking garage where one of them opened fire, striking one guard in the hand and the other in the neck. The guards were transported to Sunrise Hospital with nonlife-threatening injuries. The suspects, both Hispanic men, remain on the loose. lasvegassun.com

Denver, CO: Man killed at 7-Eleven was trying to recover stolen wallet
The man killed outside an East Colfax Avenue 7-Eleven apparently was shot as he attempted to recover his wallet, which had been stolen during a fight in the store's parking lot. Justin Slyter, 39, fought with a panhandler, and two people who had been in the store joined the fight, stealing Slyter's wallet in the melee, according to Denver Police. After taking the wallet, the two men jumped into a car with a third person. Someone in the car fired a shot at Slyter as he approached the car on its driver's side, and Slyter fell as the car drove away. gazette.com

Eaton Township, PA: After deadly shooting, Weis Market opens with new look

Robberies & Thefts

Oxnard, CA: Retired Police Officer comes to the aid of Fry's Electronics LP; Shoplifter with Gun
With the help of a retired police officer, two men were arrested in connection with a robbery Thursday in Oxnard, authorities said. An employee at Fry's Electronics, 1901 Ventura Blvd., confronted two men about 4:15 p.m. in the business' parking lot because he suspected they stole merchandise, Oxnard police said. After the employee asked the men to come back into the store, one of the men brandished what appeared to be a handgun, authorities said. Later in the investigation, it would be discovered that the suspected weapon was a BB air pistol, police said. During the brandishing, the employee called for help and an armed, retired Oxnard police officer who was in the area heard him and responded, authorities said. When the men saw the officer's gun, they both fled from the parking lot in opposite directions, authorities said. vcstar.com

Columbus, GA: Four suspects duct-taped five Verizon employees
in Armed Robbery

Columbus Police are investigating an Armed Robbery at the Verizon on Veterans Parkway. Four suspects entered the rear store at closing and duct-taped store employees, stealing cellphones but no cash, no injuries reported. wtvm.com

Arcadia, CA: Woman Uses Stun Gun on L.P. in Vons Robbery
One of three women shocked a security guard at an Arcadia grocery store during a robbery, which appears to be related to a similar robbery at CVS in Temple City. At 9:54 p.m. Thursday, officers went to a Vons at in Arcadia, where three women confronted a store security guard who attempted to stop them from leaving without paying for merchandise. One of the women used a stun-gun type weapon to shock the security guard. The security guard reported a minor injuries. nbclosangeles.com

Saratoga Springs, UT: Gas station employee busted for $7,000 cash theft
Police reports state a Regional Manager of a gas station reported on July 6 that one of his managers, Karry Neilsen, had been systematically stealing from the daily cash deposits. The regional manager showed the police paperwork and transaction differences, showing between $50 and $1,200 missing from daily deposits. Nielsen, 46, was responsible for the daily deposits and would alter the totals on the computer and on the deposit slips for the bank, reports state. In total, from May to June, Nielsen stole more than $7,000 from the gas station, reports state. heraldextra.com

New Rochelle, NY: Used car salesman charged with stealing $24,000 from car dealership

Tepeaca, Mexico: Gasoline thieves are out of control - and deadly - in Mexico

Kays Jewelers in the Westland Mall, Hialeah, FL reported a Distraction Theft on 6/27, item valued at $1,399

Kays Jewelers in The Loop, Kissimmee, FL reported a Distraction Theft on 7/5, item valued at $4,099

Piercing Pagoda in the Desert Sky Mall, Phoenix, AZ reported a Grab & Run on 7/13, items valued at $2,000


Erie, PA: Counterfeit Harley-Davidson items seized at bike rally
Federal agents seized at least 200 counterfeit Harley-Davidson clothing items from multiple vendors Thursday during Roar on the Shore at Perry Square. Agents with the U.S. Immigration and Customs Enforcement's Homeland Security Investigations unit in Pittsburgh conducted the search after they were invited by Harley-Davidson Corp., in anticipation of counterfeit merchandise being for sale, ICE officials said in an email. goerie.com

Arson & Fire

Seattle, WA: Suspect arrested in fire set at Harbor Freight store
Investigators say a fire at a Georgetown tool store was intentionally set. The fire that broke out just after midnight Friday at Harbor Freight Tools caused about $40,000 worth of damage. The suspect was found several blocks away after medics responded to a medical call not long after the fire started. Police determined that the person who needed aid was involved in the fire after they interviewed him. He was then taken into custody for investigation of arson. No one was hurt in the fire. kiro7.com

Bomb Threat

Oklahoma, OK: Belle Isle Walmart evacuated after bomb threat



AM/PM - La Mirada, CA - Robbery
Bike Repair Shop - Modesto, CA - Armed Robbery
CVS - Angola, IN - Armed Robbery
CVS - Temple City, CA - Robbery
Dunkin' Donuts - Odenton, MD - Armed Robbery
Full Throttle Auto - Colorado Springs, CO - Armed Robbery/Shooting
Kirchner Building Center - Paxton, IL - Robbery
Marijuana Dispensary - Modesto, CA - Armed Robbery
Smoke Shop - Phoenix, AZ - Armed Robbery/Shooting
Stall Jewelers -Round Rock, TX - Armed Robbery
Sunrise Food - Woodstock, IL - Armed Robbery
The Jewelers in Zephyrhills - Zephyrhills, FL - Armed Robbery
Verizon - Columbus, GA - Armed Robbery
Vons - Arcadia, CA - Robbery
7-Eleven - Fountain, CA - Armed Robbery


Daily Totals:
15 robberies
0 burglaries
2 shootings
1 killed

Weekly Totals:
79 robberies
30 burglaries
8 shootings
2 killed

Danielle Lee
named Area Loss Prevention Manager for Ulta Beauty

Submit Your New Hires/Promotions or New Position

Featured Job Spotlights

Director, EHS & Loss Prevention
Irving, TX

• Strengthen and develop a strong safety culture in the company with the goal of all employees recognizing their role in "everyone going home safe."
• Directs LP Compliance activities to monitor and audit internal and external theft cases to ensure policy and procedure compliance and reporting accuracy...

Director, Fraud Analytics, Experience Protection - Sam's Club
Bentonville, AR
Creates efficiency in operations by participating in collaborative efforts with other investigative bodies (for example, Global Investigations); analyzing data efficiency reports and other information to establish trends; developing effective risk control solutions to minimize loss; developing strategies and applying resources for optimal return on investment...

District Asset Protection Manager
Baltimore, MD

The District Asset Protection Manager is responsible for driving Weis Markets' objectives in profit and loss controls, physical security, investigations, safety and shrink in an assigned market [Baltimore Metro / 11 stores]. Objectives must be accomplished through building effective partnerships and directing the organization with integrity and professionalism...

Safety and Loss Prevention Manager (Northeast)
New York, NY
The Safety and Loss Prevention Manager is responsible for the design and development of Domino's store safety, security and loss prevention programs and policies for all corporate owned stores (over 400 stores). The Safety and Loss Prevention Manager will manage a team of 3 Regional Safety and Loss Prevention team members and oversee 8 regional markets...

Manager, Corporate Security
Jacksonville, FL
The Manager, Corporate Security will oversee all aspects of the company's physical security strategy for retail stores, warehouses, and store support center and field offices. This includes responsibility for the capital expense and repair budgets, developing written specifications, layout and design for all systems and to ensure all installations and repairs are made to SEG standards...

Manager, BC Planning
Jacksonville, FL
Responsible for developing, implementing and managing the company's Business Continuity (BCP) and Life Safety Programs for the Store Support Center, I.T. Technology Center and Regional Offices. This includes, but is not limited to emergency response, disaster recovery and site preparedness plans for critical business functions across the organization...

Asset Protection Program Sr Manager
Nashville, TN
Manages programs and initiatives as it relates to physical security and shrink improvement that advance company financials. Sources new technologies and vendors, implements effective tests, plans optimal company rollouts, and makes recommendations for future strategies...

Featured Jobs

To apply to any of today's Featured Jobs, Click Here

Today's Daily Job Postings from all around the net - Appearing today only

To apply to today's Internet Jobs, Click Here

Sponsor Today's Internet Jobs 


Boost Your Productivity

2 Productivity Tips that Actually Work
People spend so much time looking for ways to work more efficiently, oftentimes those hacks don't pan out. Here are two secrets that anyone can use to help you focus on the work that really matters. Write down your 'must dos'

5 Productivity Lessons Painfully Learned from Running Marathons  If you've ever ran a marathon, you know the intense traning it takes. This runner's journey running a marathon has some productivity lessons that anyone can use. Past gains don't guarantee future results

1 Surefire Way to Double Your Productivity Every Day  For most of us, we just jump right into work. It's become our routine to check emails and a few items off our lists, but we don't feel productive. Instead, adopt this simple trick to improve your productivity. Keep a dream list

These Are the 7 Things That Drive People to Get Things Done  You don't have to be seriously skilled to be productive or successful. It's all about psychology and how we turn motivation into action. Here are some common motivators in the most successful people. Power of positive recognition

The speed of the day and today's economic pressures often tempts even the most defined professional to take shortcuts and risk exposures that ultimately they have to mentally deal with and occasionally have to face the consequences for. There is no better use of the adage, It's the Tortoise vs. the Hare, and the tortoise always wins, that applies here. Staying grounded in your principals, committed to your mission and being a professional is what should drive every executive every day - remembering that long term actions speak louder than words and the tortoise always wins will hopefully rule the day.

Just a Thought,

Gus Downing

We want to post your tips or advice... Click here 

Please make sure to add d-ddaily@downing-downing.com to your contact list, address book, trusted sender list, and/or company whitelist to ensure you receive our newsletter. 

FEEDBACK    /    www.downing-downing.com    /    Advertise with The D&D Daily