Web version / Mobile version



 11/7/17 Subscribe Free LP, AP & IT Security's #1 News Source d-ddaily.net

Facebook Twitter Linkedin






NRF Big Show 2018
Jan. 14-16

Jeweler's Security Alliance 40th Annual Security Seminar & Expo
Mar. 13-15, 2018

ISC West
April 10-13

IOBSE Spring Conference
April 24-26

CNP Expo
May 15-16

NRF Protect 2017
June 11-13

RLPSA Annual Conference
Aug. 5-8

See More Events


'17 National Retail Security Survey

2016 NRSS Survey

2015 NRSS Survey



The Zellman Group
James Welborn, Attorney at Law; William Ramos, Director, ORC Recovery; and Ben Dugan, Director of Field ORC Investigations

Quick Take 15

Watch all published episodes here



Check out the Daily's Exclusive Reports

Q3 Violent Death Report

Q3 Robbery Report

Q3 Internet Jobs Report

Q2 and First Half Robbery Report

2017 Q2 and Half Year Retail Violent Death Report

2017 Q2/First Half Senior LP/AP Jobs Report

2017 Q2 Internet Jobs Report

See more reports

2016 ORC Report

Read it here



Legislative Alert: Let's Stop ORC!
3 Retail Thefts = Felony

Assemblyman Jim Cooper & the California Public Safety Partnership are backing a ballot initiative to fix Proposition 47.  Tell your legislator to join them!

Trends in the News - 'Media Viral' Hot Topic Across the Nation

Dozens of Articles Appearing Coast to Coast in the Media
And not just about the Hollywood cases, but about sexual harassment in the workplace. From local to national journalists to trade groups, associations, and the big networks, this is a hot topic that we all need to be aware of and pay attention to.

That's why The Daily is publishing this small sampling of articles, like the two we reported on last week on Friday and Thursday published by the Society For Human Resource Management, so that our industry stays in tune and informed with the trends in the news and hopefully benefits from the information, especially given the severity of the problem. It's The Daily's obligation to publish the issues and news that impacts our industry and community. With the fact that the retail industry is one of the largest employers in the nation, that obligation is even more important.

Sexual Harassment in the Workplace
Not many topics become 'media viral' outside of terrorism, active shooters, large scale civil unrest, and political issues and campaigns. But the recent sexual harassment issues in Hollywood certainly have become 'media viral', and rightfully so, as it's causing a tidal wave of articles and polls exposing just how deep the issue really is in every workplace throughout America.

Given the magnitude of the problem, as evidenced by the article below by NBC and the Wall Street Journal, and the fact that we've witnessed it in our industry ourselves on a number of occasions, we need to see this information, listen to what it says, and apply it in every retail store and at every trade show in America. Gus Downing

NBC/WSJ Poll: Nearly Half of Working Women Say They've Experienced Harassment
WASHINGTON - As women around the country continue to come forward with accusations of sexual harassment by famous men in media and beyond, about half of American working women say: #MeToo.

A new poll conducted by NBC News and the Wall Street Journal shows that 48 percent of currently employed women in the United States say that they have personally experienced an unwelcome sexual advance or verbal or physical harassment at work.

The results - which come after allegations of sexual misconduct against Hollywood producer Harvey Weinstein opened a floodgate of complaints against other high-profile men in a variety of industries - show that a broad majority of Americans believe workplace sexual harassment is commonplace. And significant shares of men and women say that the recent spate of stories about misconduct have affected how they think about gender, behavior in the workplace and their willingness to speak out about mistreatment.

Two-thirds of Americans, 67 percent, believe that sexual harassment happens in most or almost all workplaces. Overall, 62 percent of men and 71 percent of women say that workplace sexual harassment is widespread, although men and women over 50 years old see the issue as somewhat less common than their younger counterparts.

Many women speaking out - and many men looking inward.

Asked if recent press coverage of stories about sexual harassment has made them want to speak out about their own personal experiences, nearly eight-in-ten women overall (78 percent) say that they are now more likely to speak out in the future if they are treated unfairly due to their gender.

Still, a strong majority of men, 77 percent, say they are now more likely to speak out if they see a woman treated unfairly. nbcnews.com

Published by 'Associations Now' Trade Association
"How Organizations Can Create Safe, Harassment-Free Workplaces"
"We have to change the culture"

As sexual harassment continues to dominate news coverage and public debate, associations should consider their own office environments and how they work to prevent inappropriate behavior.

In recent weeks, allegations of sexual harassment in Hollywood have led to the Academy of Motion Picture Arts and Sciences establishing a new code of conduct for its members.

"The situation in the work environment, as well as the culture in general, is one where women are treated as prey...and we have to change the culture," said Toni Van Pelt, president of the National Organization for Women, in an interview with Associations Now. "We're seeing the culture change with women-as far as that they are finally speaking out-and because of that, they're learning that what is happening to them is not normal. It's not OK."

Considering the prevalence of harassment that still exists in the workplace, it may be time for organizations to reconsider just how effective their related education and policies are in preventing this behavior.

Policies. It's common for organizations and companies to have policies and training in place as a means to prevent harassment or other negative behavior among staff. But, Van Pelt said, "much of the training has pretty much just been set up as a way for an organization to cover themselves legally, but it truly has not been effective."

To bolster preventative measures, organizations should very clearly define what harassment is and what types of behavior are inappropriate-including jokes, unwelcomed touching, and innuendo-in their employee handbooks.

Consequences. In addition to policies around what qualifies as harassment, organizations need to state what the consequences are for harassment. Then, in the case where an individual has acted inappropriately, the organization should respond with those meaningful consequences in a timely matter.

"It has to be something that happens immediately, that is very public, and is very clear," said Van Pelt.

Reporting methods. Lastly, organizations should establish a straightforward process for employees to report workplace harassment to the human resources department. In addition to describing what behavior is inappropriate, the employee handbook should lay out when, how, and to whom it should be reported.

But it's imperative to also encourage male and female witnesses, not just victims, to report harassment through the proper channels, which may require a shift in organizational cultures.

"Not only do we have to stop the sexual harassment of women, but we have to have men that witness it self-report it," Van Pelt said. "And we have to have those lines established when they know that it's going on that they have a place that they can go and say, 'I've witnessed this, and I know that it's wrong.'" associationsnow.com

"Embrace the Cyber Security-Physical Security Nexus"
Enterprise Risk Management Combines the Two

It's time for the IT security team and the physical security team to work together on a "cyber-physical" security strategy.

In most companies I work with, the IT security team and the physical security team (if there is one) do not communicate effectively. The IT team implements software and hardware solutions to protect security; the physical team does the same thing, often competing for the same funding. The reality is, these two teams should be working together to present a common risk picture so top management can look strategically at how best to cost-effectively manage risk.

To create a truly secure environment, companies must move toward embracing a cyber-physical nexus -- a collaboration where the IT security side and physical security side come together for the overall protection of the company.

It can be difficult to know where to start toward creating this new, cohesive cyber-physical relationship. That said, there are several steps you can take to start the process.

Step one: Start with an opt-out approach

Far too often, the people making the decisions as to who should be involved in the solution are not completely aware of all of the parties who may have responsibilities in the issue.

It is essential to have the right people at the table from the start. You can accomplish this by initially casting the net widely. Invite people to the conversation and let them decide if they should be involved, essentially allowing them to "opt out" of the process.

Step two: Review policy and operational issues

A significant factor in successfully embracing the cyber-physical nexus will involve both policy and operational changes. If the two sides are currently proceeding independently, there is likely some operational wall that must be removed. Identify these walls, remove them, and build new policies and operational guidelines that involve both working in concert.

Step three: Involve the C-suite

Embracing the cyber-physical nexus is not a budget issue, it's a corporate risk-management issue. As the C-suite has a far broader view of the organization than either the cybersecurity or physical security side alone, it is essential to involve -- or, at least get buy in -- from the highest levels. A successful cyber-physical nexus requires this bigger-picture perspective and partners who can make decisions regarding enterprise risk management across the organization.

First and foremost, institute employee training; include both the IT and physical side. Create a new security training plan, from scratch, to get the full benefit of the new nexus. There should be one program, not two.

Once the security training plan has been implemented, conduct exercises, which, of course, involve all parties involved in this joint cyber-physical nexus.

The goal of embracing a cyber-physical nexus is to enhance your company's overall security posture -- not just IT security and not just physical security -- and to mitigate corporate risk across the enterprise. What's your role in this equation? Don't wait for someone to knock on your door; take the first step and knock on theirs. informationweek.com

Prosecutors: 'Infection of fraud' at Pilot Flying J Truck Stops
How Sales Team Pulled Off Biggest Insider ORC Fraud in History

Federal prosecutors have outlined their case against four top former executives at Pilot Flying J as the result of an "infection of fraud" within the sales department of the truck stop chain controlled by the family of Cleveland Browns owner Jimmy Haslam and Tennessee Gov. Bill Haslam.

Assistant U.S. Attorney David Lewen told jurors on Monday that the four defendants participated in a widespread scheme to undercut competitors, boost company profits and reap the rewards in terms of personal compensation.

Lewen said the case will show that the sales team set out to target unsophisticated trucking customers they deemed unlikely to recognize they weren't receiving their negotiated rebates, and to furnish them with manipulated invoices if they started asking questions.

The goals could be summarized as "identify, cheat, lull," Lewen told the jury. Leaders of the sales team trained junior staffers on how to participate - and shielded off colleagues who they suspected of not being on board, he said.

Lewen said several of 14 former Pilot colleagues who have already pleaded guilty in the investigation will be called to testify, though he warned jurors that their role in the scheme to rip off unsuspecting trucking company customers may give them pause. In Lewen's words: "There are no swans in the sewer."

Pilot earlier agreed to an $85 million settlement with most of the defrauded customers as well as a $92 million penalty to the government. pilotonline.com

'You Can't Stop Crazy'
But there are measures that should be taken to mitigate terrorist attacks like the one in New York City.

So how do we mitigate these low-tech attacks?

"You can't stop crazy," says Bo Mitchell of 911 Consulting. Mitchell used a political quote from former Speaker of the House Tip O'Neill to make a point. O'Neil's said, "All politics is local." For Mitchell, "All emergency response is local."

The point is that mitigation depends on who you are, where you are and what your role is.

"If you're an employer, and in charge of a site, you're supposed to be able to respond to crazy, that's your legal duty of care," Mitchell said. It means to have a plan, a team to respond, etc. "When there's a fire you pull the fire alarm. What do you do with a guy with a knife? Figure it out - all response is local."

"If the statistics are true," Mitchell said, before Sandy Hook there was a workplace shooting where one or more people were killed happening on a monthly basis. Now such shootings happen weekly. govtech.com

NYC: Active shooter drills show grim reality of today
New York City Hospitality Alliance and the New York Police Department on Monday conducted an "active shooter" seminar for more than 150 restaurants, bars and nightclub owners. It was officially called NYPD Best Practices for Nightlife Security. nypost.com

The Privacy Debate in the UK
UK Police watchdog issue security warning over facial recognition cameras

A CCTV watchdog has written to police chiefs to warn that the increased use of facial recognition technology risks infringing people's privacy.

The software is used by forces to keep watch of large crowds such as at the Notting Hill Carnival, and track down suspects including in terror cases. 

The Government's independent Surveillance Camera Commissioner Tony Porter wrote to the National Police Chiefs Council, the Financial Times reported, noting the "significantly increased capabilities to intrude upon the privacy of citizens".

In the letter he added that "if not responsibly considered and regulated" it could undermine public confidence.

In an interview with the FT, Mr Porter said more transparency was needed on how the police image database is used in combination with the technology, which is being introduced in an unknown number of forces.

The comments come amid growing unease with the level of use of mugshots held by police in combination with facial recognition technology.

Back in September, Biometrics Commissioner Paul Wiles revealed that 19 million custody photographs were on file on the Police National Database - but many were of people who have since been released without charge.

Professor Wiles said technological developments had outpaced legislation, and warned the situation threatened to damage the reputation of the police.

At present, people have the right to request the removal of their custody images if they have been cleared. standard.co.uk

UK Response: Facial recognition needn't infringe our privacy as the CCTV commissioner fears
Quite the opposite - if we get the tech right

But facial recognition could ultimately give the public more, not less, confidence in law enforcement. This advanced technology forms part of a new era of artificial intelligence (AI), a whole different world that could accelerate our understanding of people's behaviour and, crucially, identify criminals quicker than ever before.

Whether we like it or not, we are about to enter a new revolution that will have a more profound impact than the industrial revolution. So rather than pointing at the legal implications all the time, we should be exploring ways to make AI work for everyone.

We should look at facial recognition and AI in general as a route to improving privacy rather than reducing it, while at the same time enhancing the effectiveness of such systems. It's quite possible to achieve both.

The police can blank out and ignore innocent people on the one hand, and focus on people that pose a real risk on the other - therefore improving public confidence.

Granted, the technology is not perfect today, but it is getting there - fast - and it needs the support and direction of people like Tony Porter. It's wrong to berate the police for using facial recognition technology when it ultimately points the way to a more effective and less intrusive way to fight crime and terrorism. ifsecglobal.com

The 'Amazon Effect'
CVS to launch prescription home delivery

CVS hears the Amazon footsteps -- and the pharmacy giant is wasting no time trying to get ahead of any Jeff Bezos plan to disrupt the drug store business the way that he has the rest of retail.

CVS said Monday that it plans to offer next day delivery of prescription drugs nationwide in 2018. In some urban markets, CVS will even deliver on the same day.

The news comes just a few weeks after reports surfaced that Amazon had received wholesale pharmacy licenses in a dozen states to sell online. The speculation caused the shares of CVS and rival Walgreens to fall. kcci.com

Keurig Says Rival Stole Employees, Trade Secrets
Keuring claims a pair of former workers and their new employer, SharkNinja Operating, a rival home appliance company has aggressively poached its employees and raided its trade secrets. The complaint alleges that SharkNinja has set its sights on Keurig employees as part of a recent effort to bolster its workforce after developing personal beverage appliances like its rival's popular hot drink machines. law360.com

24 Hour Fitness to Shell Out $1.2M Fine Over Accusations of Misleading Customers, Violating Agreements
San Ramon-based 24 Hour Fitness, Inc. was fined $1.2 million on Thursday after being accused of misleading customers by promising low lifetime annual renewal rates, but charging large up-front membership fees, prosecutors said.

In addition to the consumer protection settlement, the company must also pay $100,000 to Contra Costa and Orange counties, according to a statement issued on behalf of district attorneys in both counties.

24 Hour has more than 400 gyms spread out across 18 states. Of them, 140 are found in California.

"The allegations against 24 Hour Fitness state that between 2006 and 2009, 24 Hour sold pre-paid memberships in a false and misleading manner when 24 Hour sales representatives took large up-front fees for an initial 2 or 3-year membership period, with the promise that members would be guaranteed a low life-time annual renewal rate for life, as long as the member remained in good standing by paying their annual renewal fee on time," the statement says in part. nbcbayarea.com

Fortune.com's Best Workplaces in Retail

Barneys Takes Down $350 Antifa Jacket From Website After Backlash

Quarterly Results

Red Robin Q3 comp's down 0.1%, sales up 2.3%
Fiesta Restaurant Group Q3 Pollo Tropical comp's down 10.9%, Taco Cabana comp's down 12.6%, sales down 12.9%


All the News - One Place - One Source - One Time
The D&D Daily respects your time & doesn't filter retail's reality




Bradfordville Volunteer Fire & Rescue Department Wins $5,000 in Vector Security Fire Safety Contest

Campaign builds awareness for local volunteer fire companies

PITTSBURGH, November 6, 2017 - Vector Security announces the winner of its Fire Safety contest with the $5,000 award going to Bradfordville Volunteer Fire & Rescue Department based in North Leon County, Tallahassee, Florida. Serving North Leon County, the Bradfordville Volunteer Fire & Rescue Department has a dedicated team of volunteers who are fire and EMS professionals that assist residents in vehicle crashes, fires, medical, and other emergencies.

To celebrate Fire Safety Awareness during the month of October, Vector Security launched a campaign to award $5,000 to one fire department. The criteria was simple: take a photo with a representative from your local fire department holding a sign saying, "Vector Security Promotes Fire Safety;" post the photo to your Facebook page with the hashtag #FireSafetyVS17; "like" the Vector Security Facebook page; and submit an online form.

"This year, we wanted to do something extra to recognize the men and women who support our local communities. These heroes command our utmost respect," says Art Miller, VP, Marketing for Vector Security. "We were impressed with the numerous entries and the creativity of everyone who took the time to enter. Congratulations to Bradfordville's "creative heroes" who staged the winning photo. We are very proud to award this year's prize to your Department."

Miller, along with representatives from Vector Security district and branch locations will officially present the $5,000 check to Chief Sean Ruane on November 17.

Read more here.


Is your data being sold on the dark web?
Cyber Criminals Going Mobile

According to the FBI, there are only about 800 criminal internet forums worldwide. While their impact might be large, the number of people using them often isn't.

In 2015, a Trend Micro scan found approximately 8,000 suspicious sites with only 5 percent related to hacking.

In the wake of high-profile take-downs by law enforcement authorities, many have also tightened up their security. "You had to be vetted to gain entry into the forums," Cabrera said. The number of forums of interest to enterprise cybersecurity professionals has grown from a few dozen in 2015 to a few hundred today, many of them highly specialized.

Jason Polancich, founder and chief architect of SurfWatch Labs, Inc. "Most businesses already have all the tools on hand for starting a low-cost, high-return dark web intelligence operation, within their own existing IT and cybersecurity teams," he said. "And most large enterprises are either starting this or already have it in place."

According to ThreatQuotient's Couch, however, most companies would be better off letting someone else do the digging. "There are a lot of risks you run, from law enforcement and other perspectives, from interacting on the dark web," he said.

A safer, and more cost effective, approach is to use vendors like SurfWatch, Terbium and Recorded Future that offer monitoring, indexing or alerting services, helping companies react to, or stay ahead of, dark web threats. That could be someone posting sensitive company records, discussing a planned attack or selling a vulnerability in software a company uses.

These vendors develop specialized tools that help them gather this data and embed operatives deep within the criminal communities. Plus, the vendors get a broader picture of what's going on because they serve a large cross-section of customers.

"They are well aware that almost every large company is crawling the dark web in some way or working with different vendors or providers of such data," said Andrei Barysevich, director of advanced collection at Recorded Future, Inc. "We rarely see really valuable data openly advertised."

Instead, criminals are making deals on a one-on-one basis, with an established circle of trusted counterparties. That's when it helps to have people in place, he said.

"Our analysts and agents who are deeply embedded in these communities are getting direct messages from sellers notifying them that they have this information for sale, that information for sale," he said.

Watch for cyber criminals migrating to messaging apps

In the wake of recent successes that law enforcement has had in shutting down some dark web operators, some criminals are turning to messaging apps to reach their customers. These apps are seen as safer because they encrypt communications. That makes it harder for law enforcement to crack down on them.

"It's part of a global trend -- not only in the cyber-crime world -- of online activity shifting to mobile," says Alon Arvatz, co-founder and chief product officer of security service provider IntSights. "It seems that law enforcement agencies are targeting traditional underground communities, and cyber criminals are aware of it. Thus, this factor should keep pushing them towards mobile apps." 

Mobile dark web activity has seen a 30-times increase in activity from July 2016 to July 2017. While the firm found dark web activity on nearly all the popular messaging apps, a relative newcomer, Discord, had the most dark-web activity, nine times as much as the app with the next highest activity level.

It is possible for companies to monitor the mobile dark web to see if their data has been compromised. Each criminal group will have an invite link where you can request access. IntSight has identified more than 11,000 of those links and will make them available upon request. csoonline.com

Insider threat report finds half of workers don't check who they send data to
Egress found that 37% of staff didn't always check emails before sending them, leading to corporate data going into the unknown. Some 68% claimed it was due to the rush of the day, while 42% blamed auto-fill technology. realbusiness.co.uk

How Many Robots Does It Take to Fill a Grocery Order?
Grocery Industry Breakthrough? - Amazon Couldn't Crack the Code

It once took online UK grocer Ocado two hours to put together a box of 50 food items. Now machines can do it in five minutes.

The U.K.'s biggest online grocer hit a milestone this year: Ocado Group Plc put together an order of 50 items, including produce, meat and dairy, in five minutes. Fulfilling a similar order at one of the company's older facilities takes an average of about two hours. The secret: a fleet of 1,000 robots that scurry about a warehouse snatching up products and delivering them to human packers. 

The breakthrough and ones like it could help propel the grocery business into the modern era. The industry wants to make buying food online as simple and commonplace as purchasing clothes or consumer electronics. But fulfilling fresh food orders quickly, reliably and profitably is devilishly hard. Even Amazon.com Inc., which recently acquired Whole Foods Market, hasn't cracked the code and recently halted its Amazon Fresh service in several U.S. states.

Ocado, founded 17 years ago in the London exurb of Hatfield, says automation is the only way to handle individualized grocery orders in large volumes. The robots are the latest addition to Ocado's automation arsenal; the company also sells software and hardware to other retailers. bloomberg.com

When Ransomware Strikes: 7 Steps You Can Take Now to Prepare
Ransomware is still on the rise. These operational tips can help lessen the blow if you're hit.

There are many aspects to preparing for ransomware, including technical tips such as maintaining a current, offline backup of your data. This article isn't about those technical steps. It's about the practical, operational measures you can take now to prepare yourself and your company for the moments after an incident occurs. What's your emergency plan? Who would you want on your team? How would you communicate?

Here are seven steps you can take now to prepare yourself and your company for the moments after ransomware strikes. Some of these can be applied broadly to other critical incidents, while some are ransomware-specific.

1.  Plan your initial response. Your team members may not be used to dealing with stressful situations, so make sure they know what to do. This includes where they'll gather to discuss the problem, where press inquiries should be directed, and what to tell customers and staff. Most of the time, this means planning the who, what, when, and how. Once you have this plan, share it with your team ahead of time, and...

2.  Store your response plan in multiple locations. If your plan for incident response is stored on your PC and you're locked out, you can't even get started on your recovery. Ransomware can affect your desktop, your servers, or both. Store copies of your plan in multiple locations, including at least three separate cloud services. And set a calendar alert to remind yourself to update them periodically.

3.  Pick your team now. Who needs to be in the room in the moments after an incident occurs? Your CEO and CIO are a given, but you may also want your heads of PR, legal, HR, and other department chiefs. Draw up a list now and make sure everyone knows they're on it. Also, get their contact details for off-work hours, and share them with the rest of your team.

4.  Have a communications plan in place. You may find yourself locked out of your primary, preferred method of communication, so know which channels you'll fall back on.

5.  Decide now who'll take charge. There's a lot to do in the moments after an attack, including directing employees and contacting law enforcement, customers, and partners. Someone will need to oversee and manage the recovery effort and be ready to answer questions as they arise. It could be your CIO, COO, head of security, or someone else - but it's best to have a clear, single owner. Decide now who that will be, so the responsibility doesn't suddenly get dropped in their lap that morning.

6.  Have a discussion now about how you'll respond. Whether you decide to pay the ransom will likely depend on the severity and nature of the incident, but it's better to begin this conversation now than in the heat of the moment. The FBI has said it doesn't condone payment because it wants to discourage future attacks, but it also recognizes that every business will need to make its own decision.

7.  Know your appetite for risk. You can't plan for everything, so figure out how much you risk you can tolerate - and how much potential harm you can deal with - and then make a trade-off.

If you're lucky, you'll never have to face a ransomware incident, but luck isn't how you run a business. Your technical teams will have put in a lot of work guarding against attacks and mitigating damage. But responding operationally, informing customers, and keeping the company moving forward falls to management. darkreading.com

DDoS Flaw Found in Brother Printers


Getting More Out Of Your Chrome Web Browser

For many of us, Chrome has become the default web browser. Personally, I use multiple browsers depending on the application, but find myself using Chrome most often. Here are a few tips to get more of it than you thought possible:

The place where you normally type in a web address is called an omnibar. Next time, instead of a web address, try a math equation, like 10*10. You will get the results. You can also drag multiple tabs into a new window simultaneously by holding the Ctrl/Command key as you click on them.

You can also view a photo or pdf file quickly by dragging them into the browser, instead of opening or installing a separate app. Finally, one of my favorite features is to turn Chrome into a simple note taker by typing "data:text/html, <html contenteditable>" into the omnibar. It's not a true replacement for a word processor, but it can be a quick and easy way to jot down a note.



The Loss Prevention Research Council's
Impact Conference Oct. 2-4 2017, A Six Episode Series

Filmed on location at the University of Florida


The IMPACT Conference helps retailers & solutions partners better employ research tools
to assess the real-world impact their LP efforts have on sales, crime, and loss levels.


Introducing the Loss Prevention Research Council

Who They Are & What They Do

In this six-minute episode, Gus Downing, Publisher & Editor of the D&D Daily, explains what the LP/AP industry's only "Think Tank" - the Loss Prevention Research Council, is all about. Learn about its mission, its objectives, its structure, and how it delivers "evidence-based" solutions for the decision makers and leaders of the industry.

Over the next five episodes, which we urge every LP/AP executive to watch, you'll learn and see how critical this "Think Tank" is to helping the industry develop evidence-based solutions that solve the shrink and crime issues retailers face.

A few of these episodes are lengthy, as they dive deep into the LPRC model and allow you to see exactly how these scientists, retail LP/AP leaders, and solution partners are working together to help develop the solutions that help you deliver best-in-class results.

So stay tuned and take the time to learn. As this is the LP/AP academic "Think Tank".

Sponsored By:


Eliminating the guess work, the trial by error, and word-of-mouth old-school approaches,
the LPRC delivers Evidence-Based Solutions and Actionable Results.


'Invasive' Amazon Key rejected by 60% of Prime members
Amazon launched its new in-home delivery service Key today. The smart lock system lets drivers place items inside your house, potentially compromising privacy. It's exclusive to Prime members but a survey has found 60 percent of people are not interested.

Immediately hit with a barrage of criticism from web users, claiming Amazon is "out-of-touch," pointing out it could give thieves a way to slip inside homes.

In a poll Recode found 58 percent of Amazon Prime subscribers would "definitely not buy" Amazon Key. Just 5 percent of members said they "definitely would" sign up. Amongst all U.S. consumers surveyed, the figure sat at 4 percent for "would buy" and 61 percent for "definitely would not."

A Washington Post column that suggested the service could lead to "being assaulted by a person hiding in one's home!" digitaljournal.com

Chargebacks911 Warns of Latest Fraud Threat: Credit Card Testing Up 200%
"eCommerce merchants need to be able to recognize and halt card testing, or they may soon face growing fraud losses."

Eaton-Cardone advises merchants to watch out for orders that contain random character strings in the customer's name, address and/or email fields. While transactions with invalid address fields are unlikely to be processed in the first place, they are often the first sign that a fraudster is using a retailer's website to conduct card testing. To help identify and prevent credit card testing and related fraud, Eaton-Cardone urges merchants to take the following precautions:

1. Use CAPTCHAs to deter bots. Order forms that use a CAPTCHA or Google reCAPTCHA can help protect eCommerce sites against credit card testing, as bots and automated scripts will not be able to submit the order without passing the CAPTCHA challenge.

2. Validate the billing address via AVS. Use the Address Verification System (AVS) to ensure the address on the order matches the cardholder's billing address. A mismatch generally indicates card testing or a fraudulent order.

3. Confirm the CVV code. Always require a card verification value (CVV) code for all credit and debit card purchases, and flag any orders with an incorrect CVV. Not only should these orders be rejected, but the IP address should be added to fraud filters.

4. Flag multiple order attempts from the same IP address. If an IP address is linked to multiple orders or transaction failures with different credit card numbers over a short period of time, it is likely a case of card testing or fraud.

5. Review orders from foreign IP addresses. In addition to confirming the cardholder's billing address, merchants should verify that the IP address is from the same country. Orders that have a non-U.S. IP address and/or shipping address should prompt further review.

"As fraud tactics continue to evolve, eCommerce merchants need to stay abreast of these developments to protect against losses," stated Eaton-Cardone. She advises online retailers to take a multi-pronged approach to combating fraud, and to seek a partner with proven expertise in fraud prevention. ireachcontent.com

Cyber Monday will be biggest online shopping day ever

How stores are helping spur Carter's online growth 30%

Amazon to pull the plug on its Fresh delivery service in select areas


Three Men Sentenced in Connection with Online Sales of Stolen Razor Blades
Three Boston-area residents, including a former Gillette employee, were sentenced today in federal court in Boston in connection with the online sales of stolen Gillette razor blades.

Joseph Evangelista, 63, of Lowell; Robert A. Liberatore, 52, of Wakefield; and Mark S. Girardin, 44, of Randolph, were sentenced by U.S. District Court Judge Allison D. Burroughs to three years of probation.

In addition, Liberatore and Girardin were each ordered to pay restitution in the amount of $116,028 to the IRS, and Evangelista was ordered to pay restitution of $56,023 to Gillette. In August 2017, Evangelista pleaded guilty to one count of causing the interstate transportation of stolen property, and Liberatore and Girardin each pleaded guilty to two counts of filing false tax returns.

Evangelista, a former employee of Gillette, stole razor blades from the Gillette manufacturing plant in South Boston and delivered the stolen goods to Liberatore and Girardin, who operated an online business called Cambridge Dedicated Services, through which they sold various items on eBay, including Gillette razor blades. Liberatore and Girardin failed to report income generated through Cambridge Dedicated Services on their annual federal tax returns. justice.gov

Charleston, WV: Pair wanted in theft of nearly $30K worth of rings from Macy's
Six engagement rings worth nearly $30,000 were taken from the Macy's at the Charleston Town Center, and police need your help finding the people who are responsible. It happened just before 9 p.m. Thursday. Investigators say a woman threatened the sales associate, saying her boyfriend had a firearm and would use it if the employee told security. The woman took off with the rings, and the man left about a minute later. wsaz.com

Allentown, PA: Shoplifter makes return trip to Home Depot;
hit the store twice in six days

Authorities allege a shoplifter helped himself at an Allentown Home Depot twice in less than week, walking out with nearly $1,200 worth of merchandise. Allentown police arrested Todd A. Smith, of West Maple Street, on Saturday, charging him with two counts of retail theft. District Judge Michael D'Amore arraigned the 43-year-old Saturday night on two sets of charges, setting bail at a combined $1,000. wfmz.com

Williston, MT: Walmart shoplifter arrested with $1,051 in merchandise; charged with felony

Nashville, TN: Man steals $2,000 in merchandise from Liquor store in minutes

Submit your ORC Association News

Visit the ORC Resource Center


Shootings, Stabbing & Deaths

Dallas, TX: Armed Robber takes the life of a Dollar General employee
A Dollar General clerk was shot and killed Monday night while working at the east Oak Cliff store, police said.
A man walked into the store about 7 p.m. in the 4800 block of Sunnyvale Street, near Loop 12, "to commit a robbery," police said. The man shot the clerk and fled. It's unclear if any property was taken. The clerk was taken to an area hospital, where she died of her injuries, police said. The shooter remains at large. A description of the man was not available Monday night. dallasnews.com

Augusta, Maine: Shots fired inside Walmart on Monday night, man in custody
A man is in custody following the discharge of a firearm inside Walmart in Augusta. Police said the suspect entered the store around 8 p.m. with a firearm, and a confrontation ensued with another person inside - referred to by police as a "good Samaritan" - who was trying to disarm the man with the firearm. They said one shot was fired within the building. Another "scene" outside the store, separate from the altercation inside, involved a woman passing away, according to Augusta Police Deputy Chief Jared Mills. The woman's cause of death was not immediately known, but Mills said it wasn't due to "a gunshot wound or anything that was apparent" and that police would be working with the medical examiner's office to determine exactly what happened. wcsh6.com

Robeson County, SC: One wanted, one arrested after shooting outside Food Lion
Terrell Lashawn Hunt, 31, is wanted for opening fire Sunday night injuring one person in the Food Lion parking lot in the Red Springs community of Robeson County, according to Captain Kimothy McFadden with Red Springs police. Monroe said Hunt fired several times in the parking lot of Food Lion while customers and other bystanders ran for cover. wpde.com

Oroville, CA: Shooting at Oroville Walmart leaves one in critical condition
A man is in critical condition and four suspects remain at large after a shooting in a Walmart parking lot in Oroville. Oroville Police received several 911 calls reporting shots fired at around 4:15 p.m. Monday. Emergency responders arrived to find a man bleeding from his torso and two spent bullet casings laying on the ground nearby. Security footage showed the victim drove into the Walmart parking lot, spoke briefly with two women without getting out of his car, then parked in the southwest corner of the lot. sacbee.com

Hanover, ON, Canada: Suspects In Wal-Mart Stabbing Identified;
Loss Prevention agent injured

Police in Hanover have obtained arrest warrants for two Brockton residents following that stabbing at the Hanover Wal-Mart on Friday afternoon. 29-year-old Joseph Pollard and 28-year-old Samantha Hillyer are wanted on a number of charges. Police continue to encourage Pollard and Hillyer to contact lawyers and surrender at the Hanover Police Service. The pair have been identified as suspects in the stabbing of a Loss Prevention Officer at Wal-Mart. The officer was trying to detain two individuals for suspected shoplifting when the incident occurred. The officer was treated at the Hanover and District Hospital and later released. blackburnnews.com

Los Angeles, CA: Shooting death at Westfield Fashion Square mall being investigated as possible suicide

Whittier, CA: Liquor Store Robber Fatally Shot by Store Clerk

Robberies & Thefts

San Francisco, CA: California Inmates Sought in Brazen Courthouse Escape; facing trial in Armed Cell Phone store robbery
Two men charged with tying up employees at gunpoint during a cellphone store robbery made a dramatic escape Monday from a suburban Silicon Valley courthouse, fleeing in a car waiting outside for them, officials said. The escape by Tramel McClough, 46, and John Bivins, 47, appeared to be orchestrated, and investigators were trying to determine how they got away from a sheriff's deputy who had been guarding them, the Santa Clara County Sheriff's Department said in a statement. usnews.com

Florida Man Admits to Engaging in Weeklong Robbery Spree

Indianapolis, IN: Pawn Shop employee in Critical Condition; Police search for 3 Armed men

Tampa, FL: Liquor store chain pushing Tampa PD to do more to go after shoplifters; Police are a no show

Helzberg Diamonds in Elmhurst, NY reported a Grab & Run on 11/6

Kay Jewelers in the Hanford Mall, Hanford, CA reported a Grab & Run on 11/6, item valued at $8,399

Piercing Pagoda in the Coral Square Mall, Coral Springs, FL reported a Burglary on 11/5

Piercing Pagoda in the Galleria at White Plains, White Plains, NY, reported Distraction Theft on 11/6

Zale Jewelers in the Westfield Culver City, Culver City, CA reported a Grab & Run on 11/4, item valued at $5,339

Zale Jewelers in the Burbank Town Center, Burbank, CA reported a Burglary on 11/6, no loss reported

Zale Jewelers in the Pearland Town Center, Pearland, TX reported a Grab & Run on 11/6, item valued at $7,999

Credit Card Fraud

Gainesville, FL: Two suspended Florida Gator football players granted pre-trial intervention

Arson & Fire

UK: Rugeley, England: Arsonists are suspected of starting a devastating fire at an Amazon Distribution Center
The fire broke out shortly after midday on the third floor of the depot and spread to the fourth floor, causing serious damage. Staff were evacuated as the 700,000 sq ft warehouse filled with thick smoke from burning stock. It is not yet known how it will affect Christmas deliveries or the Black Friday flash sales due to begin next week. The fire service said the blaze "involved a large amount of goods which were well alight when the crews arrived." thesun.co.uk

Billings, MT: Fire at Home Depot causes estimated $50,000 in damage

MacFarland, CA: Fire crews battle strip mall fire, $300k in damage

Bolton, England: More than 25 Porsches damaged after fire at garage being used to store the cars

Sentencings & Arrests

Detroit, MI: Suspected shooter in fatal O'Reilly robbery in Detroit arrested
A woman is under arrest suspected of killing a man during a robbery at an O'Reilly auto parts store in Detroit. Shawnta Anderson, the 23-year-old woman police say pulled the trigger is now in custody. One step closer to bringing justice to James Haller's family who is still reeling from his cold hearted murder. fox2detroit.com

Thornton, CO: Accused Walmart gunman could face death penalty;
charged with 36 counts of murder and attempted murder

A Colorado man who prosecutors say walked into a Walmart store in a Denver suburb and opened fire seemingly at random, killing three people, has been charged with multiple counts of murder and attempted murder. Scott Ostrem, 47, was told during a brief hearing in Adams County District Court in Brighton that he had been charged with six counts of murder and 30 counts of attempted murder. The six murder counts include two for each slain victim, under different legal theories. The defendant, who was shackled and dressed in yellow and white jail garb, gave one-word answers to the judge. He did not enter a plea. news.com.au

Oshkosh, WI: Two plead not guilty in Shopko parking lot shooting
Two men charged in connection with shots fired in a Neenah department store's parking lot pleaded not guilty Monday. No trial dates were set for Rico Harvest and Anthony Pitzrick. Both return to court Dec. 18 for pre-trial conferences, court records show. Pitzrick and Harvest face multiple charges, including attempted homicide, for the Aug. 6 incident in the Shopko lot. No was injured. fox11online.com

Phoenix, AZ: Man Sentenced to 260 Years in Prison for Violent Robbery Spree

Copperas Grove, TX: Man convicted in deadly local Walmart shooting sentenced

Columbus, GA: Man charged with attempted murder in gas station robbery

St. Louis, MO: Man charged with armed robberies of 3 stores in St. Louis


Bagel Shop - West Hazleton, PA  - Armed Robbery
Coin Shop - Mankato, MN - Burglary
C- Store - Albany, NY - Robbery
Laundry - Merced, CA - Burglary
Liquor Store - Whittier, CA - Armed Robbery / suspect shot & killed
Liquor Store - Easton, MA - Armed Robbery
Liquor Store - Nashville, TN - Robbery
Liquor Store - Oklahoma City, OK - Robbery
McDonalds - Rockford, IL - Armed Robbery
Pawn Shop - Indianapolis, IN - Armed Robbery/ shooting - employee wounded
Pharmacy - Surfside Beach, SC - Armed Robbery
Pharmacy - Weston, FL - Burglary
Pizza - Philadelphia, PA - Armed Robbery
Rite Aid - Brockport, NY - Robbery
Sally Beauty - Troy, NY - Robbery
Starbucks - Alamo, CA - Robbery
Walgreens - Turlock, CA - Robbery
Weis Markets - West Hazleton, PA  - Armed Robbery



Daily Totals:
15 robberies
3 burglaries
2 shootings
1 killing




None to report.

Submit Your New Hires/Promotions or New Position



Featured Job Spotlights


AVP, Global Executive Protection & Physical Security
Framingham, MA

The Assistant Vice President, Global Executive Protection and Physical Security develops and executes ongoing strategies to minimize risks to the senior level executives of the organization as well as assists in ensuring the successful strategy and implementation of global Home Office Campus and Corporate buildings premises security and life and safety operations...

Sr. Director Asset Protection Retail Operations
Austin, TX

This role reports to the Global Vice President of Retail Operations. This person will be responsible to develop a Global loss prevention strategy, outlining policies, goals and objectives that meet regional needs while providing a safe shopping environment consistent with Whole Foods Markets brand...

Senior Director of Loss Prevention & Safety
Modesto, CA

The Senior Director of Loss Prevention and Safety provides overall leadership for the company's loss prevention and physical and food safety activities and is responsible for the development, maintenance, and continuous improvement of enterprise-wide loss prevention programs and food safety strategies...

Senior Director, AP Operations & Safety
Hoffman Estates, IL

The Senior Director, AP Operations & Safety is responsible for leading the Corporate Asset & Profit Protection Operational and Administrative functions for Sears Holdings Corporation...


Senior Manager of Investigations
Dublin, CA
● This position will lead the Internal Theft Investigations Team - based out of our Dublin Corporate Office
They are responsible for company-wide theft lead generation, field/corporate investigations and case closures...


Senior Manager of Crisis Operations
Dublin, CA
This position will lead a team of Crisis Mangers, Senior Analysts and Crisis Analysts based out of our Dublin Corporate Office
They are responsible for all crisis response efforts, company-wide communication, safe travel program and any company threats...

Director, LP Technology
Dublin, CA

The Director, Loss Prevention Technology is responsible for directing LP technology across both Ross and dd's stores to reduce shortage and support safe and secure environments in both new and existing stores...

Global Security Manager
Santa Clara Valley, CA

As the single point of contact for all security related matters, this position provides support to engineering, operations, and other specialized teams, reports on relevant topics to stakeholders at all levels of the company, coordinates the roll-out of policies and directives globally, and any other duties assigned by the Director of Global Security...

Loss Prevention Investigator
Northern Virginia/DC

The Loss Prevention Investigator is responsible for utilizing proper investigative techniques and act as the primary liaison with field operations management. Conducts investigations into cash losses, deposit shortages, associate theft, overall shrinkage, and other matters...

Wawa is a diverse, talented and customer friendly organization, where our associates are our most valuable asset. We offer educational assistance programs, advancement opportunities, competitive compensation, excellent healthcare benefits, 401(k) with company match, Employee Stock Ownership Plan, and Employee Resource Groups with a focus on veterans, women, LGBTQ, young professionals, and diverse cultures.

District Asset Protection Manager - Metro NY and Long Island, NY
Garden City, NY

Amazing opportunity! High profile, fast paced district available for a Multi-Unit Asset Protection professional with operational savvy or a General Manager passionate about Asset Protection and Safety. As the District Asset Protection Manager you will lead administration of Asset Protection programs and training for an assigned district in order to drive sales, profits, and a customer service culture...

Protection Specialist
Chanhassen, MN

The Protection Specialist Position reports to the Protection Team Supervisor. Protection Specialists work in Iverify's virtual security monitoring center, the "I". Protection Specialists monitor for both emergency and non-emergency electronic video and audio signals and respond to incidents accordingly...

Featured Jobs

To apply to any of today's Featured Jobs, Click Here

Today's Daily Job Postings from all around the net - Appearing today only

To apply to today's Internet Jobs, Click Here

Sponsor Today's Internet Jobs 




Pep Talks, Questions and Art Can Help Keep Your Team Successful

The Science of Pep Talks to Build Winning Teams  Great leaders help energize and engage their team with their words, and a great pep talk can help get everyone pumped up, inspired and ready to work. Here's how to give your team an impactful pep talk. Get emotional

5 Ways to Keep Your Team Magnetic and Connected  It's critical for your team to understand the mission, where they are going and why they are doing what they're doing. Here's how to make your vision compelling and bring your team together. Get artsy

The Most Effective Teams Answer Yes to These 5 Questions  Google doesn't leave anything to chance, especially with putting teams together, and how effective they will be. Here are five questions your team should be able to answer yes to, in order to have rockstar status. Diagnostic tools

How to Help Your Team Hustle During the Holidays  Holidays are notorious for slashing productivity, but it doesn't have to happen to you. Teams that thrive during this time of year embrace challenges by executing a focused plan. Here's how to keep everyone on track. Steps and Sprints


Submit Your Group LP Selfie Today!


With the ever increasing role technology is playing in our world and booming m-commerce and e-commerce business the profile of the future LP executive will change dramatically over the next decade. Getting in front of it might be a wise path as it will actually continue to increase. Taking classes, reading books, getting involved is the key. Mastering technology in so far as the benefit it delivers and the exposure it represents should be an objective in your career development.

Just a Thought,
Gus Downing

We want to post your tips or advice... Click here

Not getting the Daily? Is it ending up in your spam folder?
Please make sure to add d-ddaily@downing-downing.com to your contact list, address book, trusted sender list, and/or company whitelist to ensure you receive our newsletter. 
Want to know how? Read Here

FEEDBACK    /    www.downing-downing.com    /    Advertise with The D&D Daily