The D&D Daily Mobile Edition
LP, AP & IT Security's #1 News Source

News Brief
Sponsored by WG Security Products, Inc.
 

Washington pawn shop owner arrested over suspicions of fencing stolen goods on eBay

One Stop Pawn Shop operated at 19002 Lenton Place in Monroe, until doors were closed around the end of 2016, according to a search warrant affidavit. Grigoryan reopened as NW Gold Buyers in a Highway 99 strip mall in Lynnwood in 2017. He still had dedicated regulars — some who would visit him more than once a day — and some kept coming while he didn’t have a storefront.

Merchandise came in so fast he started conducting deals aftre hours while still in the Sky Valley, according to the search warrant. He was allegedly being handed garbage bags full of goods. Some customers walked away with hundreds of dollars in cash. Read more

For further information on PROACT, email inquiries to PROACT@eBay.com.

Protect High-Theft Products without Decreasing Sales

When combating shrink, it’s important for retailers to pursue common-sense solutions in their stores. Many loss prevention products in the market today keep merchandise under lock and key (closed system), which can decrease sales by as much as 38 percent. Also, many loss prevention products are limited in functionality. This is where Southern Imperial’s patented SONR System comes into play.

The SONR System, an Intelligent Loss Prevention solution, uses an open system design to draw associate attention to activity while allowing shoppers to remove and replace product without assistance from store personnel. Moreover, the SONR System is a multi-tiered security solution that allows retailers to control the level of security for individual products and situations.

Its basic level of security starts with the SONR Hook and Echo Box. Merchandise removed from the hook, by raising the attached label holder, triggers the initial response. Once raised, a warning beep is emitted to alert store personnel that there is activity in the area. The Echo Box, which is installed up to fifteen to twenty feet away, will mimic all warning beeps on the floor to alert store associates to the activity. For the second tier of security, the Echo Box can also be set to alarm if the SONR Hook is lifted for too long or cycled too often in a short time span. Finally, for retailers requiring an additional tier of security, the SONR System can link into existing security and communication systems to suit store needs.

Placing merchandise behind lock and key can have as dramatic of an impact on sales as product theft. The SONR System provides retailers with a viable solution for displaying valuable items without losing them to shrink. It keeps product visible, accessible, and most importantly, shoppable.

To see how it works, check out the video:

For more information on the SONR system and how it works, contact Southern Imperial at 1.800.747.4665.

Russian Must Pay $302M In International Data Hacking Case
7-Eleven, JCPenney, Hannaford Brothers retail networks affected
A Russian national was ordered Thursday to pay $302 million in restitution to five corporate victims after he copped to his role in what officials have dubbed one of the world’s largest data breaches that targeted Nasdaq, Dow Jones Inc. and a slew of other companies, according to documents filed in New Jersey federal court.

U.S. District Court Judge Jerome B. Simandle said Dmitriy Smilianets, 34, of Moscow must turn over $200 million to payment processor Heartland Payment Systems Inc. and $92 million to electronic transaction processor Global Payment for helping to sell financial data collected in a global hacking scheme. The remaining $10 million is owed to Dexia Bank Belgium, Euronet and Diners Club International.

Smilianets pled guilty in 2015 to conspiring to commit wire fraud in a manner affecting a financial institution two years after a grand jury hit him and others with an 11-count indictment. Prosecutors dismissed the remaining counts after sentencing him in February to 51 months and 21 days in prison, or time served.

He is one of five defendants and four co-conspirators accused of stealing more than 160 million credit card numbers from 2005 to 2012 by hacking into corporate networks and planting malware that allowed them future access, court documents show. The hackers then sold the sensitive data they mined, causing hundreds of millions of dollars in losses.

The networks affected included those belonging to 7-Eleven Inc., JCPenney Inc., supermarket chain Hannaford Brothers Co., JetBlue Airways, Visa Inc. and Discover Financial Services Inc., according to a 2013 indictment. law360.com

Canadian retail loyalty program PC Optimum gets hit by points theft twice
Loblaws blames password glitch
​Thieves continue to steal hundreds of thousands of PC Optimum rewards points, and some members have had the misfortune of being hit twice. The reason? A glitch in the program's system allowed a thief to stay in a member's online account even after the initial theft was discovered and the password reset.

After being contacted by CBC News on Monday, PC Optimum's owner, Loblaws, said it was fixing the password reset glitch, and reported on Friday that the problem had been resolved. The retailer said only "a very small number" of its nine million members had been negatively affected.

Since launching on Feb. 1, the PC Optimum rewards program has battled a handful of technical issues, including strangers' accounts being combined together and members' points disappearing into cyberspace. cbc.ca

7 Non-Financial Data Types to Secure
Here's a look at seven data types many companies have collected and hoarded with abandon, and that need to protected just like financial data. If your organization has terabytes of any of these data types sitting in a warehouse, lake, or cluster, then it may be time to start the audit to see just how exposed it - and your company - truly are:

Medical Information - Even if your company isn't bound by HIPPA, health-based information must be considered exceptionally sensitive and must be protected as such.

Browser History - When an organization uses tracking cookies as part of its Web application suite and stores the information as part of its customer data, then that central store becomes extremely valuable - and vulnerable.

Survey Data - Once a company has data from a survey, whether the immediate point of the survey is entertainment or political action, it should treat that data as PII and take steps to protect it accordingly.

Comments - If your organization allows users to make comments, then it should protect those users from having their comments scraped, stolen, and combined with other information to help criminals bring them to harm.

Employment Details - When we protect employee data, we tend to focus on those pieces that connect directly to a bank account or other financial factor. But a company may have a legitimate need to keep all kinds of information that can be used to target the employee for intimidation, blackmail, or harassment — all things that can be enormously damaging to the individual and costly for the company to remediate.

Passwords - When a password file is breached, the effects can ripple out across scores of sites and services.

Synthesized Data - Though some professionals like to pretend that Big Data stores are immune to theft because of their size and complexity, hacking teams such as the Lazarus Group have shown that they are willing to get into a network and slowly exfiltrate huge data stores over months or years. darkreading.com

15 security expectations for suppliers and business partners

Domino's unveils nationwide delivery 'hotspots' - including parks, beaches, etc.

Strategic Asset Protection

ALTO is a comprehensive collaboration program that combines technology, marketing, intelligent prosecution, and concierge-level support services to bridge the gap between retail and law enforcement to create safer store environments and enhance business profitability. Over 7,000 store locations in 100 cities in Latin America, Europe and now the United States have signed on to ALTO’s service. Karl Langhorst, Executive Vice President for ALTO US, tells us about some of their early success here in the States.
 

How Does the NRF
LP Council Work?

As a former VP of LP for the NRF, Joe LaRocca shares with Amber Bradley some of the ins and outs of the NRF LP Council, the work they do, and the value they provide to the industry.
 

Miss an episode? Catch all our "Live in NYC" 2018 videos here.

Get involved in our next broadcast in June at NRF Protect in Dallas. Contact us!

e-commerce
Sponsored by The Zellman Group

The Account Takeover Kill Chain
Fraud and account takeover threats continue to be a significant challenge for security and fraud teams. As security improvements are made at the point of sale, including EMV chip adoption, increased online sales are driving increases in fraud targeting online applications. With access to the security data exhaust of delivering 15-30 percent of the world’s web traffic, Akamai has confirmed this pattern, observing increases in credential stuffing and account takeover attacks. Because these complex attacks have a repeatable series of steps taken by the attacker, however, there are opportunities for fraud and security teams to disrupt these attacks at every phase.

Credential stuffing, a critical element in account takeover attacks, continues to be observed taking place on a massive scale. In November 2017, Akamai observed more than one trillion requests from bots—a figure that includes all manner of automation, including “good” bots like search engine crawlers and performance analytics tools. The company determined that more than one billion requests from bots during that month were part of credential stuffing attacks targeting retail, with nearly as many targeting the hospitality industry. This is one of the highest volumes of attacks on the Internet.

A kill chain for account takeover would likely start in the same manner as the majority of attacks—with reconnaissance. Attackers will map out endpoints that provide access to login, including web forms, mobile API’s used by native apps, or other exposed API’s. An attacker could leverage automation to help with this task by spidering the site looking for login endpoints to help with manual discovery processes. It is important that defenders also conduct recon of their own assets to ensure that all entry points are enumerated and protected. In our experience, organizations often believe they have protected all login entry points, only for an attacker to find an overlooked API or Web entry point from a less popular entry point. cardnotpresent.com

Amazon program trades merchandise for customer reviews - as long as they are honest
Amazon Vine is an invitation-only program that provides members with free products in exchange for their honest reviews. The merchandise is provided by participating vendors.

The program was created to provide customers with more details, and help them to make more informed purchase decisions. Participating companies - as well as Amazon - do not influence, modify or edit the reviews, according to the company’s website.

Despite suppliers issuing merchandise for review, Vine Voices members are not compensated for participating or writing reviews. Other rules include that contributors cannot manipulate content or features, are share false, misleading, or inauthentic content, according to Amazon’s guidelines. chainstoreage.com

Macy's tops rivals as online apparel destination

Amazon and Walmart Battle for Control of Flipkart

ORC News

Decatur, IL: 2 arrested after buying over $9,000 of Lowe’s merchandise with stolen credit card information
A 33-year-old Chicago man and a 31-year-old Kansas City, Missouri, woman were arrested at 2 p.m. Thursday after police said they purchased more than $9,000 worth of merchandise with stolen credit card information. A signed police affidavit said Decatur police detectives pulled over a white box truck for failing to use a traffic signal. The man was the truck's driver and provided a false name due to an identity theft warrant from Will County. The affidavit said detectives searched the truck's cargo area and found the following items: A $200 trimmer, Four Frigidaire refrigerators valued at $3,200, Two patio chairs valued at $344, Two lawn mowers valued at $678, Three 50-gallon water heaters valued at $1,548, A $1,199 Samsung refrigerator, A $279 washing machine base, A $900 washing machine.

The man and woman were interviewed by police separately and the man said he purchased credit card information on the "dark web" for $100. He told police that he is associated with a Chicago-based group and was ordered to drive the appliances to Chicago and turn the truck over to an unknown person there. The woman told police that she knew the credit card information was stolen, and that she picked up the merchandise from a Lowe's Home Improvement store. The man said that both he and the woman were earning $300 each to transport the merchandise to Chicago, the affidavit said. herald-review.com

Ionia County, MI: Sheriff’s Office needs help in ID’ing retail fraud suspect
According to Undersheriff Charles Noll, reports of retail fraud that began at a Walmart in Delta Township near Lansing have now also occurred at the Walmart in Berlin Township south of Ionia, as well as the Walmart in Greenville in Montcalm County. Noll said the Sheriff’s Office was contacted by Walmart’s Loss Prevention Department, informing them that a group of people, or possibly one person, has been staging items in particular spots throughout Walmart stores only to return later, cover the items, and sneak them out through the store entranceway. thedailynews.cc

Vanceboro, NC: Three people arrested, face 72 felony counts, in Pitt and Craven Co. check fraud case
Three people were arrested in Craven County after a several week investigation by the Vanceboro Police Department. Over the past few weeks, the police department became aware of check fraud. On Saturday, Vanceboro Police said the case generated 72 felonies and several misdemeanors, with more possible charges from other agencies coming. wnct.com

Eau Clarie, WI: Bond set for woman accused in the theft of 56 Cell phones and $6,700 worth of tablets from Walmart
Lasyona Miles, 30, is charged with felony retail theft. Miles, and two other suspects, went into the Eau Claire Wal-Mart in October of last year and stole 56 cell phones from a locked display case. The complaint say video shows the group forcing the display case open, taking the phones and putting them into a container. Investigators say the group is also tied to another theft at the same Wal-Mart in September where they took $6,700-worth of tablets. weau.com

Cranberry Township, PA: Walmart believes theft part of Organized Crime Ring
Pennsylvania State Police in Franklin are looking for more information on four unknown men who stole $1,682 worth of electronics at 8:30 a.m. Friday from Walmart in Cranberry Township. Police said they left the scene in a blue Toyota van with NY license plates. thederrick.com

Retail Crime News
Sponsored by ADT/Protection 1
 

Shootings, Bomb Scare & Deaths

Columbia, SC: Shooting outside Columbia Place Mall; 2 wounded, 1 critical following an argument in parking lot
Saturday afternoon, Deputies said two groups reportedly got into a dispute in the parking lot of the mall just after 2 p.m. The two groups both drew firearms and shot at each other when one of the victims was struck in the upper body and collapsed inside the mall. That person was transported to the hospital with life-threatening injuries. Both groups jumped into vehicles and fled the scene before deputies could arrive. A second victim was later brought to the hospital with a non-life threatening gunshot wound to the lower body. wtoc.com

Royalton Township, MI: 3 dead after Police chase, crash following Gun Shop Burglary
Deputies say three people are dead and a fourth is critically injured after a police chase. The Berrien County sheriff’s office says a break-in was reported early Sunday at the Black Arsenal Gun Store. Authorities say the deputy stopped the SUV, but it sped off and exited the freeway before crashing into a tree. The driver, 20 years old and 2 of the 3 passengers, all 17 were killed. Police found all eight stolen guns at the crash scene. seattletimes.com

Kirkland, WA: Man arrested following Bomb Scare/ hostage situation at an area Gas Station

Robberies & Thefts

Houston, TX: Suspects smash U-Haul into Gun store
This morning at 5am, Houston police are responding to a burglary at a firearms store off the Katy Freeway. Police said the suspects crashed a U-Haul truck into the store, but were unable to get inside and fled the scene. khou.com

Miami, FL: Fireworks used as Distraction inside Dadeland Mall; Theft of a High End Watch from Mayor’s Jewelers
It was time for panic for shoppers at Dadeland Mall, Sunday evening, but not a single shot was fired. Instead, what got patrons agitated started with a crafty crook, a pricey watch and some noisy firecrackers. According to Miami-Dade Police, a thief set off firecrackers at a jewelry store inside the shopping center, in order to create a diversion so he could steal the high-priced timepiece. Investigators said the subject went inside Mayors Jewelers and asked to look at an expensive watch. Just after 6:30 p.m., police said, the thief threw firecrackers as a distraction and ran out with the merchandise. The incident triggered panic among shoppers, resulting in a social media flurry of tweets, photos and videos. Some tweets refer to fireworks being set off inside the mall. wsvn.com

Shreveport, LA: Two Walmart Shoplifters Arrested, one at large after attempting to Run Over a Deputy

Harris County, TX: Deputies searching for Kohl’s shoplifter accused of pointing pistol at LP officer

Topeka, KS: Target Shoplifter punches LP then pulls a knife, now charged with Aggravated Robbery, no injuries reported

Harris County, TX: Deputies continue to investigate 2 shoplifters who pulled gun on Kohl’s LP back in January

Sentencings & Charges

Re-Sentencing Ordered for Two Convicted of 7-Eleven Clerk’s Killing
A state appeals court panel Friday upheld the convictions of two men for a convenience store clerk’s killing during an attempted robbery they committed amid a series of hold-ups throughout the Los Angeles area, but reversed a judge’s sentence of life in prison without the possibility of parole for one of the defendants. The three-justice panel from California’s 2nd District Court of Appeal found that there was “ample evidence” to support Bryant S. Moore’s first-degree murder conviction, but insufficient evidence to support the jury’s finding of the special circumstance allegation of murder during an attempted robbery. Moore was convicted along with Rasheen Childs in the Dec. 22, 2013, attempted robbery of Gonzalo Garcia, 31, at a 7-Eleven store in Highland Park. mynewsla.com

Home of the Industry's Original
On the Move
 

Submit Your New Hires/Promotions
or New Position
See all the Industry Movement

Featured Job Listings
Sponsored by NuTech National
Feature Your Job Here For 30 Days -
70% Aren't On the Boards

Daily Jobs
Appearing One Day Only
View our Internet Jobs Archives here

• LP Manager - Fulfillment Centers - Amazon - Livonia, MI

• LP Manager - Fulfillment Centers - Amazon - Robbinsville, NJ

• E-Commerce Area Department Mgr - Bed Bath & Beyond - Lewisville, TX

• LP Manager - belk - Charlottesville, VA

• Asset Control Mgr - BJ's Wholesale Club - Kearny, NJ

• LP Manager - Boston Store - Glendale, WI

• LP Supervisor - Burlington Store - Somerville, MA

• Regional LP Manager - Giant Tiger - Ottawa, ON, CA

• AP Specialist - Home Depot - Phoenix, AZ

• AP Manager - Hudson's Bay - Saskatoon, SK, CA

• LP Supervisor - Kohl's - Lake Jackson, TX

• AP Manager - Kmart - Santa Fe, NM

• LP & Safety Manager - Lowe's - Madison, AL

• Market ORC Manager -  Lowe's - Indianapolis, IN

• Manager LP & Ops Support - Lowe's - Lexington, SC

• Manager, Operations & AP - Macy's - Centennial, CO

• AP Supervisor - Macy's - Union City, CA

• AP/LP Manager - Macy's - Glendale, CA

• Assistant Manager AP/LP - Macy's - Tukwila, WA

• Operations LP Manager - Neiman Marcus - Northbrook, IL

• LP Manager - Old Navy - San Diego, CA

• District LP Manager - Ollie's Bargain Outlet - Cleveland, OH

• Area LP Manager - Sally Beauty - Boston, MA

• Multi Unit AP Mgr - Sears - Madison, WI

• AP Manager - Sears - Redmond, WA

• Area AP Coordinator - Stein Mart - Birmingham, AL

• Regional LP Manager - Toys R Us Canada - Concord, ON, CA

• Market AP Mgr - Walmart - Watchung, NJ

Your Career
 

Tip of the Day
Sponsored by Vector Security Networks
 

At the end of the day, interviews are based on three basic questions or concerns every executive has about every candidate. 1) How are you going to fit in our culture? 2) Are you really a subject matter expert? and finally 3) What's your plan and how are you going to approach our business and make the biggest impact? And while certainly there's a number of subtopics and other questions about leadership and conflict management, at the end of the day the senior management team is focused on these top three. And while many candidates think they don't have the information necessary to answer those questions in a first interview -- they're wrong because it's all about the preparation and the homework you do before that first interview. And if you do it well you will be able to answer all three.

Just a Thought,
Gus

Post Your Tip or Advice!
(content subject to approval)

Upcoming Events

IOBSE Spring Conference Registration Now Open! April 24-26 Miami-Dade Police Departments Global Cargo Theft Symposium May 1-4 RLPSA Connect May 3 CNP Expo May 15-16 SAVE THE DATE Q2 RAM LP Committee Meeting June 13 Midwest Cargo Security Council One-Day Cargo Security Summit June 20 RLPSA Annual Conference Aug. 5-8 New England LP Expo Sept. 13 SAVE THE DATE Q3 RAM LP Committee Meeting Sept. 14 - DCU Center Worcester, MA CORCA Conference Oct. 3-4 Anti-Counterfeit & Currency Expo Nov. 6-8 SAVE THE DATE Q4 RAM LP Committee Meeting Nov. 7th BJ's Wholesale Inc Corp. Office - Westboro, MA

See More Events

Recruiting?
Get your job e-mailed to everyone... everyday
Post on our Featured Jobs Board!

Reach your target audience in 2018 every day!
Request our 2018 Media Kit

Not getting the Daily?
Is it ending up in your spam folder?
Please make sure to add d-ddaily@downing-downing.com to your contact list, address book, trusted sender list, and/or company whitelist to ensure you receive our newsletter. 
Want to know how? Read Here

SUBSCRIBE

FEEDBACK

www.downing-downing.com

Advertise With The D&D Daily

36615 Vine Street, Suite 103
Willoughby, OH 44094
440.942.0671
copyright 2009-2019
all rights reserved globally