ADT Acquires I-View Now to Help Revolutionize Professional Monitoring
ADT, a smart-home security provider serving residential and business customers, has taken another step to reduce false alarms and improve emergency response by acquiring I-View Now, a leading video alarm verification service.

“ADT is a purpose-driven company,” Jim DeVries, president and CEO, ADT, said in the announcement. “We believe everyone deserves to feel safe, which means we are always looking for opportunities to invest in new technologies that keep us at the forefront of security innovation.”

With the use of I-View Now technology, public safety answering points (PSAPs), like 911 dispatchers, will be able to better confirm whether an alarm is a true emergency. Video, location, sound, sensor, user and activity data can now be combined with predictive analytics to provide a comprehensive dashboard of information about what is taking place during an alarm. This critical information allows customers, ADT and first responders to make better decisions quickly, helping protect lives and property.

For more information about ADT and I-View Now, please visit www.adt.com and www.i-viewnow.com.
 

Chicago's Retailers - Feeling the Theft Impact - State Attorney Rejecting 69% Of Felony Retail Theft Cases

CWB Chicago Reporter Takes Cook Co. State Atty to Task for Retail Theft Spiking; Shoplifting soars as prosecutors back off in Chicago

A CWBChicago examination of Chicago Police Department data found that retail theft cases are up sharply in recent years across the city and in its busiest shopping corridors.

The increase comes as Cook County State’s Attorney Kim Foxx makes a public effort to back away from retail theft prosecutions. Attorneys in Foxx’s office are instructed to not pursue felony charges against shoplifting suspects unless the value of the pilfered merchandise exceeds $1,000. That’s three times the $300 felony threshold set by state law.

Since Foxx was elected in November 2016, retail theft reports are up 20% across the city. Along the posh Rush Street shopping district, reported incidents have more than doubled. And on State Street, famed in movie and song for its shopping opportunities, retail theft cases are up 32%.

But the North Avenue retail strip between Halsted Street and the Chicago River may be the hardest hit. 
Retailers there filed 100 shoplifting reports with police through the end of September. That’s more than all of last year.

In a meeting with Cook County Board President Toni Preckwinkle this summer, suburban mayors spoke about the frustration their police officers and retailers have had with Foxx’s policies. From the Chicago Tribune:

“People are not being prosecuted for stealing,” Justice Mayor Kris Wasowicz told Preckwinkle during the event at the Oak Forest Village Hall hosted by 6th District Cook County Commissioner Donna Miller.

“My police officers are frustrated, my merchants are up in arms,” Wasowicz said.

Thieves have shoplifted up to $1,000 worth of goods at a time from independent retail stores and prosecutors did doing nothing about it, he said.

“A thousand dollars in merchandise — for a small business that could be the profit margin for a month,” Wasowicz said.

Foxx’s office issued a statement after the meeting:

“The state’s attorney’s office continues to prosecute both misdemeanor retail theft cases when charged by law enforcement and felony retail theft cases to the full extent of the law,” the office said.

Yet, Foxx’s own policy of not pursuing felonies for thefts of less than $1,000 is a direct conflict with her claim to be pursuing cases “to the fullest extent of the law.”

Read the full report here: cwbchicago.com


Update: Rejection of felony shoplifting cases skyrockets under Foxx
According to data on the state’s attorney site, prosecutors under Foxx are rejecting felony shoplifting cases more often than they pursue them. The ratio? About 2-to-1. By comparison, in the year before Foxx was sworn in, prosecutors approved felony retail theft charges by a ratio of roughly 3-to-1.

Police officers who believe an arrestee qualifies for a felony charge must present their case to an ASA for “felony review.” Generally speaking, the ASA will either approve the felony or reject it in favor of a misdemeanor charge.

In 2016, ASAs rejected 26% of Chicago Police Department requests for felony retail theft approval, according to the state’s attorney’s data. The next year, Foxx’s first in office, ASAs rejected 65% of such requests. The rejection rate so far this year is 69%.

The data also shows that Chicago police, understanding Foxx’s policies, are asking for felony retail theft approval far less often than before Foxx took office. CPD requests for felony approval fell 34% during Foxx’s first year. cwbchicago.com

Academy Sports broke law selling rifle to Sutherland Springs church killer, feds allege
A Texas sporting goods store broke the law when it sold an AR-15-style rifle and large-capacity magazine to a man who later committed a mass murder at a San Antonio-area church, federal prosecutors argued in a court filing.

Devin Patrick Kelley, who fatally shot himself as authorities chased him following the bloody massacre at First Baptist Church in Sutherland Springs in 2017, was ineligible to make the purchase because he used a Colorado driver’s license as identification, prosecutor Paul David Stern wrote.

“Sale of that rifle would have been illegal in Colorado,” Stern wrote, referring to a Model 8500 Ruger AR-556 that authorities say Kelley bought from Academy Sports + Outdoors.

In 2017, Texas Gov. Greg Abbott said the state had denied Kelley a gun permit and he should not have been legally allowed to own a firearm, the BBC reported.

Now federal authorities are looking to add the Texas retailer as a possible third party in a lawsuit that relatives of those killed or wounded in the massacre have filed against the federal government. The plaintiffs argue that the U.S. Air Force neglected to add Kelley’s criminal data to a national database that might have blocked his weapons purchase, despite six opportunities to add the information. foxnews.com

Employee Steals Trade Secrets
Corporate Espionage - Or Just Trying to Get a Better Job...  'Anheuser-Busch accuses MillerCoors of stealing its beer recipes'
In a court filing from Thursday, Anheuser-Busch now claims that a MillerCoors employee obtained its secret recipes immediately before and after the Super Bowl ad aired.

In the latest escalation of the legal battle between Anheuser-Busch InBev and MillerCoors, the Bud Light brewer is accusing its rival of stealing secret recipes for its beers, including Michelob Ultra and Bud Light.

In September, a federal judge issued a preliminary injunction against Anheuser-Busch, preventing the beer giant from using Bud Light packaging that says “no corn syrup.” Anheuser-Busch is appealing the decision.

In a redacted counterclaim filed Thursday, the Bud Light brewer alleges that a former employee who now works at a MillerCoors brewery in Colorado was obtaining information from current Anheuser-Busch employees who were violating confidentiality agreements in the days before and after the Super Bowl. Some of his questions involved the use of corn syrup in the brewing process, Anheuser-Busch claims in the filing.

Senior executives from MillerCoors were asking for the information, and CEO Gavin Hattersley was included on email chains about the findings, the filing alleges.

“We will enforce our right to uncover how high up this may reach in the MillerCoors organization,” Anheuser-Busch said in a statement. “We take our trade secrets seriously and will protect them to the fullest extent of the law.” cnbc.com

Study reveals the changing face of online fraud
Cybercriminals are adapting to retailer success in detecting payment fraud

According to the seventh edition of the Fraud Attack Index from e-commerce fraud prevention platform Forter, online fraud is evolving rapidly beyond the point of the transaction to accounts such as loyalty programs and abuse of return policies. Loyalty fraud has increased by 89% year-over-year, while the total dollar amount in online fraud has increased by 12% year over year.

The Fraud Attack Index also shows that fraudsters are having significantly more success in account takeover (ATO) attacks, with 1.5 million consumers whose accounts had already been compromised had additional accounts opened in their name. Fraudsters transfer funds to these accounts from their victims’ legitimate accounts. This represents a factor of two increase from the previous high.

The study also reveals that both buy-online-return-in-store (BORIS) fraud and buy-online-pickup-in-store (BOPIS) fraud increased by 23%. Coupon abuse saw an increase of 10%.

In the face of shifting online fraud patterns, Forter advises retailers to implement a continuous and automated fraud prevention and detection approach that assesses events throughout the entirety of the customer journey. In addition to focusing on chargebacks and credit card fraud at the point of transaction, retailers need to address fraud in a holistic and accurate manner across the entire customer journey. chainstoreage.com

Europol's Operation SECTIO:
International hit against Belarusian organized crime gang involved in international cargo thefts
The German Police Department Heidekreis, in cooperation with the French Gendarmerie and Czech authorities, the German State Criminal Police Office of Saxony-Anhalt, EMPACT OPC, and Europol dismantled a Belarusian organised crime group involved in international cargo thefts. 

The group was targeting trucks on motorway rest areas and parking lots to steal the cargo. The group is suspected of having been involved in almost 60 offenses in the German state of Lower Saxony alone. The total damage committed sums-up to over €500 000 - $547,000 U.S.. The main geographical focus of the group was along the German motorway number 7, near the capital city of the Federal State of Lower Saxony, Hannover. Since December 2018, the Police Department Heidekreis (Federal State of Lower Saxony) had been investigating the organised crime group of at least six Belarusian offenders.

On 10 October 2019, four members of the organised crime group, including its ringleader, were caught red-handed in Germany. In the course of this arrest, a truck with stolen TVs was seized. Further investigations are ongoing. europa.eu

Have Giant Food and Stop & Shop nailed ‘frictionless’ checkouts?
Retail Business Services, the technology services arm of Ahold Delhaize USA, has announced that its proprietary ScanIt Mobile frictionless checkout technology is being rolled out to nearly 30 of the grocer’s stores by the end of the year. The tech is being deployed at all of the new Giant Heirloom Markets and select Stop & Shop stores.

Customers using the ScanIt mobile app walk shop the store scanning products they wish to purchase as they go. When finished, customers go through a designated checkout lane where they see a “payment approved” message before exiting the store. Payments are processed through customers’ mobile wallets. The service accepts Apple Pay, Google Pay, PayPal and Venmo. retailwire.com

Consumers demand retailers partner to provide Click & Collect services
The appetite for click-and-collect services has grown, with new research suggesting consumers want more retailers to team up in order to offer it in more convenient locations. According to Barclaycard, a third of retailers who offer click-and-collect have seen store sales increase as 68 per cent of shoppers are now choosing to pick up online orders in-store.

Convenience appears to be a leading factor of the trend, with 42 per cent of consumers saying that they rely on click-and-collect services because they are out during the day, and 15 per cent choose the option because they can’t send their deliveries to work. retailgazette.co.uk
 

"CBD isn't just a fad - It's the start of a Revolution"
"I don’t think we anticipated so much of a boom in the space so quickly,” in the beauty business.

Because it isn’t regulated by the FDA, the CBD category swings wildly between carefully crafted, seriously researched skincare consumers can feel good about (i.e., Superflower, Lord Jones) and private label garbage containing very little – if any – actual cannabidiol. Per an article in JAMA (Journal of the American Medical Association), a 2016 study on 84 CBD products from 31 companies found that only 31 percent contained the percentage of the active ingredient claimed on the label.

For sure, the beauty industry is welcoming the new category with open arms. Alongside face masks, unisex fragrance, sexual wellness products and hair accessories, CBD products will become eligible for a CEW Beauty Award for the first time beginning in 2020. therobinreport.com

Keeping Your CA Cannabis License: Get a Compliance System
Cannabis businesses must demonstrate they have the capability to be legally compliant as a condition to issuance of their state and local licenses. That compliant moment is only a glimpse of the business’s life, but it cannot be a fleeting thing, as periodic inspections can make or break your business. 

Depending on the license type, the cannabis business can be inspected at any time by the Bureau of Cannabis Control (BCC), the California Department of Food and Agriculture (CDFA) or the California Department of Public Health (CDPH). Cal. Code Regs. tit. 16, § 5800. Inspections by one or more of those licensing agencies can occur unexpectedly and often, which means the business must strive to maintain compliance at all times to avoid any operational stoppages, expenses associated with resolving notices to comply and other citations, and ultimately failure. cannabisbusinessexecutive.com

Four Northeastern Governors Team Up on Vaping and Marijuana Standards
The governors of New York, New Jersey, Connecticut and Pennsylvania met to discuss vaping and the legalization of recreational marijuana in hopes of reaching a consensus on regional standards. wsj.com

"Alexa, help me find a job at McDonald's"
McDonald’s Claims First ‘Voice Apply’ Process
That's how interested job seekers can start an application with the global fast-food company, McDonald's recently announced. Claiming it to be the world's first voice-initiated job application process, the company has launched McDonald's Apply Thru, which works on Amazon Alexa and Google Assistant. shrm.org

The Zellman Group Increases Partnership Level with the LPF
The Loss Prevention Foundation (LPF) announced that The Zellman Group has advanced its partnership to become the newest Doctorate level scholarship partner. Zellman has been a long-time bachelor level partner and supporter of the LPF and with their commitment to becoming a Doctorate level partner they are continuing to set an example to the industry regarding the importance of continued education. The Doctorate level partnership secures numerous certification course scholarships for distribution to retailers, universities and internal associates. It also enables Zellman to provide complimentary LPF memberships to loss prevention practitioners. yourlpf.org

Mgr Asset Protection Sr posted for Save-a-Lot Food Stores in St. Ann, MO.
Lead team of Regional Asset Protection Managers in the prevention and detection of retail losses. Oversee process to communicate findings to Compliance, Operations and Executive staff as appropriate and offer suggestions for process improvement to mitigate losses. kronostm.com

SnapPay Launches Facial Recognition Payment Technology in North America

Exclusive: Lampert helps bankroll Sears as woes persist after bankruptcy

Are You In? Become an NRF Cybersecurity Program Sponsor

NRF is looking to collaborate with strategic partners to develop research, events and year-round products and services for cybersecurity professionals in retail.

By becoming a partner, you'll be able to lead a cybersecurity webinar, receive two full conference passes to NRF 2020 Vision: Retail's Big Show, become a member of the NRF Cybersecurity Advisory Group and so much more.

Click here to learn more.

Interested in becoming a partner? Contact Tami Sakell at sakellt@nrf.com or (202) 661-3044
 

They've Got Hackers Scattering
Police Boost Collaboration to Root Out Europe’s Dark-Web Markets
Specialized team at Europol is working to coordinate with more countries

Police authorities across Europe are stepping up coordination to investigate dark-web marketplaces after taking down four major online forums in the past two years.

A dark-web team created last year at Europol, the European Union’s law-enforcement agency, is working to involve more countries in investigations, said Steven Wilson, head of Europol’s European Cybercrime Center. The group collaborated with police in four European countries and the U.S. to take down two major dark web marketplaces this year, the Wall Street Market and Valhalla, which sold illegal drugs and firearms, among other things.

In 2017, a global operation led by Dutch and U.S. authorities resulted in the dismantling of two other marketplaces, AlphaBay and Hansa, some of the world’s largest online forums for illegal goods. The collaboration involved pushed Europol to set up its dark-web team, Mr. Wilson said. “That really proved the case to say that if we can coordinate this, we can maximize the effects,” he said.

“We see now large proportions of the dark net being destabilized,” Mr. Wilson added.

Europol’s dark-web team includes cybercrime experts who work with specialists in drugs, weapons and other areas from the agency’s cybercrime center. Officials declined to say how many experts are part of the team.

European efforts to root out such marketplaces are important because much of the infrastructure underpinning dark-web activity is based there, cybercrime researchers say. “Europe is actually contributing a lot to the dark net infrastructure.”

High-profile dark-web marketplaces have run on hosting services in the Netherlands, cybercrime experts said, due to a confluence of factors. Some Dutch providers offer so-called bulletproof hosting services that promise to refuse police access to data centers even if they have subpoenas.

After the dismantling of the Wall Street Market and Valhalla this year, Europol said criminals have moved to smaller dark-web forums that can be more difficult for police to investigate, WSJ Pro Cybersecurity reported last week. “This environment is volatile,” Mr. Ruiz said. wsj.com

Open Cybersecurity Alliance: In Pursuit of Interoperability
With 18 Vendors on Board, Experts Assess New Group's Chances for Success

Eighteen technology companies have formed the Open Cybersecurity Alliance to foster the development of open source tools to improve interoperability and data sharing between cybersecurity applications.

But some observers say getting all the players to agree on a common platform will be challenging.

The initial open source content and code will come from IBM and McAfee, which has been spearheading the project.

The new alliance was formed under the auspices of OASIS, a consortium driving the development, convergence and adoption of open standards. It was launched as an OASIS Open Project on Oct. 8.

In addition to IBM and McAfee, initial members of the alliance include: Advanced Cyber Security Corp., Corsa, CrowdStrike, CyberArk, Cybereason, DFLabs, EclecticIQ, Electric Power Research Institute, Fortinet, Indegy, New Context, ReversingLabs, SafeBreach, Syncurity, ThreatQuotient and Tufin. The group says it will continue to welcome new members. govinfosecurity.com

When Using Cloud, Paranoia Can Pay Off
Workers worried about their employers, government agencies, or the service provider themselves, should think hard about the information they store in cloud services, Martin Shelton, a principal researcher with the Freedom of the Press Foundation, stated in an Oct. 9 column. 

"If you can see it, the administrator can likely see it," he wrote. "If the administrator can see it, Google can likely see it. And if Google can see it, it's likely subject to requests from government agencies." 

With 81% of companies using cloud productivity applications, both businesses and workers should understand the risks of using a cloud service, experts say.

"The short version is that, theoretically, Google can see anything that you can see in G Suite," says Jeremy Gillula, technology projects director with the Electronic Frontier Foundation. "Whether or not they actually do, is a totally different story."

Users of any cloud productivity software generally have three threats to worry about: hackers, providers, and governments.

Because both Microsoft and Google encrypt data at rest in their cloud, the information is protected against direct online attack. Steal the data, and it is still unreadable. However, online attackers have increasingly focused on stealing credentials and accessing the cloud by impersonating the authorized user. To foil such attacks, companies and individuals need to add multi-factor authentication, experts say. darkreading.com

Cybercrime Tool Prices Continue to Rise on Darknet Sites
Payment Card and Passport Data Are Most Sought-After Commodities, Report Finds

Over the last two years, prices for various cybercriminal and hacking tools have continued to rise on so-called darknet sites as attacks, such as ransomware, have grown more sophisticated, according to research published this week by security firm Flashpoint.

In one example, the researchers noticed that the price of a distributed denial of service botnet ranged from $1 to $100 across various forums. This is an increase from two years ago, when the high-end prices for these botnets stood at about $27, depending on the bandwidth and duration of the attack, the report shows.

At the same time, payment card and passport data remain a sought-after commodity for criminals on these various underground forums, the research shows. govinfosecurity.com

Phishing Campaign Targets Stripe Credentials, Financial Data
Attackers make use of an old trick and evade detection by blocking users from viewing an embedded link when hovering over the URL.

Researchers have spotted a new phishing campaign targeting credentials and financial data of people using the Stripe payments platform. Emails are disguised as alerts from Stripe support.

Stripe enables e-commerce, facilitates payments, and helps run businesses with its software-as-a-service platform. Online companies use Stripe to receive payments, manage workflows, and update payment card data, among other things. Its millions of global customers include major brands, among them Amazon, Google, Salesforce, Microsoft, Shopify, Spotify, Nasdaq, and National Geographic.

Now attackers are trying to gain access to credentials for Stripe's platform and the billions of dollars it handles each year. This access could enable the adversaries to steal payment card data and defraud customers, report researchers with the Cofense Phishing Defense Center today. darkreading.com