Intellicheck’s Technology Saves Retailers and Consumers From Black Friday Fraud Losses as Chinese Fake ID Seizures Highlight Ongoing Risks

Intellicheck (NYSE AMERICAN: IDN) President and CEO Bryan Lewis says the company’s state-of-the-art technology solutions, driven by Retail ID and Retail ID Online, saved retailers, consumers and financial institutions from millions of dollars in potential losses on Black Friday.

Early data shows attempted fraudulent purchases at retailers using Intellicheck’s fraud detection solutions jumped across key retail categories during the Black Friday sales event compared to pre-Black Friday fraudulent purchase attempts. The company’s Retail ID SaaS solutions halted an attempted 77% increase in fraudulent purchase attempts at specialty retailers, a 57% increase in fraudulent transaction attempts at tool and equipment retailers and a 22% increase in fraudulent purchase attempts at furniture retailers. businesswire.com

Checkpoint Systems Announces the Launch of First Inlays With The New Impinj M700 Chips

The new inlays will be 18% smaller, more sensitive, made from 70% recycled content and will set a new standard in the retail industry.

Checkpoint Systems – the world’s only vertically integrated RFID solution provider for retail - has announced the official launch of the first inlays with the new Impinj M700 tag chip family through its partnership with Impinj, a leading provider and pioneer of RAIN RFID solutions. The new chips – Impinj M730 and Impinj M750 – have the highest receive sensitivity (-24 dBm) of any RAIN tag IC, stronger reply signaling and improved AutoTune adaptive RF tuning to optimize performance across a range of materials and operating frequencies. Read more in the Vendor Spotlight column below
 

Calif. Justices Weigh Wages For Bag Checks In Apple Case
California Supreme Court justices are expressing concerns with forcing Apple to pay its store employees for the time they spend undergoing bag checks, with one justice saying workers regularly choose to bring personal bags to work and that it seems "odd" to require Apple to pay them for checking items.

During a hearing in Los Angeles on Wednesday, Justice Goodwin H. Liu said it seems "weird" to reason that allowing workers to bring personal bags benefits employers. But he said it would also be draconian for a company to ban personal bags outright.

The justice said bringing personal bags to work is ultimately "just a part of the ordinary baseline of how we live," but he seemed skeptical of concluding that the downstream consequences of that reality is that Apple should pay workers for bag checks.

Justice Liu questioned why it doesn't instead make sense for each side to absorb some of the costs of allowing employees to bring bags to work, with workers getting their bags checked without pay and employers bearing the costs of the managers who perform the checks.

"Apple has costs for paying managers and employees bear costs of submitting [to them]," he said. "Why isn't that fair?"

The justice's comments came during a hearing on whether state wage orders require Apple to pay a certified class of store employees for time spent checking their personal bags.

Apple retail workers initially filed suit in 2013, claiming the company's policy requiring them to clock out before undergoing two daily bag checks was illegal and led to about 90 minutes of unpaid work per week. U.S. District Judge William Alsup found in favor of Apple two years later, and the workers appealed to the Ninth Circuit. law360.com

Canada: Durham, Ontario:
Family of Boy Injured in Apple Store Theft Sues Company for $750K
The family of an Ajax boy, who they say was injured during an attempted theft at an Apple Store, is suing the company for $750,000 in damages for allegedly failing to provide proper security measures in a store the company knew or ought to have known would be targeted for acts of theft.

Apple “knew or should have known of the high level of thefts at the Apple store prior to this incident,” a lawsuit filed by Andrew McDermott and Millisa MacCormack says. They claim McDermott and the couple’s son Braeden, who was seven at the time of the 2017 incident, sustained physical and emotional injuries when Braeden was trampled by a man attempting to flee with a stolen laptop.

McDermott was injured when he struggled with the suspect, who was subsequently arrested and charged by Toronto police, the statement of claim says. durhamregion.com

Pablo Escobar's Brother Threatens To Sue Apple For $30 Billion
Roberto de Jesus Escobar Gaviria, the brother of ‘Narcos’ fame drug lord, Pablo Escobar recently launched a new foldable smartphone- the Escobar Fold 1. He is now threatening to sue smartphone giant Apple – he plans to file a class-action lawsuit against Apple for the most intriguing reason – selling overpriced phones to customers.

Escobar told Digital Trends Wednesday that he will file a $30 billion class-action lawsuit on Jan. 6, 2020 in California against Apple for accumulating illegal profits. He further stated that he had already spent $1 million on lawyers to file the lawsuit. He believes that Apple has no right to sell phones at thousands of dollars when he can sell a foldable phone for $349.

Roberto has a history of going after tech giants and is now going after Apple. He had stated in July that Elon Musk’s Tesla had stolen his design of a flamethrower and had threatened to sue Musk unless he gave up $100 million worth of Tesla shares. ibtimes.com

CVS Completes Rollout of Time Delay Safes to all North Carolina Pharmacies
CVS Pharmacy, the retail division of CVS Health (NYSE: CVS), announced today that it has completed the rollout of time delay safes in all of its 375 CVS Pharmacy locations in North Carolina, including pharmacies located in Target stores. The safes are anticipated to help prevent pharmacy robberies and the diversion of controlled substance narcotic medications by keeping them out of the hands of unauthorized individuals. In addition, the safes are anticipated to help CVS Pharmacy ensure the safety and well-being of its customers and employees.

CVS Pharmacy expects these time delay safes to help deter pharmacy robberies including those involving opioid medications such as oxycodone and hydrocodone by electronically delaying the time it takes for pharmacy employees to be able to open the safe. CVS Pharmacy first implemented time delay safes in Indianapolis, a city experiencing at the time a high volume of pharmacy robberies, in 2015. The company saw a 70 percent decline in pharmacy robberies among the Indianapolis stores where the time delay safes had been installed. cvshealth.com

NYC's new top cop Dermot Shea plans to take neighborhood policing to ‘next level’
Newly-appointed NYPD Commissioner Dermot Shea said Monday that policing is about more than public safety. “It’s about service. It’s about providing hope. It’s about protecting those who can’t protect themselves. And it’s about changing lives,” said Shea, who was sworn in as the city’s 44th police commissioner at department headquarters in Manhattan.

Repeating the sentiment of the NYPD in 2014 at the start of the neighborhood policing initiative, Shea said he believes the city can continue to drive down crime statistics with “far-less intrusive” policing. He cited data showing a reduction in street stops, criminal summonses, arrests and incarceration -- while the number of crimes has simultaneously dropped.

Under neighborhood policing, each precinct is divided into four or five sectors, patrolled by the same officers who work the same shifts each week, in an effort to familiarize themselves with residents to prevent crimes from occurring. silive.com

Elizabeth Warren introduces bill to protect part-time workers
during the holiday shopping season
Just as the holiday shopping season kicks into overdrive, presidential candidate Sen. Elizabeth Warren on Tuesday introduced a measure to protect part-time workers, which companies from Target to UPS hire to help handle extra work during the peak period for retailers.

The measure would require large employers to offer employees more hours before hiring new employees or subcontractors. It would also allow part-time workers to participate in an employers’ pension plan and be eligible for family and medical leave. cnbc.com

Ahold Delhaize's Cashierless 'NanoStore' heads to the airport
The portable store, engineered by technology company AiFi​, is open now through January at the airport's Jan Dallaert Square area. It was transported on a trailer from its original test location at Albert Heijn's headquarters, where it opened in September.

Shoppers have to use a debit card at the door to gain entry to the store. Then they can shop for products and just walk out. Upon exit, customers can verify their purchases against the receipt. No cash is accepted. grocerydive.com

Uber Eyes Retail Delivery
Uber CEO Dara Khosrowshahi said the ride-hailing company could potentially offer courier services for retail businesses in the future, according to a report by Reuters.

“We can extend that [food delivery] model to essentially every single local retailer, so that anything you want in New York City can be delivered to you, hopefully in under 30 minutes,” Khosrowshahi said. pymnts.com

The RealReal Building an LP Program With Staffing Shortage Control Manager
Reporting to Director of Loss Prevention in Brisbane, CA
Reporting to the Director of Loss Prevention, this role will be responsible for managing all aspects of the Shortage Control department. This is a newer department within the company that has tremendous growth potential. This role requires a strong analytical and excel reporting background and is responsible for generating daily, weekly, monthly, and quarterly reporting that is pushed to departments across the company. Directly manage a team of 3-4 Shortage Control analysts and coordinators.

The RealReal is a company with millions of shoppers and consignors, three retail stores in NYC & LA and 9 Luxury Consignment Offices across the country, three of which are in our stores.

This role will be based in The RealReal's eCommerce center located in Brisbane, CA and will report to the Director, Loss Prevention and Facilities. therealreal.com

Macy’s president Hal Lawton is stepping down to become CEO of Tractor Supply

Amazon adds 200K workers, expands fleet for first peak season with one-day shipping

The 230 cities that lost HQ2 ‘perhaps can create the next Amazon’

Target plans to open small store in NYC’s Times Square

Nearly 700,000 SNAP Recipients Could Lose Benefits Under New Trump Rule

‘Evil Corp’: Feds charge Russians in massive $100 million bank hacking scheme
Key ringleaders indicted - 17 individuals targeted - Decade-long operation

The U.S. Justice and Treasury departments took action Thursday against a Russian hacking group known as “Evil Corp.,” which stole “at least” $100 million from banks using malicious software that swiped banking credentials, according to a joint press release.

“Evil Corp.,” a name reminiscent of the nickname for the key malevolent corporation in the popular television drama “Mr. Robot,” is “run by a group of individuals based in Moscow, Russia, who have years of experience and well-developed, trusted relationships with each other,” according to a Treasury Department press release.

The criminal group used a type of malware known as “Dridex,” which worked to evade common anti-virus software and spread through emailed phishing campaigns. Once infected, the malware was able to steal login credentials and empty the accounts of bank employees and bank customers, forwarding the proceeds to offshore accounts held by Evil Corp., according to the press release.

The group also stole an estimated $70 million using a similar malware known as “Zeus.”

The federal agencies say Evil Corp.’s criminal proceeds likely are “significantly higher” than the estimated $100 million stolen, making the enterprise one of the biggest hacking groups ever, according to the release.

The Justice Department announced indictments against key ringleaders of the group, while the Treasury Department announced sanctions against Evil Corp. under the department’s Office of Foreign Assets Control (OFAC). cnbc.com

Retailers, prepare wisely: DDoS remains a holiday threat
Researcher Madeline Cyr interviewed Forrester security and risk analysts David Holmes and Joseph Blankenship to help retailers understand the threat of distributed denial of service (DDoS) attacks during the upcoming holiday retail season.

Q. Last year, DDoS attacks on eCommerce sites peaked during Black Friday weekend. Could a DDoS attack wipe out Black Friday/Cyber Monday online sales?

DDoS attacks happen against eCommerce digital properties every year, though it's usually impossible to predict who the exact victims will be. We've heard from DDoS service protection vendor Radware that the typical reasons for service outages involving retailers/eCommerce include:

● Self-inflected DoS: that is, simply not having the proper resources to deal with a burst of natural traffic
● DDoS: Criminal attack to prevent/restrict access under ransom denial of service (RDoS) threat
● DDoS: Criminal attack to impact sales
● DDoS: Criminal attack to divert shoppers to other sites during an outage
● DDoS: Hacktivist attack for political reasons that are direct or indirect
● Bots: Criminals trying to purchase an item and flood system resources in the process; prevents others from checking out

Q. What strategy and technology protections do retailers need to have in place now to thwart DDoS attacks?

The most important advice is that retailers should seek a DDoS protection agreement before an attack occurs and to work with the service to set up your clean traffic tunnels during business as usual. Trying to combat a DDoS attack with no protection in place is a stress-inducing nightmare that no IT team wants to contemplate during peak season. There's also the potential impact on sales if a site is unresponsive or slow during the critical buying season. And many DDoS protection providers charge a five-figure premium to put protections in place during an attack; configuring the protection is much more difficult when the retail services cannot be reached. zdnet.com

When Rogue Insiders Go to the Dark Web
Researchers who operate undercover in the Dark Web are noticing an increase in activity among rogue employees selling access and stolen data from their organizations - mainly financial and telecommunications companies - for profit.

Charity Wright, cyber threat intelligence analyst and researcher at IntSights, says the rogue employee, often working via underground brokers, is a growing phenomenon in the Dark Web. Researchers have observed sellers, especially in Russian language-speaking forums, openly discussing how they offer services where they steal and sell information from their employers.

The researchers spotted a pair of telecommunications employees selling text message logs and geolocation information from phone SIM cards, for example. "There's huge potential for damage if they use it to target VIPs or government employees," for instance, Wright notes. "These services are relatively cheap, and all you have to do is provide them a phone number and they can give you everything they have on it."

IntSights has been studying the rogue insider trend in the Dark Web for the past four years. In 2017, IntSights and RedOwl published a report, "Monetizing the Insider: The Growing Symbiosis of Insiders and the Dark Web," on their two-year study of Dark Web forums that recruit insiders. At the time, they noted a twofold increase in insider outreach and forum discussions between 2015 and 2016. darkreading.com

Analysis: Vendor Contract Changes Under CCPA
Getting the proper vendor contracts completed is a top concern for organizations preparing to comply with the California Consumer Privacy Act, says Caitlin Fennessy, research director at the International Association of Privacy Professionals (see: Analysis: Draft CCPA Regulations Fail to Clarify Ambiguities).

"Many of these companies had to put in place new data processing agreements to comply with GDPR [the EU's General Data Protection Regulation] ... and now they realize that they really need to do it again," Fennessy says in an interview with Information Security Media Group.

"The key component which is causing challenges with regards to CCPA is the notion and delineation between 'service providers' and 'third parties'," Fennessy says. govinfosecurity.com

Attackers Continue to Exploit Outlook Home Page Flaw

Microsoft Issues Advisory for Windows Hello for Business