Employee intellectual property (IP) theft has grown to be a major issue in a society going more and more technologically advanced. The dangers to private data have increased as more businesses choose digital collaboration and remote work. Employee misbehavior involving sensitive firm data—that is, insider threats—may cause significant financial and reputation harm. This article looks at sensible ways businesses may protect their intellectual property, stop internal threats, and react fast when needed. By means of practical illustrations and Lauth Investigations’ services, companies can better grasp how to safeguard their most valuable assets.

The Rise of Insider Threats

Though they are nothing new, the frequency of insider threats has risen as the workplace has changed. According to a Ponemon Institute analysis as of 2023 insiders account for around 60% of all data breaches. This alarming figure shows the extent of the risk businesses. Employee access to private company data increases the likelihood of misuse—intentional or inadvertent. Particularly remote work has grown the digital footprint and given additional chances for internal data leaks.

A Rising Concern in Remote Work

Companies have less control over the physical security of their workspaces if workers operate from home or another off-site venue. While remote work solutions include cloud storage, shared document files, and collaboration platforms boost employee comfort of work, they also enable simpler access, transfer, and occasionally inappropriate data access. In these situations, insider dangers are more elusive to find. Standard security protocols might not be enough. This change emphasizes the need for revised, aggressive plans to protect intellectual property.

Real-World Example: Tesla’s Insider Threat Case

Tesla made news in 2023 when a staff member allegedly stole confidential data on its Autopilot program. Allegatively trying to sell the company’s valuable data to a rival, the employee downloaded private files. Through its internal security monitoring systems, Tesla discovered the individual’s actions and set out an alert when massive data access and transfer without appropriate authorization occurred. This situation shows the rising danger of insider threats and the need of having robust digital monitoring measures in place.

Strategy 1: Establish Strong Access Controls

Tight access limitations are among the best strategies to safeguard intellectual property. This means making sure intellectual property and sensitive data are only accessed by authorised staff.

Limiting Access Based on Roles

Least privilege should be the guiding concept for design of access limitations. Employees should only be able to access the data they actually need to carry out their job obligations. A software engineer working on a particular module, for instance, shouldn’t have access to a product’s whole source code. Businesses can drastically lower the likelihood of internal data theft by cutting the number of persons having access to private information.

Implementing Multi-Factor Authentication

By guaranteeing that staff members access critical data only after passing through several security gates, multi-factor authentication (MFA) offers still another layer of protection. MFA allows one to prevent unwanted access even in cases of compromised login credentials for an employee. Companies can demand, for instance, a second authentication method—a phone-based code or biometric verification.

Regularly Reviewing Access Permissions

Access control cannot be fixed once-only. Regular audits help to guarantee that staff members still have access to the data they have been assigned. Review and alter access rights as responsibilities evolve or staff members go. Lauth Investigations provides services to audit internal security policies of a firm, therefore assisting to find any weaknesses in access restrictions and suggest fixes.

Strategy 2: Educate Employees on IP Security

Stopping insider risks depends mostly on employee training. Lack of knowledge causes many breaches when staff members unintentionally reveal intellectual property.

Conduct Regular Training and Awareness Programs

Businesses should set up continuous training courses to inform staff members on the dangers of intellectual property theft, phishing campaigns, and safe handling of private information. Employees should also be informed of the policies of the company on IP protection and the results of violating these policies. Frequent employee testing via fake scenarios or simulated phishing attempts can also support strong security practices.

Promote a Security-First Culture

Beyond instruction, businesses have to create a security-first culture whereby staff members personally commit themselves to protect private data. This entails pushing staff members to document possible weaknesses they come across or suspected behavior. Employees are more likely to follow security procedures and be alert when they realize that safeguarding intellectual property is a corporate top concern.

Example: The Microsoft Insider Theft Incident

Microsoft had a security hack in 2023 in which an employee—who had received training on safeguarding private data—was accused of copying proprietary software code to sell it to a third party. The staff ignored the security systems even though they were in existence. This situation emphasizes the need of combining an informed workforce with effective security technologies. Although Microsoft found the problem fast thanks to training, more strict use of security policies may have completely avoided the intrusion.

Strategy 3: Utilize Digital Monitoring and Analytics

Preventing insider threats mostly depends on proactive monitoring of employee behavior. Although this approach seems invasive, it is necessary to find and react to possible security breaches before they do major damage.

Monitoring Digital Footprints

Particularly when employees access, download, or share private company data, companies should use tools tracking staff members’ digital behavior. This can cover tracking email exchanges, cloud storage use, file transfers, and even actual USB drives. These digital monitoring technologies help companies identify odd activity, including viewing vast amounts of data outside of an employee’s purview.

Setting Up Alerts for Suspicious Activity

Automated alarms can be configured to inform IT teams anytime dubious activity takes place. For instance, the technology can instantly set off an alarm for inquiry should an employee access private files or download vast volumes of data outside of business hours. This fast reaction helps to stop data theft or compromise before it is too late.

Example: The Google Employee Data Theft Case

A Google employee was discovered in 2023 to have been accessing private product data unrelated to their line of employment. Google was able to stop the staff member from distributing the data to outside parties by flagging the unusual access through the company’s digital monitoring systems. This example shows the need of making investments in digital monitoring instruments to guarantee data protection.

Strategy 4: Conduct Background Checks and Vet Employees

A key chance for businesses to stop internal risks is the employment process. Reducing the danger of IP theft can be achieved by first making sure staff members are reliable before allowing access to private information.

Background Checks for New Hires

Before recruiting staff, especially for positions involving access to private data, extensive background checks are absolutely vital. This can cover verifying references, past employment histories, and criminal records. In high-risk situations, businesses could also wish to look closer at the prior behavior of an applicant.

Vetting Contractors and Temporary Staff

Before being granted access to private information, even contractors and temporary personnel should be thoroughly screened. Many businesses ignore this phase since they believe that only full-time staff members represent a hazard. But, especially if they have access to corporate networks or private data, contractors could potentially have the chance to pilfer or use intellectual property.

Lauth Investigations’ Role in Employee Vetting

Lauth Investigations offers services designed to assist businesses in screening possible employees or contractors and evaluating their dependability. Background checks, fraud investigations, and other ways of confirming the integrity of people with access to private business data constitute part of their offerings.

Conclusion

Businesses in the digital environment of today must first give protecting intellectual property from insider threats top importance. Companies have to be proactive in protecting their most important assets as remote work and growing dependence on digital technologies call for. Strong access limits, staff education, digital monitoring, and extensive background checks help companies reduce IP theft risk. Real-world situations such as the Microsoft and Tesla ones show how crucial strong security systems are. Professional investigative services, such those provided by Lauth Investigations, assist businesses to increase their defenses and guarantee that their intellectual property stays safe from insider threats.

The post How Companies Can Protect Intellectual Property from Insider Threats appeared first on Indiana Private Investigators | Lauth Investigations International, Inc..

1. Implement Strong Cybersecurity Measures

One of the most effective ways to protect your business from cyber threats is by setting up strong cybersecurity systems. Start with the basics—strong passwords, firewalls, and regular software updates. Many cybercriminals exploit weak passwords or outdated systems to access sensitive data. Make sure employees use passwords that are hard to guess and that your network is secured with a strong firewall to keep out unwanted traffic.

Regular software updates are also critical. Hackers often find vulnerabilities in outdated software, so make sure your systems are always up to date. Strong antivirus and anti-malware software should be in place as well, helping prevent cyber threats before they can cause damage.

At Lauth Investigations International, we provide cyber investigations to help businesses identify vulnerabilities in their systems. By conducting a thorough review of your security measures, we can help ensure that your business is protected against these growing threats.

2. Employee Education and Awareness

Many cyber-attacks happen because employees are not aware of the risks. Phishing attacks, where hackers trick employees into clicking on dangerous links or giving up personal information, are a common example. To combat this, employee training is key.

Every company should educate its staff on how to spot suspicious emails and links. Employees should know not to open unexpected attachments or click on unfamiliar links, especially from unknown senders. Regular training sessions will help keep employees alert and aware of the dangers.

Furthermore, your team should be trained on how to report suspicious activity. Early detection is crucial in stopping a cyber threat before it escalates. By making sure everyone understands the risks and knows how to respond, you can prevent many incidents before they cause damage.

Corporate investigations often reveal that employee error is a major factor in data breaches. At Lauth Investigations International, we offer workplace investigations to uncover security gaps and provide solutions to better protect your business.

3. Conduct Regular Audits and Investigations

Another important step in defending against cyber threats is conducting regular audits and corporate investigations. These audits can help identify weak points in your security and ensure that your business complies with industry regulations. A regular check-up can help spot issues before they lead to a major security breach.

In addition to audits, cyber investigations can also be used to assess your systems. These investigations focus on detecting suspicious activities, unusual patterns, or any signs of an attack that might have gone unnoticed. By investigating potential threats early on, you can stop an attack before it affects your business.

Lauth Investigations International specializes in both cyber investigations and corporate investigations, helping businesses strengthen their defenses against cyber threats. Whether it’s assessing your security systems or conducting a thorough investigation of any potential vulnerabilities, we can help you take proactive steps to safeguard your business.

No business is immune to cyber threats today in this interconnected world. Whether it’s a small company or a large corporation, taking steps to strengthen cybersecurity is essential. By implementing strong security measures, educating employees, and conducting regular audits and corporate investigations, businesses can protect themselves from data breaches and cyber-attacks.

Lauth Investigations International is here to help. Our experts in cyber investigations, corporate investigations, and workplace investigations can provide your business with the tools and strategies needed to stay ahead of cybercriminals. Don’t wait until it’s too late—protect your business today. For more information on how we can help you secure your operations, visit Lauth Investigations.

The post Three Ways to Protect Your Business from Cyber Threats appeared first on Indiana Private Investigators | Lauth Investigations International, Inc..

Understanding the Essence of Security Audits

It is possible to wake up in a workplace every day and complete the assigned duties without understanding the hidden dangers. Threats are around us in our workplaces, and due to the monotony of our duties, it is possible to overlook a danger that could result in potential losses in the future. Security audit is the systemic evaluation of the organization’s security posture, assessing the vulnerabilities, risks, and mitigation measures in place to prevent financial and asset losses. The main benefit of a security audit is to help an organization identify weaknesses and strengthen defense. However, the main advantage of the security audit is not how well it is applied, but how well the outcome is used to improve security. Having the right person to conduct a security audit matters a lot, and we propose Lauth as an appropriate partner to benefit from our wealth of expertise in the field of security audits.

Quantifying the Impact

Data is the most critical asset for any organization, and as technology continues to advance, so do the issues of data protection gaining traction. According to the Cost of a Data Breach Report 2021 by IBM Security, the global average cost of a data breach stands at $4.24 million. In the same vein, the same report highlighted that it takes about 287 days to identify and contains issues of data breach, which has financial and reputational repercussions. These numbers underscore the importance of beefing up security, and security audits emerge as a linchpin. As such, Lauth has established itself conducting corporate audits to examine the sustainability of your internal policies in regard to security.

Maximizing Value: A Strategic Approach

In order to benefit from the security audits and witness the needed outcome, organizations must adopt a strategic approach, as detailed below;

• Risk identification. Security audit should not be viewed as a compliance process. It has to be taken as an exercise of risk identification and mitigation and de-escalating issues before they become full-blown problems.
• Actionable insight. Identification of vulnerabilities is not enough. Human resource director should collaborate with the IT team to work on the findings of the security audit and come up with a comprehensive action plan.
• Investment in training and awareness. Human error is the leading cause of security breaches. Security audit is essential in identifying the gaps in security preparedness in the workplace, thus providing insight into the areas of training and development for the employees.
• Continuous improvement. Enhancement of security is an ongoing process. Security audits, therefore, are a checkpoint of areas that require improvement and continually update the systems to deal with emerging threats.

The Role of Human Resource Director

The human resource department is central to ensuring the safety and security of its workforce and the organization’s assets. As a rule of thumb, the human resource director should cultivate a culture of security, and this should be made possible by ensuring the workforce adheres to the security protocols. New hires should be involved in a program that trains them on the importance of ensuring their safety and that of the organization to mitigate the loss of finances and productive hours. In that light, a human resource director play a crucial role in security audits in the following ways:

• Collaborating with the IT team and other relevant departments to facilitate the completion of the security audit.
• Ensuring that the findings of the audits are translated into insights, which are later integrated into the organization’s policies.
• Bolsters employees’ knowledge of cybersecurity by engaging them in training programs.
• Allocating resources towards improving security and ensuring continuous improvement.

Conclusion

In an era plagued by cyber threats, the importance of security audits cannot be overstated. It has become a mandatory tool to assess the threats within an organization and mitigate the risks associated with it. Adopting a strategic approach and findings of the audits positions an organization on a pedestal of overriding the market dynamics and also ensures its assets and workforce are safe. Human resource directors remain the custodians of the organization’s integrity and, therefore, should champion the cause of security. Embracing the audit’s security builds trust among the stakeholders, paving the way for sustained success.

The post Maximizing the Value of Security Audits to Organizational Security appeared first on Indiana Private Investigators | Lauth Investigations International, Inc..

What would it be like if there was no way to make surveillance within the workplace? My guess is as good as yours. The cases of theft, fraud, forgery, violence, and threat, among others, dot the normal day-to-day operations of an organization. This article explores how technology can solve modern challenges, from cybersecurity to surveillance and beyond.

Battling the Invisible Threats

The advancement of technology has brought new forms of threats. Cybersecurity is the main challenge that most organizations are battling in our times. The data released by Cybersecurity Ventures indicated that cybercrime was estimated to cost the world about $6 trillion annually by 2021, an increase from $3 trillion in 2015. These numbers are scary because the growth rate shows the potential loss experienced by this vice. It also underscores the urgent need to invest in workable security infrastructure to protect organizations from vulnerabilities.

Fortunately, the emerging technologies have offered solutions to the problem. Introducing Artificial Intelligence and machine learning enables proactive threat detection and response. These technologies can analyze data and identify patterns that may indicate cyber-attacks. Regarding the importance of cyber-attacks, we acknowledge the need to beef up technology. Through Lauth’s services, we shall use the latest surveillance technology to expose unseen factors in your workplace.

Physical Security: From Locks and Keys to High-Tech Wonders

Let’s shift our focus from the digital to the physical world. Remember the days when all that was needed in your office was a sturdy lock and key? Allow me to inform you that those days are gone. Today, we have a whole arsenal of modern technology, which can provide more enhanced security for physical and digital assets, which are the backbones of your organization. Take video surveillance, for example; it is estimated that the global video surveillance market is expected to hit $144.85 billion by 2028. The idea here is not having surveillance everywhere, but smart eyes. Thanks to artificial intelligence and machine learning-every suspicious activity within the workplace can be flagged, and the security personnel can be informed in real time.

Privacy Concerns: Balancing Security and Civil Liberties

While we embrace and celebrate advanced technology, we should not hide our heads regarding privacy matters. As an HR director, you have the sole mandate of ensuring that the applied technology does not deny the employees their privacy, as it might attract litigation. The widespread of surveillance cameras, facial recognition, and data analytics tools have raised debates on how these technologies impact individual confidentiality. While the tools effectively ensure security, a proper balance must be achieved. With great power comes great responsibility, as they say.

The main question that comes to mind when we talk of surveillance is how comfortable are workers when they know someone in the office is watching them. According to a study by the Pew Research Center, about 79% of Americans are concerned about their data being collected by companies and the government. The safety of data and how it’s managed after that is what concerns them. If the same issue faces your company, we propose you engage Lauth, an intelligence company with well-qualified professionals in different fields. We guarantee that the employees’ intelligence data is well managed, and we shall provide guidelines on strategies to adopt to increase safety while maintaining data integrity.

As we strive to harness the potential of new technologies, it is paramount to strike a balance between security imperatives and respect for privacy. Robust legal frameworks and monitoring must be adhered to ensure that security measures deployed are transparent and do not impede the liberties of workers.

Conclusion

The future of technology is now, and it is looking brighter than ever. With the capabilities of technology, we can solve daunting and challenging security issues, from cybersecurity to physical threats and beyond. Remember, it is not about the available technology but how you use it. Lauth defines this phrase very well, and our expertise and use of technology will assist you gather workplace intelligence to enhance security. So, let’s leverage technology to secure the future, one byte at a time.

The post Leveraging Technology for Enhanced Security: Solutions for Modern Challenges appeared first on Indiana Private Investigators | Lauth Investigations International, Inc..

Cyber criminals are evolving at an alarming rate. Cyber-security product developers are on an infinite loop with felons, each trying to out fox the other with regards to data breaches. Security is absolutely necessary for brick and mortar establishments due to a myriad of reasons, but in 2019, the name of the game is cyber-security. Not only are data breaches an efficient way to steal trade secrets and financial information from businesses, but they can also be done remotely. A proficient hacker or scammer can access a company’s vital company information from halfway across the world, and from that same location, can devastate the company. Within minutes, they can access financial information, trade secrets, distribution and delivery schedules, and private customer information. To prevent this from happening to your business, here are 5 cyber security measures every business should have:

Iron-clad Passwords

This is Internet 101. Since the birth of the World Wide Web, we’ve been educating adults and children alike on the importance of having a strong password to access online accounts. Whether it’s a company’s financial information, or a Grubhub app on an executive’s phone, thieves can crack weak passwords to gain access. As such, it’s important passwords never contain personal information about an individual, especially if that information is visible on social media. Parents often include the name of their kids in their passwords, using their dates of birth for any numerical value requirement. Teens and young adults use the name of their favorite animal, sport, or music artist. Another common tactic is using common words that are easy to remember, and then spelling them backwards for a false sense of security. Experts at the National Cyber Security Alliance also do not recommend using sequences of characters that are near each other on the keyboard, such as “QWERTY,” the first six characters of the keyboard. The current recommended length for strong passwords is between 8-12 characters. If you’re unsure whether or not you password is secure, use an online password checker to verify the passwords level of  cyber security.

Fortified Firewalls

Firewalls have been around almost as long as passwords. Firewalls are shields that protect your business from harmful or insidious traffic. When you connect to the internet, the system is constantly communicating with the wireless network, both sending and receiving units of information known as packets. Firewalls monitor these packets and perform a risk assessment, blocking unsafe packets. These firewalls protect your company’s data from unauthorized remote access by criminals.

Antivirus Protection

Roland Cloutier, the Chief Security Officer for ADP, calls antivirus software “the last line of defense” when protecting your company’s data from hackers and other cyber-criminals. Not only can remote criminals access and view a company’s vital information, but they can also install vicious malware that will copy the target’s hard drive, and subsequently render the machine inoperable. Installing anti-virus and anti-malware programs aren’t enough, though. These programs need to be updated regularly as part of the infinite loop mentioned earlier. Every time a criminal finds a way to bypass an anti-malware product, the product requires changes to combat those breaches.

Laptops and Mobile Phones

It’s important to secure laptop computers and mobile smartphones associated with your business. For this, experts recommend encryption software so any remote felon attempting to access or copy the hard drive cannot do so without the proper password. They also stress the importance of never leaving these devices in ones vehicle, where they are easily accessible to thieves. “Lock-out” options are also standard for these devices in 2019. This setting allows you to establish a time period during which the phone lies idle. After that period expires, the phone locks itself, preventing anyone from accessing it without the password. Smartphones and laptops with remote-wipe features must be enabled. This way, if your device falls into the wrong hands, you can remotely wipe the device and prevent the leak of sensitive company information.

Employee Education

Last, but never least, it’s important your workforce is educated on the security measures in place and regularly enforces them on a day-to-day basis. Companies often neglect employee education under the false impression their IT team will be able to resolve all issues whenever they arise. The fact is, even IT professionals cannot anticipate every cyber threat, and may not be up-to-date on the very latest in cyber-criminal tactics. An ounce of this education is worth a pound of cure—Despite the level of technology literacy in the United States in 2019, an employer or business owner cannot assume an employee’s level of security knowledge. The prevention starts with employees, providing them with an intimate knowledge of company operations and how cyber security measures protect them. 

Regardless of your company’s industry or size, all businesses must update and maintain their cyber security. An ounce of prevention is worth a pound of cure when criminals can bypass cyber security, and devastate a company in minutes.

The post 5 Cyber Security Measures Every Business Needs appeared first on Indiana Private Investigators | Lauth Investigations International, Inc..

The Internal Revenue Service has reported an upswing in various types of fraud that directly target a company’s payroll. While the ruses come in many forms, one of the most popular is phishing emails disguised as legitimate correspondence from an employee or upper management. It’s always an instruction to alter payroll information so that funds would be rerouted to the scammer’s bank account. Once the deed is done, the money is withdrawn and the company is responsible to replace the missing funds. While the FTC and the IRS are constantly reevaluating their strategies for containing these types of fraud, this particular scheme is hard to detect and often goes unreported. The email can outsmart security measures set down by the company or within a company’s email server, and scammers take amounts that can just be written off as unfortunate missteps on behalf of personnel.

Frauds such as these have gone through an evolution as security technology becomes more sophisticated and what we know about internet culture continues to grow. Internet frauds used to be about volume and inattention to detail—thus the birth of phishers, who sent emails rife with spelling and grammar mistakes out to mile-long email lists, casting a wide net throughout the web. Education about fraud has forced scammers to be more cautious. Today, companies who have seen this scam in its newest form remark that these phishing emails look so authentic that there may not be a question in their mind before obliging their request. Security measures that have risen from the nucleus of electronic banking combat wire fraud every day in the United States. Large sums in wire transfers now throw up giant red flags. Phishers and scammers are getting more bang for their buck by taking smaller amounts with more frequency, lurking below the radar. This does not require sophisticated hacking skills. Just the ability to open a Gmail account. Phishers make the account look cosmetically convincing, then throw out the lure. One of the most targeted entities is non-profit organizations, because of the benevolent nature of their business. The idea of someone ripping off a charity or relief organization is horrifying, but the simplicity of scams like this make the opportunity too lucrative to pass up.

It’s frightening how simple the fraud is to pull off, but there is recourse for businesses who are vulnerable to such a scam. One of the non-profits who fell prey to this scam was KVC Health Systems, an agency for child welfare in Kansas City. Their IT director, Erik Nyberg, says it starts with comprehensive education on company procedures, “The CEO is never going to email you out of the blue and ask you for any deposit changes. And if you have any sliver of a doubt, call the person who is making the request.” He goes on to discourage executives and upper management employees from using their personal email accounts to send staff correspondence, and to set email filters that will catch suspicious incoming messages. Social media managers are also cautioned against posting any company information to their pages that could serve to bolster a phisher’s credibility.

If your business has been the target of this wire fraud scam, you are encouraged to report them to the Federal Bureau of Investigation’s IC3 tip line.

The post Phishers Want Your Direct-Deposit appeared first on Indiana Private Investigators | Lauth Investigations International, Inc..

Mortgage Fraud

According to the Federal Bureau of Investigation’s Financial Fraud Unit, mortgage fraud exploits a consumer’s fear of losing their home to make a quick buck. Mortgage fraud schemes come in many forms, including but not limited to equity skimming, loan modifications, and foreclosure rescue schemes. The perpetrators behind these schemes are often former real estate professionals who use their intimate knowledge of mortgages to swindle homeowners in distress. Real estate agents who are currently employed can exploit their authority to bolster the validity of their scheme. The FBI and FTC advise that consumers should be wary of any unsolicited phone calls, emails, regarding their home finances, and never sign any paperwork or documentation that they do not fully comprehend.

Debit Card Fraud

Debit card fraud occurs when an individual’s debit card information is obtained to make fraudulent purchases. Debit card fraud is one of the most difficult schemes to avoid in day-to-day life, because so many Americans have gradually transitioned from carrying cash to carrying only their debit card as means of legal tender. Anyone with access to the debit card’s information—including the businesses and vendors we trust every day—can pull this information to commit a fraud. Unfortunately, the only recourse consumers have in protecting themselves is to avoid letting their card ever leave their sight, and to keep a watchful eye on their accounts and report any suspicious activity.

Charity Fraud

Perhaps one of the most despicable types of consumer fraud is charity fraud. Scammers set up shell organizations to receive donations that do not go to those in need, but rather line the scammer’s pockets. Frauds of these type spike significantly during the holidays and in the wake of natural disasters in order to exploit humankind’s benevolence. The name of the game with charities is research. Any charity worth its salt is going to stand up to a great deal of due-diligence and fact-finding. Part of being a responsible consumer is knowing where your money is going.

Lottery Fraud

Winning the lottery is a dream of many Americans, with fantasies of kicking back and never having to put in another hard day’s work for the rest of their lives. Despite the wide range of demographics with these dreams, lottery fraud scams usually effect senior citizens in the United States. The scam usually begins with a letter or email letting the individual know they have won. The correspondence usually includes details about fees that are involved with receiving their winnings. The FTC warns that individuals who have won a legitimate lottery prize of any kind should never have to pay a fee to collect their winnings, and consumers should be suspect of any unsolicited correspondence stating as such. Consumers should also be advised that United States law does not support the sale and transference of international lottery tickets, so any correspondence from international lotteries is most certainly a scam.

Identity Fraud

Studies by Javelin Strategy & Research conducted over the last seven years indicate that in 2017, there were as many as 16.7 million Americans impacted by identity fraud, with $16.8 million in stolen funds and assets. Identity theft can be committed for a number of reasons. Perpetrators can steal an individual’s information with the purpose of starting over again under a different name, or to escape their creditors. Most commonly, however, identity fraud is simply committed with the explicit purpose of stealing money from American consumers. Once a scammer has an individual’s identifying information, like dates of birth, Social Security numbers, and their mother’s maiden name, they can use that data to make fraudulent purchases in the victim’s name, withdraw funds from their bank accounts, and destroy their credit, leaving them financially arrested. The aftermath of identity fraud is devastating and can cause shockwaves across decades with exponential consequences.

If you have been the victim of a consumer fraud scam, contact a private investigator today to learn how their unique set of skills and professional autonomy can help you locate the scammer in your midst. Call Lauth Investigations International today for a free consultation (317-951-1100) and a simple solution to your consumer crisis.

Carie McMichael is the Media and Communications Specialist for Lauth Investigations International. She regularly writes on investigation, fraud, and missing persons topics. For more information, please visit our website.

The post Top 5 Most Common Frauds in 2019 appeared first on Indiana Private Investigators | Lauth Investigations International, Inc..

Smartphones have become such an integral part of our everyday lives that many users joke their devices have become grafted to their hands. We use them to maintain contact in our work and personal lives, correspond through email and social media, and a bulk of Americans have made the transition to conducting their banking through the use of mobile applications. As developers continue their bottomless pursuit to create an app for everything, more and more of our real, flesh-and-blood lives are being stored on our phones: personal details, account numbers, passwords, and other sensitive information that could be misused if it fell into the wrong hands. That’s why smartphone users have to educate themselves on the specifics of a scam called “SIM card swapping.”

What is SMS?

For many telephone, internet, and smart device developers, SMS (short message service) text messaging is the cornerstone of their services. As of 2010, it was the most utilized service provided by communication companies with 3.5 billion users. It became a vital tool in direct marketing campaigns and remains one of the most popular forms of communication in younger users. Because of the ubiquity of smartphones, many companies that require a two-step authentication process for their users’ security implement SMS as a secure means of accessing information. For example, you attempt to log in to your bank account, correctly entering your username and secure password. It’s not uncommon for banking apps to prompt a second form of verification, so the app tells you it will now be sending a four-digit verification code to your phone that you must enter on the app to confirm that you are who you say you are. The code is sent to your phone via SMS. Once this information is transmitted over SMS, users are often derelict in deleting that information from their devices. This is where users are vulnerable to the scam.

How SIM swap scams work

Smartphone users who have lost their phone or who have been the victim of a theft often have the ability to call their mobile provider and provide their secure information in order to have the provider remotely wipe the SIM card and have that information transferred to another phone. Thieves in search of secure information will use tools like phishing mail campaigns, posing as legitimate companies like insurance and credit card companies to get the victim to willingly hand over identifying information such as date of birth, address, and phone number. Once they have enough identifying information, they will call the victim’s mobile provider and pose as a customer. They claim they’ve lost their phone or their phone was stolen from them. Then, using the victim’s identifying information, they will request that the mobile provider remotely wipe their old SIM card and rewrite it to the SIM card in their new device. Just like that, the thief has any and all information that has ever been transmitted via SMS text. This leaves accounts, email inboxes, and secure information vulnerable to fraud. “A high proportion of banking customers now have mobile phone numbers linked with their accounts,” fraud prevention consultant, Emma Mohan-Satta, told Digital Trends, “and so this attack is becoming common in some regions where this attack was not previously so common. Unlike mobile malware, SIM fraud attacks are usually aimed at profitable victims who have been specifically targeted through successful social engineering.”

Who is vulnerable?

Anyone who uses their smartphone as part of a two-step authentication is vulnerable to a SIM card swap scam. Once the thief has their hands on your personal information, they can devastate you in minutes by performing bank transfers, rerouting mail, and making purchases in your name. If the SIM card contained any compromising information, such as lewd photos or inappropriate communication with another person, the perpetrators can use that information to blackmail a victim into paying a tidy sum in exchange for the return of the compromising data. A victim named Tina told Motherboard, “This just happened to me over the weekend. I lost service late Saturday night and assumed it was an issue with my always buggy iPhone. Then on Sunday morning my husband got a text from T-Mobile saying that a line on our phone plan had been cancelled (mine) and i soon discovered that $1200 had wired out of my bank account to someone in [redacted] with my same last name.”

While the cost to a single individual can be devastating, a sophisticated thief can do even more to topple a business like a house of cards. It’s common practice for some types of employers to issue their employees a company cell phone to facilitate business, and in this day and age, that almost certainly means a smart phone. Correspondence between coworkers, appointments, account numbers, and sensitive company information can be exposed and exploited for gain. Companies that carry high financial sums in their accounts can be ruined before they even realize there’s a problem.

How to protect yourself

Dependence on smart phones to facilitate two-step authentication plagues many users throughout the country who enjoy the convenience of verifying their identity through SMS. Luckily, tech sites like Motherboard recommend a few ways you can protect your identity and your monies.

Beef up account security

Many major cell phone service providers are developing new methods of two-step authentication in light of the rise of SIM card swap scams. Many offer their customers the option to set up a secure PIN for their account, completely separate from the login information used to access their account. The PIN is used as a primary verification feature specifically for when customers call into the support center for SIM card-related issues. Previously, many providers opted for a security question for this type of authentication, but the answers to these security questions can often be found on a victim’s social media, such as, “Which high school did you attend?” This way, the PIN is never transmitted through SMS text messaging, and no personal information from a social media profile can be used against them.

Don’t link your number to your online accounts

Once a thief has access to your account, they can easily reset your password and other authentication methods, making it very difficult to quash the problem. Instead of linking your mobile cell phone to your accounts, you can choose a different sort of number, such as a Google Voice number.

Many individuals and companies bypass security measures for a number of reasons, such as lack of time, interest, or the mere belief that they could never be the victim of a SIM card swapping scam. The reality is that it can happen to anyone, and there’s no shortage of victims for scammers. Users who practice their due-diligence can build a security to block them out. When the scammer hits this wall, they simply move on to the next target. Educate yourself and ensure that target isn’t you.

Carie McMichael is the Communication and Media Specialist for Lauth Investigations International. For more information on investigation topics, missing persons, and corporate solutions, please visit our website.

The post SIM Card Swapping Scams Leave Businesses Vulnerable appeared first on Indiana Private Investigators | Lauth Investigations International, Inc..

If you follow internet culture, you’re likely aware of a television program called Catfish: The TV Show. The series is a continuation of creator Nev Schulman’s 2010 documentary simply called Catfish. The film followed Schulman’s journey through his own romance scam, in which he met a woman online named Megan through the internet. Megan claimed to be many things: a singer, songwriter, recording artist, photographer, rancher, and part of an equally-talented family. Through their online communications, Megan led Schulman to believe that her life was very picturesque, but tragically, she has cancer. After several attempts to finally meet Megan fall apart, Schulman and his production team make the trip to finally meet her and begin to realize along the way she may not be truthful about her identity. At the end of the film, Schulman and his team realize that there was never really a Megan. “Megan” was actually a middle-aged woman, Angela, who used the internet as a way of connecting with others in her insular life. The online identity of “Megan” was not entirely fiction—Angela did have a daughter named Megan, who was a photographer, and she used that piece of personal information to craft a persona that endeared her to men and garnered their attention on the internet.

Schulman’s story is unfortunately a common thread in today’s dating world. In 2011, a year or so after the documentary first premiered, studies showed that males between the ages of 40-49 and females between the ages of 50-59, made up the largest age groups effected by romance scams or “catfishing,” 28% and 35% respectively. In most confidence tricks, frauds, or scams, the goal is simply to rob an individual of their finances for personal gain. Catfish scams are particularly ugly, because it’s not just about money. A catfish’s target is often a trusting person, a benevolent person who might experience low self-esteem, and is often isolated from others for a myriad of reasons. That person makes a real emotional investment in the catfish with the intention and belief that they will spend the rest of their lives with that person when they finally meet.

“Catfish” is an appropriate name for this particular type of scammer, according to Special Agent Christine Beining, a seasoned financial fraud agent in the Federal Bureau of Investigation’s Houston Division. Even as recently as 2017, she says, romance scams were on the rise. According to the FBI’s website, in 2016, almost 15,000 complaints which fell under the umbrella of romance or confidence frauds were reported, which is 2,500 more than 2015. Beining characterizes a catfish in search of their next victim as throwing a fishing line, “The internet makes this type of crime easy because you can pretend to be anybody you want to be. You can be anywhere in the world and victimize people. The perpetrators will reach out to a lot of people on various networking sites to find somebody who may be a good target. Then they use what the victims have on their profile pages and try to work those relationships and see which ones develop.” She offers the example of a Texas woman who ended up sending a cumulative $2 million to a man she met over the internet who “said all the right things.” This catfish targeted the woman’s strong Christian faith, and capitalized on it to pull her into his web of deception. When scammers are using social media maliciously, how are we supposed to protect ourselves in a digital age?

One of the country’s best fraud watchdogs, the Better Business Bureau, conducted a study last year on the current climate of catfishing and other forms of romance scams. While there are some discrepancies among experts as to what defines a romance scam, four consistent stages of a scam emerge:

Contacting the victims

Like Christine Beining said, scammers use the internet as a fishing line, and create dozens of fake profiles online with stolen pictures and manufactured personas in the hopes of netting a handful of victims. They hope to form an instant connection with that person, usually though an alleged common interest based on information mined from the victim’s page or profile. A potential victim loves to ski? Suddenly that catfish also loves to ski, even if they’ve never been. After a short period of time, the catfish will often encourage the victim to move the conversation somewhere else, like texting or another instant-messaging platform. This way, if their profiles are flagged by the social media platform as a scam, they will still be able to contact victims already in the net.

Grooming behavior

Like any predator, catfish depend on grooming behavior to make the victim emotionally dependent on them. They learn about the victim’s life—their hopes, their dreams, their traumas, their family drama. This stage varies in length, but it can often go on for months as catfish attempt to build an impenetrable wall of trust around themselves and the victim. Endearing themselves so allows them to have credibility in the victim’s eyes when those around them might arch an eyebrow. In a further effort to telegraph their integrity, scammers might also send gifts to their victim as one of the hallmarks of a “real relationship.” This is the stage where scammers begin to test the limits of the victim. They ask for small favors, such as small cash amounts to buy groceries or pay the phone bill so their communication may continue. It’s also the stage where catfish begin to further isolate their victims from their friends and family so the fraud can continue unhindered.

The sting

This is where the predator’s bites out of a victim’s income become exponentially larger. In any romance scam, one of the most common plot points in the catfish’s narrative is an “emergency,” likely with themselves or a close member of their family for which they need a cash sum. It can be anything from hospital bills to a plane ticket. If the victim is always willing to send money, there’s no way to predict when the fraud will conclude. This is also where victims can find themselves in real danger. Victims who are not simply bilked out of their savings can easily get mixed up in things such as money laundering or larger scale frauds as an oblivious participant. In the most severe cases, victims get on a plane to meet the catfish and meet a violent fate at the hands of a person they thought was their sweetheart.

The fraud continues

Exposing a catfish does not mean the nightmare is over. There has been an increase in brazen catfish continuing the fraud after being unmasked, this time disguised as a good Samaritan who just wants to help the victim get their money back. They can take the form of a law enforcement officer or a private investigator. The original persona might also reach back out sheepishly—admitting that they had been caught, but what originally began as a con to get their money has now become true love. It’s not uncommon for victims to allow the fraud to continue, having acknowledged the catfish’s honesty.

If you’ve been the victim of a catfish or romance scam, contact a private investigator today to learn how they can help you expose the culprit. A private investigator’s skill set and lack of any bureaucratic ladder will allow the case to move swiftly and efficiently, as time can be of the essence when chasing a scammer, who can quickly pack up their tent and move on to another social media platform before law enforcement pins them down. Private investigators also have no jurisdictional restrictions within their cases, which is particularly crucial to exposing scammers who are operating outside of the United States. They can also empower you with crucial knowledge to prevent the cycle of fraud from continuing. While it may sound callous to some, the best rule of thumb is to never send money to an individual you have never met in real life. After all, the internet is not a substitution for face-to-face interactions. If you’ve connected with someone over the internet, and the chemistry is there, a genuine person will not have the resistance and excuses that catfish often do when the jig is up.

Carie McMichael is the Media and Communication Specialist for Lauth Investigations International. For more information, please visit our website. 

The post Catfish: Romance Scams in 2019 appeared first on Indiana Private Investigators | Lauth Investigations International, Inc..

Advances in technology are constantly changing the dialogue about how we protect our children from potential predators. Over the last decade, parents have had to reform their strategy when it comes to protecting their child in the real world. Before, parents cautioned their kids on stranger danger, special code words, and remaining aware of their surroundings in public. In a new era of unfettered internet access through multiple smart devices, parents had to contend with the real world being brought into their homes, with predators targeting their children through social media. Now, it appears parents will yet again have to add some new pages to the playbook when it comes to protecting their children from predators on video game platforms with integrated social networking.

Parents with children between the ages of 12-25 will likely be familiar with the online first-person shooter video game known as Fortnite. In the game, 100 players at a time compete to be the last one standing in a battle-royale style of combat. The game features a chat feature allowing players to communicate in team efforts and other uses. It has great potential to foster team building and cooperation between young people, but also has a dark side recently illuminated by an arrest made in Florida in late January.

Authorities arrested 41-year-old, Anthony Thomas, a man who allegedly used Fortnite’s instant-messaging feature to groom over 20 minors, including a 17-year-old, with whom law enforcement allege he had a sexual relationship. The Florida Attorney General’s Office also stated Thomas has been charged with 22 counts of possession of child pornography, and other charges related to his unlawful sexual relationship with the minor. Investigators uncovered he groomed the minors by sending them gifts—including a cell phone so their communication could remain more private.  Ashley Moody, Attorney General, remarked about the predation perpetrated, “This case is disturbing, not only because it involves child pornography, but also because a popular online game was used to communicate with the victim.”

Grooming is defined as “a process by which a child predator gains the trust of a victim by building a relationship with the child and then breaking down his or her defenses.” Once a predator has earned their trust, they begin exploitation. Minors who are groomed in the gaming community are particularly vulnerable because the predator may literally be on their team. Cooperative play between players fosters a healthy, “there’s no ‘I’ in TEAM,” mentality, but predators use this relationship to manipulate the minor.

One of a predator’s greatest weapons when grooming a minor online is pop culture. The predator—perhaps unlike the minor’s parents—shows their target they’re “hip and cool”, and are able to converse at their level about something they enjoy. This causes the minor to lower their guard, and the predator begins their manipulation game, culminating in the exploitation of said  minor. Online gaming is becoming so ubiquitous predators have developed a way to sense when a minor’s gaming is suddenly being supervised. The moment a minor’s behavior changes—they stop responding to messages, or do so uncharacteristically—the predator can pick up on that and cease all communication before they’re caught.

Unfortunately, even if a parent is supervising the communication between their minor child and other players online, it doesn’t mean they cannot be groomed. In the grooming process, between the introduction and the beginning of the exploitation, predators often suggest moving their communications to a third-party app, like What’sApp or Snapchat. These are apps where communications disappear with ease, and a parent performing their due-diligence in supervising their child’s internet safety may not notice, or even know how to access. TeenSafe says it’s critical parents learn to recognize the signs of grooming in their minor child.

Signs of Grooming

• Your child wants to spend more time online or playing games on a console, but won’t tell you why.
• Your child does not want to discuss what he or she does online, or what websites he or she visits.
• You notice your child is using inappropriate language he or she would not have heard within your home or at school.
• When you walk in a room, your child quickly changes the computer screen, mutes the volume on their gaming console, or turns it off all together.

Fortnite and other games with similar messaging platforms have been on law enforcement’s radar for the last few years as the instances of these cases continues to grow. In August of 2018, Titania Jordan, a digital safety expert, appeared on The Doctors to provide parents with helpful tips—not just for supervising their children’s gaming—but also for establishing boundaries that can nip grooming in the bud.

• Do not allow minors to have computers, game consoles, or tablets in their room without supervision. Keeping these devices in common areas will increase visibility and deter predators from targeting them.
• Instruct your child to never reveal any personal information about themselves to people they’ve met online, especially very specific information, such as where they live or where they go to school.
• Create a culture of openness in your home where children feel comfortable coming to you if they feel uncomfortable about an interaction they’ve had online.

People of all ages play video games, but the vast majority of players are either minors or young adults, and parents often find themselves overwhelmed with the strange new world of online gaming. Titania Jordan reminded parents knowledge is power, recommending they verse themselves in the games their children play. This can only heighten your ability to detect when something is off. This means doing research online, and actively listening when your children describe normal gameplay behavior.

Having an internet connection in your home may feel like you’re inviting predators into your home. And true, there’s no time to supervise every single activity your child does online. This is why it’s so important to nurture an open line of communication between parent and child. Not only will parents be able to sense when something is amiss in their child’s online interactions, but a strong bond between parent and child makes it less likely that an online predator will be able to isolate the child emotionally and manipulate them for the purposes of exploitation.

The post Predators Use Online Gaming to Groom Minors appeared first on Indiana Private Investigators | Lauth Investigations International, Inc..