Archive for the ‘Investigations’ Category

FocusPoint CEO quoted in Vice article discussing concert security in wake of Vegas

October 3rd, 2017 Comments off

By:  Francisco Alvarado

Originally published here

When Stephen Paddock turned the Route 91 Harvest Festival in Las Vegas into the deadliest shooting in modern US history on Sunday, killing at least 59 people and injuring 527 others, it wasn’t the first time in recent memory that a live-music event served as a soft target for mass bloodshed.

In June, a suicide bomber killed 22 people and wounded 59 more at an Ariana Grande concert in the UK, the blast driving dozens of panic-stricken attendees to jump railings as they made their escape. And perhaps most notoriously, in late 2015, an Islamic State–affiliated terrorist cell carried out coordinated attacks in Paris that claimed nearly 100 lives at an Eagles of Death Metal show in the city’s Bataclan theater, where some concertgoers found themselves trapped inside the venue. (Dozens more civilians were killed in other attacks around the city.)

If they were ever a relative safe haven for (mostly young) people to enjoy their favorite artists up close, live-music shows must now be understood as easy targets for mass murderers of any ideology, a new normal that could result in drastic public-safety measures at future concerts and festivals, according to security experts specializing in large-scale events.

“The top threats we have today didn’t exist three years ago,” Jason Porter, eastern region vice president for global private security firm Pinkerton, said. “These heinous acts are something that have to be at the forefront of every major event planner’s mind.”

While it is virtually impossible to plan for an individual with an arsenal of firearms raining down storms of bullets on 22,000 concertgoers, event organizers and security firms they hire will have to dedicate new resources to planning for surprise attacks. That could lead to live showrunners implementing new pre-event surveillance sweeps, hiring bevies of new off-duty undercover police officers, and possibly taking over entire hotel floors.

“Venue locations will be more scrutinized, as well as taking additional steps to secure hotel rooms that face the venue to prevent something like this from happening again,” Porter said. “Although when you are talking about a massive hotel like Mandalay Bay, it could be hundreds of rooms. The cost would be enormous.”

Advances in police technology could also provide event organizers and concert security teams with tools to respond quicker to an active-shooter situation, according to Greg Pearson, CEO of global risk consulting firm FocusPoint International. He suggested promoters should consider holding events in cities where police departments have deployed gunfire detection systems like Shotspotter, even as some experts question the effectiveness of those programs.

If nothing else, these systems do seem capable of helping first responders locate a shooter’s position faster than calls to 911. “They would know where the bullets are coming from, the type of rounds being used, how many weapons are being fired, and if there is more than one shooter,” Pearson said. “In Vegas, the SWAT team came in a tactical formation, but they had no clue what they were walking into.”

The smoke from Paddock’s weapons setting off his hotel room alarm is reportedly what police used to hone in on his location, and as is often the case during mass-shooting events, initial accounts erroneously suggested there might be more than one shooter. Investigators found 23 firearms in Paddock’s Mandalay Bay hotel suite on the 32nd floor, where he carried out his attack. An additional 19 firearms were discovered in his home.

It’s already common for music festivals to design their own apps to help people enjoy the shows, but promoters will now be under new pressure to be ready to deliver emergency messages and alerts to patrons, according to Pearson. “If there is an active shooter, you can notify everyone about shots being fired from this general vicinity and guide them toward exit points,” he told me.

Perhaps most important, promoters and venue operators will likely take new steps to train employees about how to get people out of catastrophic incident. “When an emotionally charged event like a mass shooting takes place, most people will run back to the area where they came in,” Pearson said. “The problem is that everyone is heading in the same direction. That artery gets choked of and people get caught in a death funnel.”

Steve Adelman, vice president of the Event Safety Alliance, said the Scottsdale, Arizona–based nonprofit organization conducts active-shooter response training for concert security personnel from around the country. “We are training you to recognize what gunfire sounds like in a noisy concert or sports venue,” Adelman said. “We are going to teach you how to fight through the paralysis most people suffer so you can be a shepherd that leads people to safety.”

The alliance is also training concert security workers and event operations managers what to do when an individual drives a vehicle into a crowd or when a bomb is detonated inside or near the venue. “We are teaching people how to get crowds to safety quickly,” Adelman said. “Hopefully in a direction of shelter and away from the bad guy.”

Even so, Adelman doesn’t believe Paddock’s homicidal rampage should—or will—prevent promoters from putting together large shows in concentrated urban areas. “Is the lesson here that we don’t hold open air festivals next door to anything anymore?” he said. “I doubt it. This incident shouldn’t change the way people feel about going to shows.”

Videotaping People Without Them Knowing

June 19th, 2017 Comments off


It is usually assumed that those who work in advertising or marketing have to be creative; however, I believe there is a need for creativity in any department. I would equate problem solving as being creative.

As I left the building last night, I saw a project that one of our staff members from the investigations department was working on. Wood, concrete, spray paint and some other materials were being constructed into a contraption to hide a camera to capture video surveillance of a subject for an insurance compensation fraud case for one of our clients. Hidden camera surveillance provides successful results like this one for Aviva.

Over the years, I have seen covert cameras installed into all sorts of everyday objects such as briefcases, sunglasses, pens, and clocks. However, this was the first elaborate build I had seen.

Shaun from our investigations department was not only exuding creativity but clear dedication as well. Kudos to Shaun and the rest of our investigations department for their tireless efforts fighting fraud.

Keep Still, and They Will Not See You

December 14th, 2016 Comments off


One of the latest viral trends is the ‘mannequin challenge’, and there have been some very creative ones. Even professional sports teams, celebrities and a group of guests at the White House got in on the fad.

Sometimes people will go to great lengths to get views.

When corporations conduct social media investigations on existing or potential employees, they typically look to see if that individual posted anything on their profile that may suggest they could be involved in criminal behaviour, radical affiliations or views not aligned with workplace human resource policies.

Well, would you believe that someone posted a video on Facebook of a bunch of friends, heavily armed doing the mannequin challenge? Once the police and thousands of other viewers saw the video, they were arrested.

Believe it. There are many more background screening and social media investigations examples. It is always worth a look.

You are Either too Dumb, or You Were in on it!

October 13th, 2016 Comments off


Robert De Niro’s character, Sam Rothstein says in the movie Casino “3 jackpots in 20 minutes!? Why didn’t you pull the machines? You’re either too dumb, or you were in on it.”

A little harsh, but worth some consideration in the corporate security world.

You may have put a contingency plan together for travel security, employment screening, a work stoppage or general workplace safety and believe that everything has been considered, but then you see that something is not working out. Don’t beat yourself up over it or pretend it is not happening and hope it gets back on track.

Move quickly and make a change. Simple.

Last week, the Toronto Blue Jays hit back to back to back home runs from the same pitcher. Why didn’t the manager pull the pitcher after the second?


pillar jays2 jays-3

Make sure all of your contingency plans allow for change as required, so they remain as fluid documents that you can continuously improve on.

Miss Florida Stripped

September 20th, 2016 Comments off

miss florida

While in Florida at the ASIS annual conference on behalf of AFIMAC and FocusPoint, I caught a story on TV about a recent Miss Florida contest.

After Genesis Davila had won the crown, it was alleged that she had used professional hair and makeup services in her room, which is against pageant rules. Ms. Davila was stripped of her title and crown in the days following. Although there were alleged complaints from eyewitnesses, the damning evidence against Ms. Davila came from her Instagram account, showing her having her makeup done by a 3rd party.

Currently, Ms. Davila is suing for damages in excess of $15 million, sighting amongst other things, that the photo she posted of having her makeup done was taken the week before, not on the pageant day. If what Ms. Davila claims about the photo is true, it is possible pageant organizers jumped the gun without a thorough investigation.

In the corporate world, dealing with rule breakers, theft, WPV, harassment, and employees using drugs is something you would like to deal with quickly. Also, although a social media investigation is a good first step, following up with an employee interview and physical investigation is beneficial to support a termination and court proceedings if required.


Adam Curtis, AFIMAC Senior Director Corporate Investigations, quoted in Canadian Security article ‘Sharper Focus’

July 11th, 2016 Comments off

Caught Cheating

April 27th, 2016 Comments off

nikeRecently, a nineteen-year-old cyclist was banned from competing for six years for using a bike with a hidden motor in it. I didn’t even realize this was possible, but after reading the story and watching this video of motorized bikes, it is doable and remarkable.

I find it surprising that individuals would cheat at this level of sport, knowing that there is technology to catch foul play; no different than the technology used to cheat. But, I suppose that the real race in cheating is staying ahead of technology.

This topic can relate back to the corporate world. If people are consistently inventing ways to steal from your business, what are you doing to counter it? Whether you apply new technology, use social media for intelligence, penetration testing, security audits or investigations, you have to think like someone trying to beat the existing system, and stay a step ahead.

AFIMAC Global in Canadian HR Report: Hunting for Clues Online

April 19th, 2016 Comments off

Click article to enlarge. 


Reprinted by permission of Canadian HR Reporter.
© Copyright Thomson Reuters Canada Ltd., April 4, 2016, Toronto, Ontario.
1-800-387-5164. Web:

AFIMAC CEO Peter Martin quoted in Financial Times: Hackers blur line between thief and spy

March 29th, 2016 Comments off


Hackers blur line between thief and spy


By Geoff Dyer and David J Lynch
March 28, 2016

In the world of hacking, one man’s criminal is increasingly another man’s spy.

By indicting seven Iranians on cyber crime charges last week, the US is trying to send a message to foreign governments that it is willing to challenge publicly any attempts to manipulate the computers of important infrastructure. The charges against the Iranians follow a similar groundbreaking indictment in 2014 of five Chinese.

However, there is one big difference in the cases. The Chinese accused of stealing trade secrets from US companies were all soldiers in the People’s Liberation Army: the seven Iranians, on the other hand, work for private computer security companies.

The distinction is an ever more important one for the US authorities. As they try to find tools to deter rival governments from cyber attacks, one of the growing complications is the blurring of lines between nation-states and criminal gangs willing to work as proxies for either governments or even terrorist groups.

“We are increasingly seeing different versions of this blended threat,” says John Carlin, assistant attorney-general for national security, in an interview with the Financial Times. “It is complicated.”

Peter Martin, chief executive of AFIMAC, a corporate security and crisis management firm headquartered in Miami, says that governments are now frequently hiring hackers to do their dirty work both to make it harder for victims to determine who has attacked them and because much of the requisite technical talent resides in the private sector.

Partnerships with independent hackers, he says, gives nation-states “plausible deniability”.

We are increasingly seeing different versions of this blended threat. It is complicated.

The decision to indict the Iranians is part of a new approach by the US authorities to use public naming-and-shaming as a way of deterring certain types of state-sponsored hacking. “We are taking information that used to be treated as an intelligence matter and are looking to see what we can take public,” says Mr. Carlin.

In the past, the government has refrained from publicly attributing blame for fear of creating diplomatic headaches or to avoid compromising intelligence secrets. Now, with the perceived need to better deter future attacks growing, authorities are becoming more assertive.

“This is a signal to nation-states that we are increasingly willing to talk about what we know,” said Rajesh De, former White House official and general counsel for the National Security Agency.

However, while the US authorities are able to trace cyber attacks back to specific computers, in some cases the link with nation-states is not always as direct as it was in the indictment of the five PLA officers.

According to the Department of Justice, the Iranians are accused of launching a “denial of service” attack on dozens of US financial institutions and of hacking the computer system of a small dam in upstate New York. The seven defendants worked for two different companies, Mersad and ITSec Team, both of which sometimes “performed work on behalf of the Iranian government”, the indictment says.

Prosecutors allege that Amin Shokohi, who worked for ITSec, helped build the botnet that engaged in the attack on US banks. In return, he was excused some of his mandatory military service, the indictment claims.

“These botnets are often constructed by criminal groups but once they are constructed they can be used by actors for a variety of purposes ranging from criminal to national security threats,” says Mr. Carlin.

The same blurring of lines between private hackers and governments was apparent in a separate cyber indictment unsealed last week involving three Syrian nationals. The Department of Justice alleges that the three were hackers for the pro-Assad Syrian Electronic Army which has used spear-phishing emails to gain access to the Twitter feeds of media and government organisations. In one instance, the three allegedly sent a tweet from the Associated Press account claiming that a bomb had exploded at the White House and had injured the president, causing a dip in the stock market.

At the same time, however, the indictment alleges that two of the three also operated an “extortion scheme” in the US for “personal profit” where they would threaten to damage computers or delete stolen data from companies in return for payment.

In October last year, the Malaysian authorities — on the request of the US — arrested a well-known hacker who was accused of selling personal information about US military and government personnel to Isis. According to the US authorities, Ardit Ferizi was the head of a Kosovo-based hacking group.

According to Mr. De, who is now a partner at law firm Mayer Brown in Washington, hackers traditionally fell into one of three categories: government-backed, criminal or politically motivated activists. “Clearly, the lines between these lanes have been blurring over time,” he says. “They are far more blurred today than ever before.”

#FightFraud: AFIMAC Investigations and AVIVA Canada

March 17th, 2016 Comments off

AFIMAC is extremely proud of the work our Investigations Department did in conjunction with Aviva Canada, to collect court-ready evidence for this case. As well, a very special thank you to our AFIMAC undercover agents for their dedication and hard work on this project.

Watch the full undercover video from CTV W5 here.


  • LinkedIn
  • Twitter
  • YouTube