Posts Tagged ‘Investigations’

Videotaping People Without Them Knowing

June 19th, 2017 Comments off


It is usually assumed that those who work in advertising or marketing have to be creative; however, I believe there is a need for creativity in any department. I would equate problem solving as being creative.

As I left the building last night, I saw a project that one of our staff members from the investigations department was working on. Wood, concrete, spray paint and some other materials were being constructed into a contraption to hide a camera to capture video surveillance of a subject for an insurance compensation fraud case for one of our clients. Hidden camera surveillance provides successful results like this one for Aviva.

Over the years, I have seen covert cameras installed into all sorts of everyday objects such as briefcases, sunglasses, pens, and clocks. However, this was the first elaborate build I had seen.

Shaun from our investigations department was not only exuding creativity but clear dedication as well. Kudos to Shaun and the rest of our investigations department for their tireless efforts fighting fraud.

Keep Still, and They Will Not See You

December 14th, 2016 Comments off


One of the latest viral trends is the ‘mannequin challenge’, and there have been some very creative ones. Even professional sports teams, celebrities and a group of guests at the White House got in on the fad.

Sometimes people will go to great lengths to get views.

When corporations conduct social media investigations on existing or potential employees, they typically look to see if that individual posted anything on their profile that may suggest they could be involved in criminal behaviour, radical affiliations or views not aligned with workplace human resource policies.

Well, would you believe that someone posted a video on Facebook of a bunch of friends, heavily armed doing the mannequin challenge? Once the police and thousands of other viewers saw the video, they were arrested.

Believe it. There are many more background screening and social media investigations examples. It is always worth a look.

Caught Cheating

April 27th, 2016 Comments off

nikeRecently, a nineteen-year-old cyclist was banned from competing for six years for using a bike with a hidden motor in it. I didn’t even realize this was possible, but after reading the story and watching this video of motorized bikes, it is doable and remarkable.

I find it surprising that individuals would cheat at this level of sport, knowing that there is technology to catch foul play; no different than the technology used to cheat. But, I suppose that the real race in cheating is staying ahead of technology.

This topic can relate back to the corporate world. If people are consistently inventing ways to steal from your business, what are you doing to counter it? Whether you apply new technology, use social media for intelligence, penetration testing, security audits or investigations, you have to think like someone trying to beat the existing system, and stay a step ahead.

AFIMAC Global in Canadian HR Report: Hunting for Clues Online

April 19th, 2016 Comments off

Click article to enlarge. 


Reprinted by permission of Canadian HR Reporter.
© Copyright Thomson Reuters Canada Ltd., April 4, 2016, Toronto, Ontario.
1-800-387-5164. Web:

AFIMAC CEO Peter Martin quoted in Financial Times: Hackers blur line between thief and spy

March 29th, 2016 Comments off


Hackers blur line between thief and spy


By Geoff Dyer and David J Lynch
March 28, 2016

In the world of hacking, one man’s criminal is increasingly another man’s spy.

By indicting seven Iranians on cyber crime charges last week, the US is trying to send a message to foreign governments that it is willing to challenge publicly any attempts to manipulate the computers of important infrastructure. The charges against the Iranians follow a similar groundbreaking indictment in 2014 of five Chinese.

However, there is one big difference in the cases. The Chinese accused of stealing trade secrets from US companies were all soldiers in the People’s Liberation Army: the seven Iranians, on the other hand, work for private computer security companies.

The distinction is an ever more important one for the US authorities. As they try to find tools to deter rival governments from cyber attacks, one of the growing complications is the blurring of lines between nation-states and criminal gangs willing to work as proxies for either governments or even terrorist groups.

“We are increasingly seeing different versions of this blended threat,” says John Carlin, assistant attorney-general for national security, in an interview with the Financial Times. “It is complicated.”

Peter Martin, chief executive of AFIMAC, a corporate security and crisis management firm headquartered in Miami, says that governments are now frequently hiring hackers to do their dirty work both to make it harder for victims to determine who has attacked them and because much of the requisite technical talent resides in the private sector.

Partnerships with independent hackers, he says, gives nation-states “plausible deniability”.

We are increasingly seeing different versions of this blended threat. It is complicated.

The decision to indict the Iranians is part of a new approach by the US authorities to use public naming-and-shaming as a way of deterring certain types of state-sponsored hacking. “We are taking information that used to be treated as an intelligence matter and are looking to see what we can take public,” says Mr. Carlin.

In the past, the government has refrained from publicly attributing blame for fear of creating diplomatic headaches or to avoid compromising intelligence secrets. Now, with the perceived need to better deter future attacks growing, authorities are becoming more assertive.

“This is a signal to nation-states that we are increasingly willing to talk about what we know,” said Rajesh De, former White House official and general counsel for the National Security Agency.

However, while the US authorities are able to trace cyber attacks back to specific computers, in some cases the link with nation-states is not always as direct as it was in the indictment of the five PLA officers.

According to the Department of Justice, the Iranians are accused of launching a “denial of service” attack on dozens of US financial institutions and of hacking the computer system of a small dam in upstate New York. The seven defendants worked for two different companies, Mersad and ITSec Team, both of which sometimes “performed work on behalf of the Iranian government”, the indictment says.

Prosecutors allege that Amin Shokohi, who worked for ITSec, helped build the botnet that engaged in the attack on US banks. In return, he was excused some of his mandatory military service, the indictment claims.

“These botnets are often constructed by criminal groups but once they are constructed they can be used by actors for a variety of purposes ranging from criminal to national security threats,” says Mr. Carlin.

The same blurring of lines between private hackers and governments was apparent in a separate cyber indictment unsealed last week involving three Syrian nationals. The Department of Justice alleges that the three were hackers for the pro-Assad Syrian Electronic Army which has used spear-phishing emails to gain access to the Twitter feeds of media and government organisations. In one instance, the three allegedly sent a tweet from the Associated Press account claiming that a bomb had exploded at the White House and had injured the president, causing a dip in the stock market.

At the same time, however, the indictment alleges that two of the three also operated an “extortion scheme” in the US for “personal profit” where they would threaten to damage computers or delete stolen data from companies in return for payment.

In October last year, the Malaysian authorities — on the request of the US — arrested a well-known hacker who was accused of selling personal information about US military and government personnel to Isis. According to the US authorities, Ardit Ferizi was the head of a Kosovo-based hacking group.

According to Mr. De, who is now a partner at law firm Mayer Brown in Washington, hackers traditionally fell into one of three categories: government-backed, criminal or politically motivated activists. “Clearly, the lines between these lanes have been blurring over time,” he says. “They are far more blurred today than ever before.”

You Made Your Bed, Now Lie in It

February 23rd, 2016 Comments off

ME_SEP_DT_generic_FootballOne thing that has always pained me when playing team sports is when the rest of the team has to suffer consequences for another teammates actions. All too often during a close game, a teammate will do something that makes the team lose valuable time, field position, points and potentially the game.

Are we responsible to stop a teammate from swearing at the ref because they didn’t agree with the original penalty? We can try and quiet the offender after the fact so it doesn’t get any worse but could we have done something before the game? Absolutely. The team manager knows what that player is like and could have decided to discipline him or kick him off the team – but didn’t.  So the bed is made, now lie in it.

Recently in the news, a 20-year-old man said he received a homophobic Valentine defaced with slurs from a co-worker. The company, Party City now has to deal with the consequences of one of their ‘teammate’s’ actions. Is it fair to say, ‘you made your bed…’ in this case? Was the alleged offender known for stunts like this in the past?

What could Party City have done prior to hiring the alleged offender to verify if they were a potential liability? Background screening and a social media investigation might have helped, but if it didn’t, the company could have at least used pre-employment screening as a defense when the case inevitably ends up in court.

The cost for corporations having to react to something like this far outweighs the minimal expense of pre-employment background screening.

The Importance of Screening

December 23rd, 2015 Comments off


I believe that there are three options when it comes to pre-employment background screening relating to social media content, a potential candidate’s organizational fit, and legitimacy of their resume.

1.  You can go with your gut, and not conduct any meaningful background screening

a.       Gone are the days that anyone should put any real  stock in personal reference
b.       Not checking into educational claims
c.       Not checking a candidate’s social media activity

2.  Conduct a full background check

a.      Verify past employment and education
b.      Check past employer references
c.      Conduct a social media search


3.      Wait for the potential employee to send you unsavory text messages that give you an indication of future behaviour. Like this job seeker did, by sending naked selfies to the HR Director prior to beginning employment

a.      Like this job seeker did, by sending naked selfies to the HR Director prior to beginning employment


Okay, the third isn’t really an option I believe in, but it is a good example of why screening is essential.





You Are Stagnant, Please Contact Me

March 21st, 2012 Comments off

I received an email from a company account manager introducing himself as my new contact.  The email noted that he was going through “…stagnant accounts…” and we were one of them – the company provided an excellent service, we just haven’t required it in some time.

I thought that being referred to as stagnant was odd, even negative, so I looked up the dictionary meaning.  Stale, foul from standing, lack of development, sluggish and dull were some of the ones that popped out at me.  The thesaurus was even less kind with dead, filthy, lifeless, putrid and stale.  I guess from a marketing perspective, approaching a potential or existing client would be best done with verbiage that reads more positively.  This would probably translate well for use in sales email communications as well.

“Hello Mr. Anderson, I was reviewing your account and noticed that you have not required our strike security or high risk terminations services in some time…”

The above still has a negative with “…have not required…” and the general tone leans negative (‘not required’ and ‘in some time’), so even better would be…

“Hello Mr. Anderson, I was reviewing your account and noticed you utilized our investigation services in 2010.  We have implemented some excellent new…”.

Well Played Mr. Leach!

December 9th, 2011 Comments off

Greyhound President and CEO Dave Leach turned some potentially damaging comments into an extremely creative marketing ploy by responding to Alec Baldwin’s slam.  After American Airlines had to engage Mr. Baldwin with nonviolent confrontation techniques and investigate an issue, Mr. Baldwin went on to take shots at American Airlines by comparing them to Greyhound – intentionally or unintentionally taking a shot at Greyhound.  Mr. Leach smartly wrote Mr. Baldwin a public letter for some fantastic free advertising – a description of Greyhound services are now being read by countless people following this story (excerpt below)…

Alec Baldwin ticks off Greyhound

By A. Pawlowski, CNN
…In an open letter to the actor issued Thursday, Greyhound President and CEO Dave Leach said he was disheartened to hear about the comments Baldwin made about the company.

“I’m the first to admit that Greyhound has had some challenges in the past, so I understand that you probably were basing your comments on that alone. But we’ve made so many changes in recent years to significantly improve the travel experience,” Leach writes.

“My guess is you’ve never traveled with us, but I ask you to give us a try for a number of reasons and see for yourself that we’re really a great way to travel.”

Leach then touts the hundreds of new buses the company has added to its fleet as well as the extra legroom, leather seats, power outlets and free Wi-Fi.

“I think you especially would find the latter two amenities exciting, because we don’t require our customers to turn off their electronic devices … ever. You could therefore play ‘Words With Friends’ during your entire trip and nobody would give you any grief over it,” Leach tells Baldwin in the letter.

Read entire story here.

Textbook Nonviolent Confrontation Management and Crisis Communications

December 8th, 2011 Comments off

Well done – the American Airlines flight attendant must have followed rules regarding nonviolent confrontation management because there was no report of them acting inappropriately, but not the same for Alec Baldwin unfortunately.  As well, after Mr. Baldwin took to Twitter to rant, American Airlines quickly responded on Facebook exhibiting some excellent crisis communications practices – by conducting a quick investigation into the matter, and not pretending the incident didn’t happen by engaging it head on.

American Airlines responds after Alec Baldwin kicked off flight:

(CBS/AP) LOS ANGELES – American Airlines took to its Facebook page Wednesday to explain its actions after Alec Baldwin complained he was kicked off a flight for playing a Scrabble-like game on his cell phone as the plane was about to depart from Los Angeles.

Without mentioning the “30 Rock” star by name, the airline said an “extremely vocal customer” declined to turn off his phone when asked to do so by a flight attendant.

The customer then stood up “with the seat belt light still on for departure” and took his phone into the plane’s lavatory, the company continued.

“He slammed the lavatory door so hard, the cockpit crew heard it and became alarmed, even with the cockpit door closed and locked,” the airline’s post said.

Read more…

  • LinkedIn
  • Twitter
  • YouTube