[SecurityRatty] tag: undercover

FBI says Dark Market sting netted 56 arrests

Wed, 15 Oct 2008 20:00:00 +0000

A two-year undercover FBI sting operation targeting online fraudsters has netted 56 arrests and prevented millions of dollars in economic losses, the FBI said Thursday.

Did Anti-Spam Group Create a Backstory For DarkMarket's Undercover Fed?

Tue, 14 Oct 2008 16:36:00 +0000

Until Monday, the U.K.-based spam fighters at Spamhaus had an extensive profile of "Master Splynter," the assumed identity of the FBI agent who took over the cybercrime trading post DarkMarket. Was it all part of a cunning plan to establish a back story for a crime lord who never existed?

D.C. Police Detective Arressted for Propositioning a "Prostitute".

Sat, 12 Jul 2008 14:58:00 +0000

Some time clients call us up and ask if we can send them off-duty cops for Executive Protection assignments. My first inclination is to tell them why we are reluctant to use off-duty police.

Yesterday, WTOP radio reported that a Detective Wheeler from the Washington D.C. Metropolitan Police had been arrested for trying to hire a Prostitute. Unfortunately for Detective Wheeler, the "prostitute" was an undercover Police Detective herself.

The story gets better, however. It seems that Detective Wheeler is assigned to the Vice Unit. For those of you who don't know what a Vice Unit does, they set up "stings" and dress female Police officers to look like prostitutes in order to arrest those who try and do business with "prostitutes". One wonders if Detective Wheeler should be charged with the prostituion charge or one involving gross stupidity.

Just becaause a Police officer carries a gun, does not mean that this qualifies him or her to do everything security related. While most of them are decent, hard working indivduals, there are also some who break laws and circumvent the system for their own benefit. When you hire an "off-duty cop", you do not know what you are getting. Perhaps you will get a bad apple(s) who will do more harm than good. Afterall, what way is there to vet them?

A professional security company like ours, train their own people and enforce from day one a strong sense of Ethics. We have a zero policy for any behaviour that might be detrimental to us or the client. On the rare occassion when someone does something that we do not condone, they are terminated. There is no room for Union intervention or "three strikes, you're out" or any other delaying tactic.

Our reputation is too important. Then again, we do not have "jobs for life" but must instead earn buisness by constantly performing. The next time you need a security person, keep this in mind.

From the Eye of a Legal Storm, Murdoch's Satellite-TV Hacker Tells All

Fri, 30 May 2008 11:00:00 +0000

SAN DIEGO -- Christopher Tarnovsky feels vindicated. The software engineer and former satellite-TV pirate has been on the hot seat for five years, accused of helping his former employer, a Rupert Murdoch company, sabotage a rival to gain the top spot in the global pay-TV wars.

But two weeks ago a jury in the civil lawsuit against that employer, NDS Group, largely cleared the company -- and by extension Tarnovsky -- of piracy, finding NDS guilty of only a single incident of stealing satellite signals, for which Dish was awarded $1,500 in damages.

"I knew this was going to come," Tarnovsky says. "They didn't have any proof or evidence."

The trial was years in the making, yet raised more questions than it answered. It came down to testimony between admitted pirates on both sides who accused each other of lying. Now that it's over Tarnovsky, who was fired by NDS last year, is eager to tell his side of the story.

Dressed in loose jeans, flip-flops and a T-shirt, Tarnovsky, 37, spoke with Wired.com by phone and in an air-conditioned lab in Southern California where he's been running a consultancy since losing his job. Surrounded by boxes of smart cards and thousands of dollars worth of microscopes and computers used for researching chips, he talked excitedly at lightning speed about his strange journey, which began in a top-secret Pentagon communications center, and ended with him working both sides of a heated electronic war over pay TV.

Satellite-TV hacker Chris Tarnovsky opens his laboratory to Threat Level reporter Kim Zetter, providing a unprecedented peek into the world of smart-card hacking.
Editor: Annaliza Savage
Camera: Steve Raines

His story sheds new light on the murky, morally ambiguous world of international satellite pirates and those who do battle with them.

The stakes are high: Earnings in the satellite-TV industry reach the billions. In the first quarter of this year alone, U.S. market leader DirecTV announced revenue of $4.6 billion from more than 17 million U.S. subscribers. Dish Network earned $2.8 billion from nearly 14 million subscribers. Although satellite piracy has greatly diminished from its peak seven to 10 years ago when the events detailed in the civil lawsuit took place, the two companies lost millions in potential revenue, and spent millions more to replace insecure smart cards used in their systems and track down dealers selling pirated smart cards.

Those smart cards are at the center of the controversy over NDS, a British-Israeli company and a majority-owned subsidiary of Murdoch's News Corp. The company makes access cards used by pay-TV systems, most prominently DirecTV -- itself a former Murdoch company. Nagrastar, a plaintiff in the case and NDS's chief competitor, makes access cards used by Dish Network and other runners-up in the market.

According to allegations in the lawsuit, in the late '90s NDS extracted and cracked the proprietary code used in Nagrastar's cards, a fact that NDS doesn't contest. What happened next, though, is hotly disputed. Nagrastar says Tarnovsky used the code to create a device for reprogramming Nagrastar cards into pirate cards, and gave the cards to pirates eager to steal Dish Network's programming. Tarnovsky was also accused of posting to the internet a detailed road map for hacking Nagrastar's cards.

Nagrastar says NDS had an obvious motive for these antics: Their own chip, the so-called P1 or "F Card," had already been thoroughly cracked by pirates, and the company wanted to level the playing field with its competitors.

NDS denied the allegations at trial. The company declined to comment for this article or to confirm details of Tarnovsky's employment other than to say it was pleased that the verdict "ended in a resounding affirmation of NDS and its business ethics and proper conduct."

Tarnovsky began his pirating career in the '90s while serving in the U.S. Army. He had a top-secret SCI security clearance working on cryptographic computers in Belgium for NATO headquarters, and spent a year at Ft. Detrick in Maryland providing support to the National Security Agency for satellite transmissions to Europe.

In 1996, he was stationed in Germany when his colonel sold him a used satellite-TV system, along with two pirated access cards, neither of which worked. Tarnovsky began posting on online pirate forums, and developed contacts in the community, ultimately learning how to fix the cards to access English-language programs from Sky in the United Kingdom.

After leaving the Army and returning to the States, he got a call from Ron Ereiser, a Canadian pirate who'd heard about him through the grapevine. Pirates had found a back door in the P1 card and were vigorously exploiting it to get DirecTV content. But the cards kept failing. In a game of pirate pingpong, DirecTV periodically deployed electronic countermeasures, or ECMs, in the satellite stream that killed the cards in their set-top boxes. Ereiser needed someone to fix the cards.

There was serious black-market money on the line. In Canada, where pirating of U.S. satellite services wasn't considered illegal until 2002, syndicates of dealers did enough business that they could afford to chip in about $50,000 to hire a programmer to reverse engineer the latest cards. Pirate cards would sell for about $200 each, with the profit split between the investors and engineers. Tarnovsky claims Canadian pirate dealers could make $400,000 in a weekend; when Reginald Scullion, a notorious pirate in Canada, was raided in 1998, authorities seized $5.5 million from his bank accounts and safe-deposit boxes, though not all of it was from piracy.

Ereiser, who now works as a consultant to Nagrastar, concedes that the money from piracy was good, but insists that nobody became an overnight millionaire. "It was lucrative," he said in a telephone interview. "But to suggest that millions were being made in a month is an absolute crock."

DirecTV's countermeasures were a nagging drag on this lucrative trade. Every time an ECM was deployed, Ereiser and other dealers would be harangued by customers demanding to have the cards fixed and their TV programs restored.

Tarnovsky, who was known online as "Big Gun," says Ereiser offered him $20,000 to fix cards that were killed by ECMs, and he agreed. Each time NDS created a countermeasure, Tarnovsky would analyze the code and find a way to circumvent the countermeasure. He did it while working full-time as a software engineer for a semiconductor company in Massachusetts.

"I'd be at work and I'd check the IRC (channel) to see if they'd launched their Thursday countermeasure yet," he says. "It was like a chess game for me. I couldn't wait for them to do a countermeasure because I would counter it in minutes."

Tarnovsky suffers from attention deficit hyperactivity disorder, which he says helped with the detailed work.

"I think so fast," he says.

It wasn't long before NDS came courting. Tarnovsky had a contact at the company to whom he'd begun passing information about holes in its software, even supplying patches to fix them. NDS offered him a job earning $65,000 a year. By the time the company fired him last year, he was earning about $245,000 in salary and bonuses and had another $100,000 in stock options, he says.

The company set him up in a lab in Southern California equipped with a computer, some DirecTV set-top boxes, sample DirecTV cards and NDS source code. There was no fancy equipment at first, but his relationship with NDS and the lab grew over the decade he worked with them. Tarnovsky says the job was a dream come true. While living in Europe he'd once seen a news report showing an engineer at a French satellite company writing countermeasures, sitting in a lab with smart cards piled around him on his desk.

"I always thought it would be so cool to be that guy," Tarnovsky says. "Finally I got the chance."

Tarnovsky had two roles at NDS -- to find holes in its software and work undercover with pirates to discover what they were doing against NDS technology.

To conceal his relationship with NDS from pirates, few people at the company knew his identity. He used the name "Michael George" and for the first four years was paid through other companies, including, for about five months, HarperCollins, the Murdoch-owned book publisher.

"It was very hush-hush, because we didn't know who could be an inside informant," he says.

Part of his job was developing ECMs for NDS. He'd examine pirate NDS cards to determine how they worked, then send instructions to engineers in Israel to create a kill for them.

"I didn’t actually load the gun and pull the trigger but I got to make the bullet," Tarnovsky says.

Among the countermeasures he says he created was one known among pirates as the "Black Sunday" kill -- an elaborate scheme that destroyed tens of thousands of pirate DirecTV cards a week before Super Bowl Sunday in 2001.

Instead of being delivered all at once like other measures, the Black Sunday attack code was sent to pirate cards in about five dozen parts over the course of two months, like a tank transported piece by piece to a battlefield to be assembled in the field. "They never expected us to do this," Tarnovsky says.

The kill didn't last long before pirates found a way to jump-start the cards. But it holds an enduring position in pirate lore; for the first time, they could see a cunning mind at work on the other side.

While Tarnovsky was killing cards, however, he was also helping pirates fix them.

Days before Tarnovsky began working for NDS, the company began phasing in its latest-generation smart card, the P2, which was thought to be virtually uncrackable. But word reached the company that two Bulgarian hackers working for Ereiser had cracked the P2. On NDS's instructions, Tarnovsky met with Ereiser undercover in Calgary to get the code. When he got there, Ereiser offered him $20,000 to work for him fighting whatever countermeasures NDS and DirecTV cooked up to thwart their P2 hack.

NDS considered it a great opportunity for Tarnovsky to maintain his pirate identity, but DirecTV insisted on some controls. Under "Operation Johnny Walker," as they dubbed it, Tarnovsky gave Ereiser a program to create pirate NDS cards, but encrypted it so no one could copy it. The program worked only with a dongle attached to Ereiser's computer and created a limited number of cards that could be killed at any time.

But, according to Nagrastar, Tarnovsky wasn't just helping NDS fight piracy by working undercover and creating ECMs, he was also committing piracy against NDS's competitors to weaken their place in the market.

After NDS engineers in Israel hacked the Nagrastar code in the late '90s, Nagrastar says Tarnovsky created a "stinger" program that turned Nagrastar cards into pirate cards. He allegedly gave the program to a Canadian named Al Menard in 1999 who sold reprogrammed Nagrastar cards for $350 each. Then in December 2000, someone anonymously posted code and detailed instructions for hacking Nagrastar's card to two websites, one of them run by Menard, exposing Dish Network to even more piracy. It was estimated in court testimony that between 100,000 and 165,000 pirated Nagrastar cards were released to the market in the wake of this posting.

Nagrastar says Menard began sending Tarnovsky cash from the sale of the pirate cards. At the end of August 2000, authorities acting on an anonymous tip seized two boxes destined for a mail drop Tarnovsky rented in Texas. Inside, they found a CD and DVD player with $20,000 and $20,100 concealed inside.

The boxes were sent from a phony address for "Regency Audio" in Vancouver to C.T. Electronics at Tarnovsky's address. A customs form for a third package that wasn't seized indicated that it was sent from Menard to Tarnovsky and also contained electronic goods.

Tarnovsky was in Israel at the time, and says he didn't know anything about the packages until he was notified that they'd been seized. He thinks they were sent by someone in Nagrastar's camp who was trying to frame him. He says Nagrastar's accusations about the "stinger" program were baseless, and that he never gave Menard any software.

On Feb. 9, 2001, U.S. Customs agents appeared at his doorstep. On advice of a lawyer, he declined to let them search his house without a warrant. Tarnovsky was never arrested or charged with any crime, but suspicions against him were mounting. NDS gave Tarnovsky a polygraph test, but asked only two, self-interested questions that never touched on the Nagrastar accusations: Had Tarnovsky sold any modified NDS smart cards, or company secrets, since he'd been working for the company? Tarnovsky answered no, and passed the test.

He continued to work for NDS for six years. But then last year, Nagrastar confronted NDS with a sheriff's report showing that fingerprints lifted from the seized electronics equipment sent to Tarnovsky's Texas mail drop belonged to an associate of Menard, raising suspicions again that Tarnovsky might have sold pirate Nagrastar cards without NDS's knowledge. NDS fired him.

Tarnovsky says his termination proves he and NDS weren't conspiring against Nagrastar. Had they been, NDS would have done anything to keep him happy, and quiet. He says the fact that Nagrastar lost the case shows he wasn't pirating on his own either.

"I've never sold a single Nagra card, ever," he says.

Although he was angry at NDS for abandoning him, he told Wired.com before the trial ended that he hoped to work for the company again.

"I want to make sure that NDS wins this lawsuit because that will clear my name," he said at the time.

When it was suggested that someone might view this as motivation for him to lie on NDS's behalf, he disagreed.

"That's crazy. I could go to jail," he said. "I would never perjure myself for some company."

Since NDS fired him he's been consulting for two semiconductor companies and a manufacturer of dongle tokens, but he misses his life in electronic warfare. If NDS doesn't want him, he says he'd be happy to work for Nagrastar -- jumping sides once again.

"I could design a whole entire chip for them like I did for NDS," he says. "NDS thinks today that their technology is superior to everybody else's and it probably is, because they're 17 years ahead of Nagra technologically. But Nagra could catch up overnight if they used my services.

"I'm a very valuable asset as far as smart-card technology goes," he adds. "I know everything about (NDS) as far as their intellectual property models go."

He offered his services to the company last year, while the lawsuit was pending. Nagrastar declined.

10 Ways To Cheat At Being An IT Security Professional.

Sun, 18 May 2008 18:36:01 +0000

photo credit: нσвσ

Be A Security Cool Cat: Place penguin stickers on every surface in your cubicle. Stick at least 3 on the dual boot company issued laptop (that hasn’t had a kernel upgrade in 6 months). Use BlackHat stickers for bonus points.
Be An Undercover Open Source Evangelist: Unfailingly, recommend open source solutions as more secure. Be sure to quote ‘more eyes, less vulnerabilities’. Recite frequently . Always forward security advisories about commercial products to your boss.
Walk the Tech Talk: Learn at Least 10 Bash Keyboard Shortcuts. Treat this as a party trick. Perform rapidly in sequence whenever anyone watches your screen. Giggle and pass the keyboard over and say ‘Your turn!’.
Be All Knowing, Jedi Warrior!: Say ‘Trust but verify’ whenever you are asked a question you do not understand. Make it clear in meetings that you trust no-one and “verify” solely through a Google/Secunia search.
Impress with a Penetration Test!: Download Metasploit, spend 7 hours modifying the web interface: create custom graphics and hack up the CSS files. Start Metasploit running before you leave for the day. Use Camtasia to capture all screen activity so you can review in the morning. If all went well upload to YouTube and link out via facebook.
Practice Defense In Depth’: When you are asked ‘What is the Risk?’, grin inanely and say ‘I’ll tell you after I break out the vulnerability scanners’. Run at least 3 vulnerability scanners to get ‘defense in depth’.
Latest *Is* Greatest!: Clipboard stealing attacks are *always* a bigger issue than the CISCO infrastructure with default passwords (how did they get there?!).
Educate The Great Unwashed with a Deep Dive Security Awareness Program. Educate end-users about Cross Site Scripting and SQL injection attacks. Don’t invite the outsourced developers - they already know this stuff and have deadlines to meet.
Impress Your Peers - Perfect the RFC Shoutout: Pick at least 10 common protocols and learn the associated RFC numbers. Intimidate IT colleagues by shouting out the RFC numbers whenever they mention the protocol.
Start A Security Blog: What Can I Say?

Cybersquatting Symantec's Norton AntiVirus

Tue, 01 Apr 2008 03:53:17 +0000

For the purpose of what? Upcoming fraudulent activities, again courtesy of Interactivebrand's undercover domains portfolio having registered the following domains cybersquatting Norton AntiVirus, next to the PandaSecurity and McAfee ones I listed in a previous post :

antivirus-norton.org
norton-2007.org
norton-antivirus-2007.org
norton-virus-scan.org
nortonsecurityscan.org
norton-antivirus-2007.net
norton-antivirus-2008.net
norton2008.net
nortonantivirus2007.net
nortonantivirus2008.net
nortonsecurityscan.net
norton-2008.com
norton-antivirus2007.com
norton-virus-scan.com
nortonsecurity2008.com

Registed and again operated by :

Interactivebrands
Tech City:St-Laurent
Tech State/Province:Quebec
Tech Postal Code:H4L4V5
Tech Country:CA
Tech Phone:+1.5147332556
Tech FAX:+1.5147332533
Tech Email:admindns @ interactivebrands.com

Now that's a proactive response to another upcoming scam, an here are some comments on one of the domains.

Cybersquatting Security Vendors for Fraudulent Purposes

Thu, 20 Mar 2008 17:03:30 +0000

Just like the creative typosquatting coming up with domain names spoofing the structure of PayPal and Ebay's web applications I covered in a previous post, this most recent example of cybersquatting is yet another example of how impersonating known and trusted brands can not only damage their reputation if the campaign's not taken care of fast enough, but can also result in actual adware infection. Who's getting targeted in this campaign? PandaSecurity, McAfee, Adobe Acrobat, and several other third party applications. It seems that IBSOFTWARE CYPRUS is keeping the entire domains portfolio undercover for the time being, with a great deal of these domains returning 403 forbidden messages. However, there are several domains that are actually serving the fake E-shops. This minimalistic approach on behalf of the malicious parties may have proved valuable if the domains were hosted on different IPs, however, they're all hosted on a single IP. The type of "pay us and we'll point you to the download location" scheme applied here is a bit moronic, in fact the template nature of the E-shop does not know what healthy competition means as you can see in the screenshot above. Here are the domains themselves :

PandaSecurity -

pandaantivirus2008.com

panda-antivirus-2008.com

pandasecurity2008.com

pandaantivirus-2008.com

panda-anti-virus.com

panda-2008.com

antivirus-panda-suite.com

panda-ib.com

panda-2008.com

panda-anti-virus.com

panda-antivirus-2007.com

panda-antivirus-2008.net

panda-bdl.com

panda-ib.com

panda-suite.com

pandaantivirus-2007.com

pandaantivirus-2008.com

pandaantivirus-ib.com

pandaantivirus2008.com

pandasecurity2008.com

pandashield.com

pandasuite2007.com

panda-bundle.com

pandabundle.com

pandasecuritysoftware.com

pandasecuritysoftware.net

McAfee -

mcafeepack.com

download-mcafee.com

mcafeebundle.com

mcafee-antivirus-2007.com

mcafee-internetsecurity.com

mcafee-suite.com

mcafee-suite2007.com

mcafeeantivirus2007.com

mcafeesuite-2007.com

mcafeesuite2007.com

Adobe Acrobat -

adobeacrobatreader-8.com

adobe-reader-it.com

acrobatdownload-ib.com

adobeacrobatpack.com

acrobat8download.com

Misc Cybersquatted software -

virusscan2007.com

virusscan2k7.com

virusscan2k8.com

virusscanxp.com

xp-secure.com

netdetectiveservices.info

download-ad-aware.com

antispyware-2007.com

antivirus-2007.com

netspyprotector.com

adwarepro.com

antispyware007.com

anti-virus-free.net

antivirus2k7.com

antivirus2k8.com

avastantivirus-pro.com

avg-antivirus-ib.com

What is Interactive Brands Inc?

"Interactive Brands is a privately held corporation formed by a team of experienced professionals who strive to offer the “ultimate” interactive shopping experience to internet users around the world. In partnership with the best software publishers, Interactive Brands develops unique and high value offers for the benefit of all computer users. In the spirit of giving the best shopping experience possible, Interactive Brands offers their clients access to a customer support center available by toll free number, email and live chat that covers any inquiry including: downloading, installing, using and any other questions regarding our products."

Interactive Brands Inc.

PO Box 178, St-Laurent, Quebec

H4L 4V5, Canada

Phone: : +1 (514) 733-2549

Fax: +1 514 733 2533

The billing center is located at panda-ib.com which loads b-softwares.com and bundlesmembersarea.com. 90% of the domains are hosted on a single IP - 63.243.188.82, however, the entire netblock is a scammy system by itself with several hundred more such cybersquatted domains.

Don't be cheap, if you're to buy any kind of software, do so through the official site, and cut the fraudulent intermediaries like the ones in this case. Read more about Interactive Brands at the Ripoff Report : Interactive Brands, Adaware-ib.com Rip-off; Report: Interactive Brands; Report: Interactive Brands. Lavasoft's and Avira's comments on the case as well.

Loads.cc's DDoS for Hire Service

Tue, 11 Mar 2008 18:35:53 +0000

Snakes never whisper in one another's ear - it's supposed to tickle. In a blog post yesterday, Sunbelt Labs pointed out on the re-emergence of the Botnet on Demand Service that I covered last year. It's great to see we're on the same page, or wiki article as we can always expand the discussion. In need of more such fancy snakes admin panels courtesy of a web based malware C&C? Here are four more related :

legendarypornmovies.net/ts (88.85.81.211)

slutl.com/ts (88.85.78.7)

cwazo.net/ts (83.222.14.218)

oin.ru/ts (194.135.105.203)

Now the juicy details regarding loads.cc. During the time of posting this, the malicious domain is starting to redirect to a very descriptive one, which basically says "given up on ddos-ing", and a featured ad in between loads.cc's old interface is pitching the new service - contextual advertising consultations, as you can see in the attached screenshot. Apparently, a little more in-depth research acts as public pressure, especially when they're lazy enough to have a great deal of malware variants "phone back home" to their promotional domain. However, the current one responding to 67.228.69.191 is hosted by SoftLayer, and is using ns1.4wap.org as DNS server provided by Layered Technologies again confirming the Russian Business Network connection since, both, Layered Technologies and SoftLayer are known to have been and continue providing services to the RBN, knowingly or unknowingly. Moreover, the malware infected counter at the stats section continues reporting new additions.

Being one of the most venerable examples of DDoS for hire services, it's worth reposting its FAQ in an automatically translated fashion, so that a better perspective to the dynamics of offering such services is provided to the readers. Here's the FAQ on using the service, which is relatively easy to understand :

- All that is pure downloads nothing is loaded simultaneously

- The "mix" is not Buro countries on specified individual prices

- Loaded only those countries which are specified in the problem

- The country is determined to maxmind geoip

- When it ALL loaded all countries and the price of downloads is calculated separately for each country that is DE for the download you pay for a $ 0.2 PE 0.03

- Prices for downloads can sometimes vary slightly this watch themselves

- As such, the concept of mix does not exist, each country has its own price, and if the country is not clearly specified in the price is $ 30 price / 1k

- The money is withdrawn from the account in accordance with the facts and running leaps ekze by car users

- In the balance on deposit $ 5 or less stopped loading

- No minimum, it is possible to load even though 3 pc 10k limit pointing in the problem

- The claims, made by ALREADY download will not be accepted, DICOM small parties or do the test to check quality

- Following the establishment of tasks it must be activated by clicking on the link in the status, the same method could be suspended

- Pole challenge "received" shows how many bots believed assignment, it is usually little more than a "loaded" on the fabric sur somehow prichnam some boats were not able to download and run your ekze dolzhili or not yet know

Undercover DDoS in between contextual advertising, or "giving up on DDoS" entirely? Let's wait and see, without being naive enough to forget that this among the hundreds of other DDoS for hire services currently available in the wild.

Why you nearly need a P.I. to help you hire a private investigator

Sat, 01 Mar 2008 17:28:00 +0000

So, you need a private investigator to help you catch your cheating spouse, or to work undercover in your business to find out who has been stealing or to follow the employee who is claiming workman’s comp, but you’ve heard he plays golf every weekend. What are you to do?

The first thing I would tell you is NOT to go to the yellow pages and pick out 5 phone numbers and ask how much they charge an hour. Hourly charges mean nothing. Think about it, how many of us would call up a doctor or dentist’s office and ask how much they charge an hour? Not to compare investigators with the medical profession, but your first priority should be: are they qualified to do the job?

This is the information age. You can research anything you want in mere seconds, without leaving the comfort of your own home. If you are looking for a private investigator in Washington D.C., or San Francisco, go to one of the main search engines and bring up all of the investigators located within a 30 - 50 mile radius. Do not worry if they are a little further away. Eventhough they will all charge you mileage, the more professional companies will have investigators spread out around the State or city in which they operate.

This is where you need to think like an investigator yourself and it doesn’t matter if you are the CFO of a $100 million dollar corporation or a stay-at-home mom. Her are some points you should seriously consider:
• Do they have a website
• Do they list a physical address
• Does their website list everything out clearly and concisely or do you feel more confused after reading it for five minutes
• Do they belong to reputable associations, both local and national
• Do they accept major credit cards
• Are they known for anything else – published books, white papers, speaking engagements, seminars, etc.

In 2008, there is absolutely no reason why a company would be without a website. A website “under construction” is nearly as bad. Several years ago it could be chalked up to cost. Smaller companies could not afford to pay many thousands for a site but these days you can have a website up and running in days for a couple hundred dollars.

A company who does not have a website, for the most part, is a company who is either not legal and must “fly under the radar”, or who is not making enough money to spend on one. If you hire a) an illegal company, you yourself could wind up being sued and if you hire b) the company who nobody else is hiring, you’ll soon find out why – but not before you have wasted your hard-earned money.

Any legitimate security company needs to let people know who they are and what they do. In order to achieve this, they belong to professional associations – local, national and even international. International associations are a good indicator that this firm is held in such a high regard that they command the respect of investigators around the world. Examples of international associations are: The Council of International Investigators (www.CII.org), INTELNET and the Society of International Business Fellows (SIBF).

Once again, do not be fooled because a security person tells you their company does international work or because he calls the company “Smith Worldwide Protection”. Ask for references. Most of the time, clients need to remain confidential, so ask for the name of the Chamber of Commerce to which they belong. Call up the Chamber, or the investigation association or the State Agency where they say they are licensed and ask if they are: 1) known, 2) currently licensed and insured and 3) have any complaints filed/received any disciplinary action.

Remember, the best source will always be a personal referral. Failing that, decide after you have done a little bit of research. ALWAYS ask to see their investigator’s license or registration AND a copy of their insurance certificate. If they can not show you insurance, walk away or close the door. If I am hiring a plumber or carpenter or electrician, I will always ask for their insurance. If they do not have it and anything goes wrong, what will be your recourse? Even if you are hiring a security guard for your business – make sure that guard’s company provides a copy of insurance.

I would even go as far to say make sure that they just don’t have minimum coverage. Even though the Department of Criminal Justice mandates that security companies in Virginia only need $100,000 worth of coverage, we voluntarily carry liability insurance of $5 million. We do this to better protect our clients. If a person ever sues, they are probably going to go for millions, not thousands.

If the security company you hire only carries the minimum $100,000 and a customer is suing for $1 million, who do you think they are going to go after? You of course. On the other hand, had the security company carried a higher amount of liability insurance, they could have just sued the security company.

There will not be a huge difference in price wherever you are. In the Washington D.C. area, prices vary from around $100 - $150 per hour. It is normal to want the best deal that can be had and nearly everybody likes to save money. However, if you wind up hiring an inexperienced company who nobody has heard of and who uses young inexperienced people to conduct the investigations, then the money that you thought you were “saving” could turn out to be a total waste.

Here is an example: Company “A” is run by a young ex-soldier who joined the army at 18 and separated from the military after four years of service. He was a corporal and after he got out, he went to work for a local security company for a couple of years as a supervisor visiting buildings where other guards stood on post.

According to the State regulations, he could be granted a security business license based on having three years of supervisory security experience. He can not afford to hire anyone else so he went to a training school for one week and became registered as a private investigator.

Company “B” is run by a retired Police Detective with 15 years experience investigating homicides, five years in the transportation unit where he specialized in vehicular manslaughter investigations and is a court certified expert in accident reconstruction and cold-case murders. He too owns his own company and employees a retired F.B.I. agent and three former detectives with decades of experience in white-collar crime, gang activities, narcotic trafficking and sexual predators.

They both ask for a retainer of $1500.00 (retainers are usually $1500 - $3,000, depending on the length of time your case is estimated to take). You choose company “A” because they tell you that they charge $95.00 an hour while company “B” charges $145.00. However, after attempting to follow a subject for four days and losing them for the first three days and getting caught by the person they are following, Company “A” is forced to drop out or else you fire them (most likely ending). You can not even hand the case over to another company as the person you had followed knows he is being watched.

Company “A” then gives you an invoice for $20.00, since his botched attempts took 16 hours, which at the “bargain rate” of $95.00 per hour, totals $1520.00. Even if you refuse to pay the additional $20.00, you are out $1500.00 with nothing to show for it. Most probably the more exspensive company, “B”, would have accomplished the goal in about 2 days, at 5 hours a day, costing you $1450. With company “B” you would have had a professional product/service and had an investigator capable of testifying in court to support your case if that was subsequently needed.

The motto is: Beware of false bargains, for at the end of the day, you get what you pay for. Good luck with your search and don’t rush into it.

Why your company may need a mystery shopper

Thu, 28 Feb 2008 00:21:00 +0000

Do you really know how your employees are treating your customers? You might be surprised to find out what is really happening.

I went to one of the big office supply stores yesterday to look at purchasing a printer for the office. I had been impressed with a recent episode of Donald Trump's Celebrity Apprentice that featured a well known brand that was attempting to re-invent itself with a line of printers whose ink cost 50% less than that of their competitors.

When I entered the store there was a clerk type of person and another guy who appeared to be a manager. They were both standing with their backs to the customer service counter and had their arms folded across their chest. Without moving, or unfolding his arms, the clerk asked if I needed any help. I said I was looking for a printer that I believed was etiher made by Kodak or Xerox and it used a cheaper ink. They thought for a while and the manager shook his head and said they didn't sell anything by either maker. Arms were never unfolded.

I figured that they would guide me to the printers and show me an alternative in order to try and make a sale, afterall, I was in the market for a printer. Neither one attempted to move. All I could think about as I walked out was how unprofessional they appeared and their total lack of interest in their job.

If I was the owner of the store, or the general manager and my yearly bonus depended on sales, I would really like to know that my sales people were doing everything possible to sell merchandise. What better way to test them than to send in an undercover investigator to document their actions?

They could do well to take a page from Starbucks' book. From the very start, Starbucks made no bones about letting customers know that they were there to SERVE them. The result? Loyal customers willing to stand in long lines at 6am to get their caffinated "fix". Starbucks made coffee fun.

I have been drinking coffee for many years and I never thought of it as fun. Then comes along Starbucks with a strange language and deserts in cups masquerading as coffee. Customers bought in to the experience to such an extent that they even bring their little children in and buy them coffee. "No Tiffany, you can not have a Venti, you are only eight years old. Next year."

How interested in client satisfaction are they? So much so that they closed down their stores from 5:30pm to 8:30pm yesterday evening in order to train their staff enmasse how to make their clients even happier. I did not even know that the country could carry on for three hours sans Starbucks.

It should have been commemorated by inventing a new drink especially for the occassion - the "Happycino".