• Categories

  • Pages

  • Archives

Anatomy of a Background Check; Information In An Initial Sweep.

background-check-2

With a fairly healthy dose of humor and an equal measure of alarm, I’ve listened, read, heard,  have been Tweeted, Facebooked and Tumblred to by representatives on all sides of the “gun control” (the gun has control – it is immobile and its product possesses kinetic energy only when put in motion) issue.  Almost all parties agree that an enhanced background check should be required for persons wishing to purchase firearms. That’s a throwaway sentiment.   How many people, besides those that have already been through a gun purchase background check, actually understand the process and the information contained in such a search?

We conduct background searches daily; the majority are on domestic subjects, and we also provide international services.  Our clients request background searches for a multitude of reasons ranging from pre-employment prerequisites, (I’ll get into the government-mandated employment eligibility program, EVerify, in another article. Althoug,h if you search the archives, I’ve already posted several on the matter.), to hiring a nanny to personal  financial stability of potential business partners. (We do not conduct background checks for purposes of investigating a potential personal partner, locating mistresses or suitability of a date.)

To follow is the bare bones information contained within a comprehensive check (the minimum required to possess a firearm, aside from the NCIC fingerprint and DNA checks):

COMPREHENSIVE BACKGROUND CHECK

DOE, ARMANDO J.

Subject Information:

Name: ARMANDO J. DOE

DOB: 5/20/1979

Age: 33

SSN: 123-45-6789 issued in New York between 5/20/1979 and 12/31/1979

Names Associated With Subject:

ARMAN DOE

ARMAND J. DOE

J. ARMANDO DOE

ARMAND JOHN DOE

A.J. DOE

Others Associated With Subjects SSN:

(DOES NOT indicate any type of fraud or deception)

THOMAS ROBERTSON DOB: 4/9/1967

================================================================

Address History:

135-23 122nd  ST, SOUTH OZONE PARK, NY 11420-2742                      (Jan 2011 – Dec 2012)

14-01 121st , COLLEGE POINT, NY 11356-3765                                          (Aug 2010 – Jan 2011)

P.O. BOX 5106, COLLEGE POINT, NY 11356-5106                                      (June 2007 – Dec 2012)

149-21 71ST ST, COLLEGE POINT, NY 11563-9823                                    (Feb 2003 – Nov 2008)

7 SUMMIT STREET, MALBA, NY , 11357-3476                                            (June 1990 – Mar 2006)

Information on Affiliated Addresses:

135-23 122nd  ST, SOUTH OZONE PARK, NY 11420-2742                      (Jan 2011 – Dec 2012)

Name Associated with Address:

ARMANDO J. DOE

Current Residents at Address:

ARMANDO J. DOE

DINA C. DOE

SARA DOE

718-555-1234   ARMANDO DOE

Property Ownership Information for this Address

Property:

Parcel Number – 50-40-21-09-1001

Book – 4761

Page – 1243

Owner Name:  SMITH, HERMAN

Owner Name 2: SMITH, ANNA LIA

Property Address: – 135-23 122nd  ST, SOUTH OZONE PARK, NY 11420-2742

Owner Address: 13247 SW 43RD ST,  PLANTATION,  FL 33309-2742

Sale Date – 02/03/2011

Sale Price – $320,000

Land Usage – MUTLI RES

Total Market Value – $438,850

Assessed Value – $438,850

Land Value – $100,950

Improvement Value – $118,010

Land Size – 16,789 Square Feet

Year Built – 2000

Seller Name: RIVINGTON, IAN & JANICE

Legal Description –  182-2400 B LOT 270

135-23 122nd  ST, SOUTH OZONE PARK, NY 11420-2742                      (Jan 2011 – Dec 2012)

Possible Properties Owned by Subject: 

Property: None found.

(THE REPORT CONTINUES LISTING ALL OF THE ABOVE INFORMATION – owner, owner address, sale date… – FOR EVERY ADDRESS ON RECORD FOR THE SUBJECT.)

Emails Associated W Subject:

AJDOE520@FLASH.NET

ARMANDOJD520@GMAIL.COM

ARMANDOJD05@HOTMAIL.COM

Phones Associated W Subject:

Name: ARMANDO DOE

Address: SOUTH OZONE PARK, NY 11420

Phone Number:  718-555-1234

Phone Type:  Landline

Carrier:  Verizon

Name: DINA C. DOE

Address: 135-23 122nd  ST, SOUTH OZONE PARK, NY 11420-2742

Phone Number:  347-555-9518

Phone Type:  Mobile

Carrier:  VERIZON WIRELESS

Criminal Record Profile:

 National Criminal Record Search (Felonies & Major Misdemeanors):

       New York Arrest Report:

              Name: DOE, ARMANDO J.

              SSN: 123-45-6789

              Address: 135-23 122nd  ST, SOUTH OZONE PARK, NY 

              State of Origin: New York

              County of Origin: Queens

              Case Type Description: Queens County(NY)Arrest

              Arrests: 

Arrest #1

Arrest Date: 09/21/2010

Arresting Agency:  109, NYPD

Arrest Disposition Date:06/29/2012

Court Fine:          Offense: INTENT DIST/2Nd

Agency Case #:2011-675835G

Arrest Level/Degree: FELONY

Arrest Disposition: BOOKED


(The arrest will undoubtedly carry several charges.  Possession, attempt to distribute, resisting arrest, etc.  Each arrest charge will be separately defined – from charge to disposition.)

       New York Department of Corrections:

              Name: ARMANDO J. DOE

              SSN: 123-45-6789

              State of Origin: NY

              Inmate Number: 137869

              DOB: 05/20/1979

              Race: WHITE

              Sex: Male

              Eyes: GREEN

              Height: 6′ 00″

              Weight: 205

              Case Number: 0529234

              Case Type Description: Department Of Correction, NY

              Latest Admission Date: 09/21/2010    

State Criminal Record Search (Felonies & Major Misdemeanors):

(Repeats the Nationwide Search and may include ACDs – Adjournment in Contemplation of Dismissal. In an ACD situation, the offender is on a conditional probation period of anywhere from six months to several years, depending on his/her criminal history.  If the person re-offends for any reason during this adjournment period, s/he can be re-arrested.  The follow up information will include every possible detail from co-defendant(s), arresting officers to court transciptionists to defense counsel/prosecutors to the presiding judges and every motion made on the case.  Per the number of arrests, this portion of a background check can run anywhere from several dozen to several hundred pages.)

Driver’s License Information: 

(Current)

Name:           ARMANDO J. DOE

State: New York

License Address: 135-23 122nd  ST, SOUTH OZONE PARK, NY 11420-2742

DOB: 05/20/1979

SSN : 123-45-6789

Gender: Male

Ethnicity: WHITE

Expiration Date: 05/20/2016

Issue Date: 03/13/2006

License Type: RENEWAL

License Class: Non-Commercial – Class D

Height: 6’00

Data Source: Governmental

(Previous)

Motor Vehicles Registered To Subject:

Vehicle:

Description: Blue 2001 Nissan Sentra – 4dr Sedan

VIN: 5NING01C8ST000001
Engine: 4 Cylinder 152 Cubic Inch — Gas Powered               State Of Origin: Pennsylvania

Anti Lock Brakes: 4 wheel standard

Air Conditioning: Standard

Daytime Running Lights: Standard

Power Steering: Standard

Power Brakes: Standard

Power Windows: Standard

Security System:  Standard Alarm

Roof: Standard

Price: 16750

Radio: AM/FM CD

Front Wheel Drive: No

Four Wheel Drive: No

Tilt Wheel: Standard

Registrant(s)

Record Type: CURRENT

Name: ARMANDO J. DOE

Address: 135-23 122nd  ST, SOUTH OZONE PARK, NY 11420-2742

DOB: 5/20/1979

Sex: Male

Age: 33

Tag Number: CFD9524

License State: NY

Earliest Registration Date: 6/12/2012

Latest Registration Date: 6/12/2012

Expiration Date: 6/11/2013

License Plate Type: Private

Title Number: 0219856887

Title Issue Date: 6/12/2012

Lien Holder(s)

Company Name: CHASE MANH

Address: 150 PARK PLACE, 23RD FLOOR, NEW YORK, NY 10019

 (Report includes every vehicle ever owned or registered by the subject and all associated tags.)

Concealed Weapons Permit:  (This will include target permits.)

[None Found]

Possible or Previous Work Affiliations:

Name: ARMANDO J. DOE

Title: Manager

SSN: 123-45-6789

Company: ABCDE, LLC.

Address: 158-09 Northern Boulevard, Little Neck, NY  11363-4857

Dates: Dec 21, 2005

Corporate Affiliations:

[None Found]

Professional License(s): 

[None Found]

 FAA Certifications: 

[None Found]

FAA Aircrafts: 

[None Found]

Watercraft: 

[None Found]

Voter Registration:  

Name: ARMANDO J. DOE

Address: 135-23 122nd  ST, SOUTH OZONE PARK, NY 11420-2742

DOB: 5/20/1979

Gender: Male

Ethnicity: White

Political Party: UNDECLARED

State of Registration: New York

Status: ACTIVE

Hunting/Fishing Permit: 

[None Found]

Bankruptcies:

[None Found]

 Liens and Judgments:

[None Found]

UCC Filings: 

[None Found]

Possible Associates:  (Business)

Possible Relative Summary: 

>Immediate Relatives
>> 2nd Degree Relatives & AKAs on Immediate Relatives
>>> 3rd Degree Relatives & AKAs on 2nd Degree Relatives

(This section begins at the grandparents and continues through prior-divorce or death in-laws. Each item contains the person’s name, DOB, DOD, last known address/phone number and their 1st through 3rd degree relatives.  Then we run the subject through EVerify – subject matter for an upcoming article.)

END OF COMPREHENSIVE BACKGROUND CHECK REPORT. 

The above described background report is compiled from many diverse sources including, but not limited to,  governmental (federal, state and local) agencies (SSA, DMVs, DHS…),  consumer credit reporting companies and other reporting affiliates that may be indirectly or second/third-party affiliated to the subject (e.g., guarantor).  This is a low to average security level background check. There is additional research that occurs but the above sample report is representative of a first sweep on a background investigation.

Now we at least have a jumping off point to begin discussing enhanced background checks.  Debate away.

There is more to the above subject profiled than meets the eye.  All of the identifiers have been changed but this is a real background check – minus multiple pages of repetitive and unrelatable information.  Armando’s grandmother’s ex-and now dead- husband won’t make a difference. My point is that a comprehensive background check follows through very carefully and leaves enough markers for the reviewing investigator to pick up on if s/he decides there is reason to dig deeper.  I have trust that the security background search systems in place actually do work and have and will evolve as we meet new technological challenges for those wishing to circumvent their disqualifying past as it relates to gun purchases and in general.

Our operatives: Situationally aware.

As always, stay. safe.

What The Law Can and Can Not Do About Cyber Stalking, Part I

cyberstalker

 

(In Part I of the two-part series, What The Law Can and Can Not Do About Cyber Stalking, we define cyber-stalking; its meaning and statistics.  Part II will be a very specific checklist of what to do if you believe you are a victim of cyber stalking.)

If you’ve been online in a social media context, whether in a chat room, FB, Twitter, etc., for longer than several months, you’ve probably felt, to some degree,  that your privacy has been compromised.  For example and factually, in a general conversation on FB, I’ve been asked where I live, where I work, what type of car I drive and which schools do my kids attend.  In a face to face chat at a block party with your new neighbors, those questions are simply part of making conversation.  Online, however, these very same questions are creepy. And they should be!  You can vet your new neighbors through other neighbors, the postal carrier and by yourself visually by observing their comings and goings.  Obviously, you do not have access to that sort of information with strangers online.  However, we are all online trying to form, strengthen or preserve social connections and to do so, candid conversation is required.

The primary rule of online communication is “Use common sense”.  When my sister, Carmela, asks me what time I will be getting home from work today, I will respond factually.  “Bob from Oklahoma” (with whom I have three mutual friends, twice-removed) asking the same exact question receives no response.  But, in answering Mel,  I’ve already told Creepy Bob my schedule and he didn’t have to lift a finger to get the information.  Cyberstalkers often work through others, engaging in what appears to be casual conversation with the rest of the people on the same thread but the difference is that they are compiling information on their subject and believe that they are engaged in a one-on-one relationship with the subject.  In the past year alone, think of the hundreds or thousands of interactions you’ve had on Facebook with family members, real time friends and online connections.  Now try to remember all of the information contained within those conversations. Finally, imagine a cyberstalker having all of this information and s/he believes he is in a relationship (romantic, friendship, mentor/student, etc.) with you. Invariably, something will go “wrong” and in your stalker’s mind, you have turned against him so begins to harass you.  What can you do?  What are the rules with cyberstalking?  Who do you turn to to report what you believe  is harassing, or worse, threatening behavior?

What Is Cyberstalking?
At its most basic legal definition, “cyber-stalking is a repeated course of conduct that’s aimed at a person designed to cause emotional distress and fear of physical harm,” said Danielle Citron, a professor at the University of Maryland’s Francis King Carey School of Law. Citron is an expert in the area of cyber-stalking, and recently published the book called Hate Crimes in Cyberspace. Citron states that cyber-stalking can include threats of violence (often sexual), spreading lies asserted as facts (like a person has herpes, a criminal record, or is a sexual predator), posting sensitive information online (whether that’s nude or compromising photos or social security numbers), and technological attacks (falsely shutting down a person’s social-media account).

According to the United States Bureau of Justice Statistics’ Supplemental Victimization Survey (SVS), individuals are classified as stalking victims if they experienced at least one of these behaviors on at least two separate occasions. In addition, the individuals must have feared for their safety or that of a family member as a result of the course of conduct, or have experienced additional threatening behaviors that would cause a reasonable person to feel fear.

The SVS measured stalking behaviors as:

  • making unwanted phone calls
  • sending unsolicited or unwanted letters or e-mails
  • following or spying on the victim
  • showing up at places without a legitimate reason
  • waiting at places for the victim
  • leaving unwanted items, presents, or flowers
  • posting information or spreading rumors about the victim on the internet, in a public place, or by word of mouth.

Who Is Most Likely To Be CyberStalked?

Summary Findings by the USBJS:

  • During a 12-month period an estimated 14 in every 1,000 persons age 18 or older were victims of stalking
  • About half (46%) of stalking victims experienced at least one unwanted contact per week, and 11% of victims said they had been stalked for 5 years or more.
  • The risk of stalking victimization was highest for individuals who were divorced or separated—34 per 1,000 individuals.
  • Women were at greater risk than men for stalking victimization; however, women and men were equally likely to experience harassment.
  • Male (37%) and female (41%) stalking victimizations were equally likely to be reported to the police.
  • Approximately 1 in 4 stalking victims reported some form of cyberstalking such as e-mail (83%) or instant messaging (35%).
  • 46% of stalking victims felt fear of not knowing what would happen next.
  • Nearly 3 in 4 stalking victims knew their offender in some capacity.
  • More than half of stalking victims lost 5 or more days from work.

What Are the Anti-Stalking Laws?

All states have anti-harassment laws on the books but the law is still trying to catch up with technology in cases of cyber-stalking due to the new means of information transmission and the very public nature of social media postings. (For example, it is now generally accepted by all states prosecutors that, even with the subject’s initial agreement to pose naked, unauthorized distribution of nude photos are a form of harassment.)

WHO@ provides links to state-by-state current and pending cyberstalking-related laws.  WHO@, Working To Halt Abuse Online,  is an online organization who states its mission is, “to provide a variety of information and perspectives on the issue of online harassment, abuse and cyberstalking.  Education, information and communication are the keys to solving the complex problems of harassment and abuse online.”

By way of example. the below information on harassment, to include cyber-stalking, is available via click-through on their site.  NEW YORK: 

§240.30 Aggravated harassment in the second degree.
A person is guilty of aggravated harassment in the second degree when, with intent to harass, annoy, threaten or alarm another person, he or she:
1. Either
(a) communicates with a person, anonymously or otherwise, by telephone, by telegraph, or by mail, or by transmitting or delivering any other form of written communication, in a manner likely to cause annoyance or alarm; or
(b) causes a communication to be initiated by mechanical or electronic means or otherwise with a person, anonymously or otherwise, by telephone, by telegraph, or by mail, or by transmitting or delivering any other form of written communication, in a manner likely to cause annoyance or alarm; or
2. Makes a telephone call, whether or not a conversation ensues, with no purpose of legitimate communication; or
3. Strikes, shoves, kicks, or otherwise subjects another person to physical contact, or attempts or threatens to do the same because of a belief or perception regarding such person’s race, color, national origin, ancestry, gender, religion, religious practice, age, disability or sexual orientation, regardless of whether the belief or perception is correct; or
4. Commits the crime of harassment in the first degree and has previously been convicted of the crime of harassment in the first degree as defined by section 240.25 of this article within the preceding ten years.
5. For the purposes of subdivision one of this section, “form of written communication” shall include, but not be limited to, a recording as defined in subdivision six of section 275.00 of this part.
Aggravated harassment in the second degree is a class A misdemeanor.

Next week, we will publish Part II of this series, bringing to you a checklist, complied by seasoned law enforcement detectives, on what to do if you are the victim of a cyber-stalker.  However, if you feel you are in any danger, call 911 ASAP.   An ounce of being overly-cautious is a much better value than a lifetime of regret.

Bottom line: Trust your instincts – especially online.  These people are virtual and virtually, strangers!

BNI Operatives: Situationally aware.

As always, stay safe.

The Three Biggest Security Threats We Face In 2016

hacker

 

Welcome, 2016 and here come the security threats!

Extortion Hacks

2014 brought us the Sony hack wherein millions of confidential records, including internal emails between corporate executives – that revealed the still-thriving prejudices that exist in Hollywood  – were illegal, electronically obtained and released to the public.  Because they (the hackers) could.

2015 progressed to extortion hacks; nimble-fingered computer criminals accessed private client information from Ashley Madison hack, taking down a CEO and exposed possibly millions of would-be cheaters to public ridicule and worse; and then the hack of InvestBank in the United Arab Emirates, which resulted in the exposure of customer account information.

Extortion hacks play to the deepest fears of companies and top executives everywhere.  If mishandled, company secrets run the risk of exposure, clients can file lawsuits and these very executives stand to lose their jobs. 2016 will see a massive rise in extortion hacks with astronomical demands.

 

Data Change/Manipulation Attacks

From Wired:

In testimony this year, James Clapper, the director of national intelligence, told Congress that cyber operations that change or manipulate digital data in order to compromise its integrity—instead of deleting or releasing stolen data—is our next nightmare. Mike Rogers, head of the NSA and US Cyber Command said the same thing. “At the moment, most [of the serious hacks] has been theft,” Rogers said. “But what if someone gets in the system and starts manipulating and changing data, to the point where now as an operator, you no longer believe what you’re seeing in your system?”

Data sabotage can be much more difficult to detect than the kind of physical destruction caused by Stuxnet. That’s because data alterations can be so slight yet have enormous consequences and implications. Anyone remember the Lotus 1-2-3 bug back in the 90s that would produce accounting miscalculations in spreadsheets under certain conditions? That was an unintentional error. But attackers could get into financial and stock-trading systems to alter data and force stock prices to rise or fall, depending on their aim.

Certain types of data manipulation could even result in deaths. In 1991 a Patriot missile in Saudi Arabia during the first Gulf War failed to intercept an incoming Scud missile due to a software glitch in the weapon’s control computer, allowing the Scud to hit an Army barracks and kill 28 soldiers. Again, this was an unintentional bug. But Chinese spies have invaded numerous US defense contractor networks in the last decade, raising concern among US military officials that they’re not just stealing blueprints to copy weapons, but might also alter or insert code to sabotage the integrity of weapons systems and change how they operate.

 

Chip and Pin Credit Card Hacks

From Tripwire:

Over the course of the last decade, major credit card companies have begun to implement EMV or “chip and pin” technology. This system requires that a card reader retrieve the customer’s information off of their card’s magnetized chip, which is followed by the cardholder entering in their PIN number.

As a result, chip and pin essentially constitutes a method of two-factor authentication (2FA) for payment card purchases. It is an added security measure that is designed to prevent credit card fraud if a card is physically stolen, so it is natural that VISA, Mastercard and others would switch to EMV technology – even despite the fact that many companies were just recently unprepared for the transition.

I just received my credit and bank EMV-embedded cards.  As the Tripwire article mentions, many merchants are still unprepared to process these cards but that’s the least of worries.  Given that 69% of most purchases utilizing these cards now occur online, the one-time code per transaction is irrelevant as neither the card or a PIN is required for online purchases.  So we are back to cyber criminals simply stealing the card numbers.

The good news is that law enforcement agencies are hiring in record numbers those with anti-hacking experience!

Be smart:  buy via trusted online vendors or use secure purchase transaction portals such as PayPal.

BNI Operatives: Situationally aware.

As always, stay safe.

 

Electronic Crime Scene Investigations; Evidence Collection. II/II

In Part I of our two-part Electronic Crime Scene Investigations series, we covered recognizing and securing an electronic crime scene.  In this post, we delve into the actual investigation itself.

First and foremost, now that you have identified and isolated all persons with access from the crime scene, please ensure that they provide your investigator with a release similar to the below.  (Please check with your local law enforcement on particular jurisdictional guidelines.)

CONSENT TO SEARCH ELECTRONIC MEDIA AND CLOUD STORAGE
I, __________________, hereby authorize __________________, who has identified himself / herself as an investigator lawfully engaged by _____________________, and any other person(s), including but not limited to a computer forensic examiner, he / she may designate to assist him / her, to remove, take possession of and / or conduct a complete search of the following: computer systems, electronic data storage devices, computer data storage diskettes, DVDs, or any other electronic equipment capable of storing, retrieving, processing and / or accessing data and any and all cloud storage accounts that may contain any company information, files and references.
The aforementioned equipment and storage will be subject to data duplication / imaging and a forensic analysis for any data pertinent to the incident / criminal investigation.
I give this consent to search freely and voluntarily without fear, threat, coercion or promises of any kind and with full knowledge of my constitutional right to refuse to give my consent for the removal and / or search of the aforementioned equipment /data, which I hereby waive. I am also aware that if I wish to exercise this right of refusal at any time during the seizure and or search of the equipment / data, it will be respected.

This consent to search is given by me this ________ day of, __________________
20__________, at ____________ am / pm.

Location items taken from: ____________________________________________
Consenter Signature: ________________________________________________
Witness Signature: _________________________________________________
Witness Signature: _________________________________________________

Evidence Collection
Handling digital evidence correctly is essential to preserving the integrity of the physical device as well as the information or data it contains. Turning off the power to a computer or other electronic device may cause the information or data stored on it to be damaged or lost.
If you are not trained in handling digital evidence —
• Do not attempt to explore the contents of a computer or other electronic device or to
recover information from it.
• Do not alter the state of a computer or other electronic device.
• Do not press any keys or click the mouse.
• If the computer or device is off, leave it off.
• Do not move a computer or other electronic device that is powered on.
• Do not accept offers of help or technical assistance from unauthorized persons.
• DO request technical assistance from personnel with advanced equipment and training in digital evidence collection.  See http://www.ecpi-us.org/Technicalresources.html for a list of available resources.

Assess the Situation

Before caputring digital evidence, make sure you have the legal authority to do so. Improper access to information or data stored on electronic devices may violate provisions of various local, sate and federal laws.

After securing the scene and identifying the computer’s power status, follow the steps listed below for the situation most like your own. (If the final suggestion in each situation is “Proceed to If Computer Is On” or “Proceed to If Computer Is Off.”, those two sections are posted on the bottom on this article.)

Situation 1: Monitor is on. Program, application, work product, picture, e-mail or Internet site is displayed.

1. Photograph screen and record information displayed.
2. Proceed to “If the Computer Is ON”

Situation 2: Monitor is on. Screen saver or picture is visible.
1. Move mouse slightly without depressing buttons or rotating wheel if present.
2. Note any onscreen activity that causes a change in the display.
3. Photograph screen and record information displayed.
4. Proceed to “If the Computer Is ON”

Situation 3: Monitor is on. Display is blank.
1. Move mouse slightly without depressing buttons or rotating wheel if present.
2. Display changes to login screen, work product, or other visible display.
3. Note change in display.
4. Photograph screen and record information displayed.
5. Proceed to “If the Computer Is ON”

Situation 4a: Monitor is off. Display is blank.
1. If monitor’s power switch is in off position, turn monitor on.
2. Display changes to a login screen, work product or other visible display.
3. Note change in the display.
4. Photograph screen and record information displayed.
5. Proceed to “If the Computer Is ON”

Situation 4b: Monitor is off. Display is blank.
1. If monitor’s power switch is in off position, turn monitor on.
2. Display does not change. Screen remains blank.
3. Note that the display does not change.
4. Photograph blank screen.
5. Proceed to “If the Computer Is OFF”.

Situation 5: Monitor is on. Display is blank.
1. Move mouse slightly without depressing any buttons or rotating the wheel if present.
2. If display does not change, confirm that power is supplied to the monitor.
3. If display remains blank, check computer case for active lights and listen for fans spinning or other indications computer is on.
4. If computer case gives no indication that it is powered on, proceed to “If the Computer Is OFF”.

================================

If the Computer Is OFF
For desktop, tower and minicomputers follow these steps:
1. Document, photograph, and sketch all wires, cables, and devices connected to the computer.
2. Uniquely label and photograph the power supply cord and all cables, wires or USB drives attached to the computer and the connection each of these occupies on the computer.
3. Remove and secure the power supply cord from the back of the computer and from the wall outlet, power strip or battery backup device.
4. Disconnect and secure all cables, wires and USB drives from the computer and document the device or equipment connected at the opposite end.
5. Place tape over the floppy disk slot if present. Ensure that the CD or DVD drive trays are retracted into place and tape across the drive tray to prevent it from opening.
6. Place tape over the power switch.
7. Record the make, model, serial numbers and any user-applied markings or identifiers.
8. Record or log computer and all cords, cables, wires, devices and components according to agency procedures.
9. Carefully package all evidence collected to prevent damage or alteration during transportation and storage.

For laptop computers follow these steps:
1. Document, photograph and sketch all wires, cables and devices connected to the laptop.
2. Uniquely label and photograph all wires, cables and devices connected to the laptop and the connection each occupies.
3. Remove and secure the power supply and all batteries from the laptop computer.
4. Disconnect and secure all cables, wires, and USB drives from the laptop and document the equipment or device connected at the opposite end.
5. Place tape over the floppy disk slot if present. Ensure that the CD or DVD drive trays are retracted into place and tape across the drive tray to prevent it from opening.
6. Place tape over the power switch.
7. Record the make, model, serial numbers and any user-applied markings or identifiers.
8. Record or log the laptop computer and all cords, cables, wires, devices and components according to agency procedures.
9. Carefully package all evidence collected to prevent damage or alteration during transportation and storage.

If the Computer Is ON
Removing the power supply is generally the safest option. If evidence of a crime is visible on the computer display, however, request assistance from personnel with experience in volatile data capture and preservation.

Immediate disconnection of power is recommended when —
• Information or activity on screen indicates that information or data is being deleted or overwritten.
• A destructive process appears to be in progress on the computer’s data storage device(s).
• The system is powered on in a typical Microsoft Windows® environment. Pulling the power supply cord from the back of the computer will preserve information about the last user account logged in, login time, most recently used documents, most
recently used commands, and other valuable information.

Immediate disconnection of power is NOT recommended when —
• Information or data of apparent evidentiary value is in plain view onscreen. Seek assistance from personnel with advanced training in digital evidence collection.
• Indications exist that any of the following are active or in use: Chat room(s), text documents, remote data storage, Instant Messaging (IM), child pornography, contraband, financial documents, data encryption and obvious illegal activities.
• The device is a mobile or smart phone. Leave mobile and smart phones in the power state in which they were found.

Improper shutdown of mainframe computers, servers or a group of networked computers may result in the loss of data, loss of evidence and potential civil liability. Secure the scene and request assistance from personnel with advanced training in digital evidence collection of large or complex computer systems.

(We suggest you print Parts I and II of this series into a manual format.)

BNI Operatives: Street smart; info savvy.

As always, stay safe.

Identifying and Reporting Cyber Harassment

(We’re wrapped up in several serious cyber harassment cases at the moment and are sharing several tips on how to handle these type situations that cross over into criminality.  All too frequently we feel our hands are tied in trying to protect ourselves, our businesses and families from this type of harassment but in reality, the reporting protocol for these type incidents already exists.  Below is information on how to report cyber harassment.)

Cyber harassment refers to the malicious use of technology to willfully and deliberately harass or harm another individual or entity.  Cyber harassment can qualify as a federal crime.  Undoubtedly though, it is a scary experience for the victim. If you are in fear of imminent danger to your welfare or that of  others,  call 911 immediately to report the harassment.

Instructions  

1.  Determine whether you are the victim of cyber harassment. The lines between genuine cyber harassment and general nuisance are blurry, so it can be difficult to substantiate a claim of Internet harassment. If someone is threatening you with violence and you genuinely fear for your safety and well-being, you might meet the criteria of being a victim. It is important to note that hacking, cyber spying and cyber stalking are not forms of Internet harassment. The first two are not necessarily criminal activities, depending on the nature of the offender’s behavior, and the latter is a separate crime, which should be reported and addressed differently than cyber harassment, defined by the Federal Anti-Cyber-Stalking Act.

2.  Do what you can to reduce or prevent further Internet harassment from occurring. This includes changing your email address, screen names and member names for instant messaging programs and social networking websites; applying private settings to your profiles and websites that currently are public; and ceasing all contact with the person who is harassing you. You must demonstrate that you have taken steps to stop the person from harassing you. If you communicate continuously with the individual who is harassing you, your chances of  being able to report and stop Internet harassment will drop significantly.

3.  Gather as much information as you can about the individual harassing you. This can prove to be quite difficult given the anonymous nature of the Internet, but technology allows law enforcement to track down anonymous harassers by using multiple methods. Develop a log that includes email addresses, screen names, and website and social networking profile URLs that belong to the person/people harassing you. Save and print emails and conversations, create “screen grabs” or screenshots of websites or profiles with threatening or malicious content, and keep track of the offender’s every attempt to contact you. A detailed log containing dates, times and places will help you immensely when you report cyber harassment. If possible, also try to locate and write down the offender’s Internet Protocol (IP) address.

4.  Contact your local law enforcement agency and ask to report cyber harassment. Use the police department’s non-emergency (administrative) telephone number or visit in person to make your report. Be prepared to provide information you have detailed in your log.   If you know the offender’s (even general) location, you can contact his local police department or file a report with both precincts. Be sure to get a copy of any police report you file.

5.  Contact your local FBI field office if your local police department is unable to or uninterested in pursuing your report. You can locate your local office using the FBI’s field office locator online, or ask you local police department for the information. Always attempt to make a report with your local police department before contacting the FBI, unless you have reason to believe the harassment is terroristic in nature,  (e.g., the offender is threatening to plant a bomb or commit a school shooting).

6.  Contact a cyber harassment watch group for more assistance. While your matter is under investigation, you can contact an organization such as WiredSafety for further assistance and general support. Note that this type organization is not a governmental or law enforcement agency and you should not rely on these private groups as an alternative to law enforcement authorities.

As always, stay safe.

%d bloggers like this: