Anatomy of a Background Check; Information In An Initial Sweep.

background-check-2

With a fairly healthy dose of humor and an equal measure of alarm, I’ve listened, read, heard,  have been Tweeted, Facebooked and Tumblred to by representatives on all sides of the “gun control” (the gun has control – it is immobile and its product possesses kinetic energy only when put in motion) issue.  Almost all parties agree that an enhanced background check should be required for persons wishing to purchase firearms. That’s a throwaway sentiment.   How many people, besides those that have already been through a gun purchase background check, actually understand the process and the information contained in such a search?

We conduct background searches daily; the majority are on domestic subjects, and we also provide international services.  Our clients request background searches for a multitude of reasons ranging from pre-employment prerequisites, (I’ll get into the government-mandated employment eligibility program, EVerify, in another article. Althoug,h if you search the archives, I’ve already posted several on the matter.), to hiring a nanny to personal  financial stability of potential business partners. (We do not conduct background checks for purposes of investigating a potential personal partner, locating mistresses or suitability of a date.)

To follow is the bare bones information contained within a comprehensive check (the minimum required to possess a firearm, aside from the NCIC fingerprint and DNA checks):

COMPREHENSIVE BACKGROUND CHECK

DOE, ARMANDO J.

Subject Information:

Name: ARMANDO J. DOE

DOB: 5/20/1979

Age: 33

SSN: 123-45-6789 issued in New York between 5/20/1979 and 12/31/1979

Names Associated With Subject:

ARMAN DOE

ARMAND J. DOE

J. ARMANDO DOE

ARMAND JOHN DOE

A.J. DOE

Others Associated With Subjects SSN:

(DOES NOT indicate any type of fraud or deception)

THOMAS ROBERTSON DOB: 4/9/1967

================================================================

Address History:

135-23 122nd  ST, SOUTH OZONE PARK, NY 11420-2742                      (Jan 2011 – Dec 2012)

14-01 121st , COLLEGE POINT, NY 11356-3765                                          (Aug 2010 – Jan 2011)

P.O. BOX 5106, COLLEGE POINT, NY 11356-5106                                      (June 2007 – Dec 2012)

149-21 71ST ST, COLLEGE POINT, NY 11563-9823                                    (Feb 2003 – Nov 2008)

7 SUMMIT STREET, MALBA, NY , 11357-3476                                            (June 1990 – Mar 2006)

Information on Affiliated Addresses:

135-23 122nd  ST, SOUTH OZONE PARK, NY 11420-2742                      (Jan 2011 – Dec 2012)

Name Associated with Address:

ARMANDO J. DOE

Current Residents at Address:

ARMANDO J. DOE

DINA C. DOE

SARA DOE

718-555-1234   ARMANDO DOE

Property Ownership Information for this Address

Property:

Parcel Number – 50-40-21-09-1001

Book – 4761

Page – 1243

Owner Name:  SMITH, HERMAN

Owner Name 2: SMITH, ANNA LIA

Property Address: – 135-23 122nd  ST, SOUTH OZONE PARK, NY 11420-2742

Owner Address: 13247 SW 43RD ST,  PLANTATION,  FL 33309-2742

Sale Date – 02/03/2011

Sale Price – $320,000

Land Usage – MUTLI RES

Total Market Value – $438,850

Assessed Value – $438,850

Land Value – $100,950

Improvement Value – $118,010

Land Size – 16,789 Square Feet

Year Built – 2000

Seller Name: RIVINGTON, IAN & JANICE

Legal Description –  182-2400 B LOT 270

135-23 122nd  ST, SOUTH OZONE PARK, NY 11420-2742                      (Jan 2011 – Dec 2012)

Possible Properties Owned by Subject: 

Property: None found.

(THE REPORT CONTINUES LISTING ALL OF THE ABOVE INFORMATION – owner, owner address, sale date… – FOR EVERY ADDRESS ON RECORD FOR THE SUBJECT.)

Emails Associated W Subject:

AJDOE520@FLASH.NET

ARMANDOJD520@GMAIL.COM

ARMANDOJD05@HOTMAIL.COM

Phones Associated W Subject:

Name: ARMANDO DOE

Address: SOUTH OZONE PARK, NY 11420

Phone Number:  718-555-1234

Phone Type:  Landline

Carrier:  Verizon

Name: DINA C. DOE

Address: 135-23 122nd  ST, SOUTH OZONE PARK, NY 11420-2742

Phone Number:  347-555-9518

Phone Type:  Mobile

Carrier:  VERIZON WIRELESS

Criminal Record Profile:

 National Criminal Record Search (Felonies & Major Misdemeanors):

       New York Arrest Report:

              Name: DOE, ARMANDO J.

              SSN: 123-45-6789

              Address: 135-23 122nd  ST, SOUTH OZONE PARK, NY 

              State of Origin: New York

              County of Origin: Queens

              Case Type Description: Queens County(NY)Arrest

              Arrests: 

Arrest #1

Arrest Date: 09/21/2010

Arresting Agency:  109, NYPD

Arrest Disposition Date:06/29/2012

Court Fine:          Offense: INTENT DIST/2Nd

Agency Case #:2011-675835G

Arrest Level/Degree: FELONY

Arrest Disposition: BOOKED


(The arrest will undoubtedly carry several charges.  Possession, attempt to distribute, resisting arrest, etc.  Each arrest charge will be separately defined – from charge to disposition.)

       New York Department of Corrections:

              Name: ARMANDO J. DOE

              SSN: 123-45-6789

              State of Origin: NY

              Inmate Number: 137869

              DOB: 05/20/1979

              Race: WHITE

              Sex: Male

              Eyes: GREEN

              Height: 6′ 00″

              Weight: 205

              Case Number: 0529234

              Case Type Description: Department Of Correction, NY

              Latest Admission Date: 09/21/2010    

State Criminal Record Search (Felonies & Major Misdemeanors):

(Repeats the Nationwide Search and may include ACDs – Adjournment in Contemplation of Dismissal. In an ACD situation, the offender is on a conditional probation period of anywhere from six months to several years, depending on his/her criminal history.  If the person re-offends for any reason during this adjournment period, s/he can be re-arrested.  The follow up information will include every possible detail from co-defendant(s), arresting officers to court transciptionists to defense counsel/prosecutors to the presiding judges and every motion made on the case.  Per the number of arrests, this portion of a background check can run anywhere from several dozen to several hundred pages.)

Driver’s License Information: 

(Current)

Name:           ARMANDO J. DOE

State: New York

License Address: 135-23 122nd  ST, SOUTH OZONE PARK, NY 11420-2742

DOB: 05/20/1979

SSN : 123-45-6789

Gender: Male

Ethnicity: WHITE

Expiration Date: 05/20/2016

Issue Date: 03/13/2006

License Type: RENEWAL

License Class: Non-Commercial – Class D

Height: 6’00

Data Source: Governmental

(Previous)

Motor Vehicles Registered To Subject:

Vehicle:

Description: Blue 2001 Nissan Sentra – 4dr Sedan

VIN: 5NING01C8ST000001
Engine: 4 Cylinder 152 Cubic Inch — Gas Powered               State Of Origin: Pennsylvania

Anti Lock Brakes: 4 wheel standard

Air Conditioning: Standard

Daytime Running Lights: Standard

Power Steering: Standard

Power Brakes: Standard

Power Windows: Standard

Security System:  Standard Alarm

Roof: Standard

Price: 16750

Radio: AM/FM CD

Front Wheel Drive: No

Four Wheel Drive: No

Tilt Wheel: Standard

Registrant(s)

Record Type: CURRENT

Name: ARMANDO J. DOE

Address: 135-23 122nd  ST, SOUTH OZONE PARK, NY 11420-2742

DOB: 5/20/1979

Sex: Male

Age: 33

Tag Number: CFD9524

License State: NY

Earliest Registration Date: 6/12/2012

Latest Registration Date: 6/12/2012

Expiration Date: 6/11/2013

License Plate Type: Private

Title Number: 0219856887

Title Issue Date: 6/12/2012

Lien Holder(s)

Company Name: CHASE MANH

Address: 150 PARK PLACE, 23RD FLOOR, NEW YORK, NY 10019

 (Report includes every vehicle ever owned or registered by the subject and all associated tags.)

Concealed Weapons Permit:  (This will include target permits.)

[None Found]

Possible or Previous Work Affiliations:

Name: ARMANDO J. DOE

Title: Manager

SSN: 123-45-6789

Company: ABCDE, LLC.

Address: 158-09 Northern Boulevard, Little Neck, NY  11363-4857

Dates: Dec 21, 2005

Corporate Affiliations:

[None Found]

Professional License(s): 

[None Found]

 FAA Certifications: 

[None Found]

FAA Aircrafts: 

[None Found]

Watercraft: 

[None Found]

Voter Registration:  

Name: ARMANDO J. DOE

Address: 135-23 122nd  ST, SOUTH OZONE PARK, NY 11420-2742

DOB: 5/20/1979

Gender: Male

Ethnicity: White

Political Party: UNDECLARED

State of Registration: New York

Status: ACTIVE

Hunting/Fishing Permit: 

[None Found]

Bankruptcies:

[None Found]

 Liens and Judgments:

[None Found]

UCC Filings: 

[None Found]

Possible Associates:  (Business)

Possible Relative Summary: 

>Immediate Relatives
>> 2nd Degree Relatives & AKAs on Immediate Relatives
>>> 3rd Degree Relatives & AKAs on 2nd Degree Relatives

(This section begins at the grandparents and continues through prior-divorce or death in-laws. Each item contains the person’s name, DOB, DOD, last known address/phone number and their 1st through 3rd degree relatives.  Then we run the subject through EVerify – subject matter for an upcoming article.)

END OF COMPREHENSIVE BACKGROUND CHECK REPORT. 

The above described background report is compiled from many diverse sources including, but not limited to,  governmental (federal, state and local) agencies (SSA, DMVs, DHS…),  consumer credit reporting companies and other reporting affiliates that may be indirectly or second/third-party affiliated to the subject (e.g., guarantor).  This is a low to average security level background check. There is additional research that occurs but the above sample report is representative of a first sweep on a background investigation.

Now we at least have a jumping off point to begin discussing enhanced background checks.  Debate away.

There is more to the above subject profiled than meets the eye.  All of the identifiers have been changed but this is a real background check – minus multiple pages of repetitive and unrelatable information.  Armando’s grandmother’s ex-and now dead- husband won’t make a difference. My point is that a comprehensive background check follows through very carefully and leaves enough markers for the reviewing investigator to pick up on if s/he decides there is reason to dig deeper.  I have trust that the security background search systems in place actually do work and have and will evolve as we meet new technological challenges for those wishing to circumvent their disqualifying past as it relates to gun purchases and in general.

Our operatives: Situationally aware.

As always, stay. safe.

Situations and Professions at High Risk for Covert Surveillance.

This week we explore the situations and people  most likely to be covertly surveilled.  At the end of this article, we list the FBI‘s top professions most likely to encounter bugging situations.

Given the proliferation and ease of use now of “bugging” devices, the probability of being secretly recorded is higher than ever.   So under what circumstances and which professions are most likely to get bugged?

In Business

– Companies that have publicly traded stock (even more at risk, those about to IPO)

– Corporate entities experiencing labor problems, union activities or are in negotiation situations.

– Companies involved in any type of litigation or lawsuit.

– Businesses anticipating layoffs

– Companies involved in the fashion, automotive, advertising or marketing industries.

While anyone can be the target of covert eavesdropping, some people are at a higher risk than others because of financial status, occupation, legal or domestic situation.  These targets may include:

– Spouses involved in a divorce, child custody case or other serious financial situation.

– Teen drivers and kids (by their parents/guardians)

– Professors (by their students)

– Business people among themselves (intra/extra-company)

– Claimants by insurance companies

– Clients by salespeople

This list goes on ad infinitum, so when should you be seriously concerned?

You (and or someone close to you) is or have been:

– Involved in any type of litigation or lawsuit

– Been questioned or arrested by the police

– In the process of getting married, divorced, separated or recently widowed

– Running for any type of elected public office

– Recently filed an insurance claim

– Are an executive or scientist at any large company

– Engaged in political demonstrations or activism

– Are in the upper income brackets

Extreme High Risk Businesses  (info provided by the FBI):

Materials:

  • Materials synthesis and processing
  • Electronic and photonic materials
  • Ceramics
  • Composites
  • High-performance metals and alloys

Manufacturing:

  • Flexible computer-integrated manufacturing
  • Intelligence processing equipment
  • Micro- and nano-fabrication
  • Systems management technologies

Information and Communications:

  • Software
  • Micro and optoelectronics
  • High-performance computing and networking
  • High-definition imaging and displays
  • Sensors and signal processing
  • Data storage and peripherals
  • Computer simulation and modeling

Biotechnology and Life Sciences:

  • Applied molecular biology
  • Computational Chemistry
  • Medical technology

Transportation:

  • Aeronautics
  • Surface transportation technologies

Energy and enviroment:

  • Energy technologies
  • Pollution minimization, remediation and waste management

Finally, we look at those professions that are particularly target for covert surveillance.

High Threat Occupations (again, according to the FBI):

– Attorney

– Doctor

– Chiropractor

– Dentist

– Architect

– Police Officer

– Court Clerk

– Judge

– Elected official

– Mayor

– Selectman

– School Principal

– Professor

– Product Engineer

– Software Developer

– Executive/Scientist at a large development company

– Employees at defense contracting companies

– Ministers and other religious leaders

– Corporate Buyer or Purchasing Agent

– Labor or Union Official

– Fashion employees

– Advertising personnel

– Personnel managers

Paranoia is unnecessary; vigilance required.

BNI Operatives; Situationally aware.

As always, stay safe.

Electronic Crime Scene Investigations; Evidence Collection. II/II

In Part I of our two-part Electronic Crime Scene Investigations series, we covered recognizing and securing an electronic crime scene.  In this post, we delve into the actual investigation itself.

First and foremost, now that you have identified and isolated all persons with access from the crime scene, please ensure that they provide your investigator with a release similar to the below.  (Please check with your local law enforcement on particular jurisdictional guidelines.)

CONSENT TO SEARCH ELECTRONIC MEDIA AND CLOUD STORAGE
I, __________________, hereby authorize __________________, who has identified himself / herself as an investigator lawfully engaged by _____________________, and any other person(s), including but not limited to a computer forensic examiner, he / she may designate to assist him / her, to remove, take possession of and / or conduct a complete search of the following: computer systems, electronic data storage devices, computer data storage diskettes, DVDs, or any other electronic equipment capable of storing, retrieving, processing and / or accessing data and any and all cloud storage accounts that may contain any company information, files and references.
The aforementioned equipment and storage will be subject to data duplication / imaging and a forensic analysis for any data pertinent to the incident / criminal investigation.
I give this consent to search freely and voluntarily without fear, threat, coercion or promises of any kind and with full knowledge of my constitutional right to refuse to give my consent for the removal and / or search of the aforementioned equipment /data, which I hereby waive. I am also aware that if I wish to exercise this right of refusal at any time during the seizure and or search of the equipment / data, it will be respected.

This consent to search is given by me this ________ day of, __________________
20__________, at ____________ am / pm.

Location items taken from: ____________________________________________
Consenter Signature: ________________________________________________
Witness Signature: _________________________________________________
Witness Signature: _________________________________________________

Evidence Collection
Handling digital evidence correctly is essential to preserving the integrity of the physical device as well as the information or data it contains. Turning off the power to a computer or other electronic device may cause the information or data stored on it to be damaged or lost.
If you are not trained in handling digital evidence —
• Do not attempt to explore the contents of a computer or other electronic device or to
recover information from it.
• Do not alter the state of a computer or other electronic device.
• Do not press any keys or click the mouse.
• If the computer or device is off, leave it off.
• Do not move a computer or other electronic device that is powered on.
• Do not accept offers of help or technical assistance from unauthorized persons.
• DO request technical assistance from personnel with advanced equipment and training in digital evidence collection.  See http://www.ecpi-us.org/Technicalresources.html for a list of available resources.

Assess the Situation

Before caputring digital evidence, make sure you have the legal authority to do so. Improper access to information or data stored on electronic devices may violate provisions of various local, sate and federal laws.

After securing the scene and identifying the computer’s power status, follow the steps listed below for the situation most like your own. (If the final suggestion in each situation is “Proceed to If Computer Is On” or “Proceed to If Computer Is Off.”, those two sections are posted on the bottom on this article.)

Situation 1: Monitor is on. Program, application, work product, picture, e-mail or Internet site is displayed.

1. Photograph screen and record information displayed.
2. Proceed to “If the Computer Is ON”

Situation 2: Monitor is on. Screen saver or picture is visible.
1. Move mouse slightly without depressing buttons or rotating wheel if present.
2. Note any onscreen activity that causes a change in the display.
3. Photograph screen and record information displayed.
4. Proceed to “If the Computer Is ON”

Situation 3: Monitor is on. Display is blank.
1. Move mouse slightly without depressing buttons or rotating wheel if present.
2. Display changes to login screen, work product, or other visible display.
3. Note change in display.
4. Photograph screen and record information displayed.
5. Proceed to “If the Computer Is ON”

Situation 4a: Monitor is off. Display is blank.
1. If monitor’s power switch is in off position, turn monitor on.
2. Display changes to a login screen, work product or other visible display.
3. Note change in the display.
4. Photograph screen and record information displayed.
5. Proceed to “If the Computer Is ON”

Situation 4b: Monitor is off. Display is blank.
1. If monitor’s power switch is in off position, turn monitor on.
2. Display does not change. Screen remains blank.
3. Note that the display does not change.
4. Photograph blank screen.
5. Proceed to “If the Computer Is OFF”.

Situation 5: Monitor is on. Display is blank.
1. Move mouse slightly without depressing any buttons or rotating the wheel if present.
2. If display does not change, confirm that power is supplied to the monitor.
3. If display remains blank, check computer case for active lights and listen for fans spinning or other indications computer is on.
4. If computer case gives no indication that it is powered on, proceed to “If the Computer Is OFF”.

================================

If the Computer Is OFF
For desktop, tower and minicomputers follow these steps:
1. Document, photograph, and sketch all wires, cables, and devices connected to the computer.
2. Uniquely label and photograph the power supply cord and all cables, wires or USB drives attached to the computer and the connection each of these occupies on the computer.
3. Remove and secure the power supply cord from the back of the computer and from the wall outlet, power strip or battery backup device.
4. Disconnect and secure all cables, wires and USB drives from the computer and document the device or equipment connected at the opposite end.
5. Place tape over the floppy disk slot if present. Ensure that the CD or DVD drive trays are retracted into place and tape across the drive tray to prevent it from opening.
6. Place tape over the power switch.
7. Record the make, model, serial numbers and any user-applied markings or identifiers.
8. Record or log computer and all cords, cables, wires, devices and components according to agency procedures.
9. Carefully package all evidence collected to prevent damage or alteration during transportation and storage.

For laptop computers follow these steps:
1. Document, photograph and sketch all wires, cables and devices connected to the laptop.
2. Uniquely label and photograph all wires, cables and devices connected to the laptop and the connection each occupies.
3. Remove and secure the power supply and all batteries from the laptop computer.
4. Disconnect and secure all cables, wires, and USB drives from the laptop and document the equipment or device connected at the opposite end.
5. Place tape over the floppy disk slot if present. Ensure that the CD or DVD drive trays are retracted into place and tape across the drive tray to prevent it from opening.
6. Place tape over the power switch.
7. Record the make, model, serial numbers and any user-applied markings or identifiers.
8. Record or log the laptop computer and all cords, cables, wires, devices and components according to agency procedures.
9. Carefully package all evidence collected to prevent damage or alteration during transportation and storage.

If the Computer Is ON
Removing the power supply is generally the safest option. If evidence of a crime is visible on the computer display, however, request assistance from personnel with experience in volatile data capture and preservation.

Immediate disconnection of power is recommended when —
• Information or activity on screen indicates that information or data is being deleted or overwritten.
• A destructive process appears to be in progress on the computer’s data storage device(s).
• The system is powered on in a typical Microsoft Windows® environment. Pulling the power supply cord from the back of the computer will preserve information about the last user account logged in, login time, most recently used documents, most
recently used commands, and other valuable information.

Immediate disconnection of power is NOT recommended when —
• Information or data of apparent evidentiary value is in plain view onscreen. Seek assistance from personnel with advanced training in digital evidence collection.
• Indications exist that any of the following are active or in use: Chat room(s), text documents, remote data storage, Instant Messaging (IM), child pornography, contraband, financial documents, data encryption and obvious illegal activities.
• The device is a mobile or smart phone. Leave mobile and smart phones in the power state in which they were found.

Improper shutdown of mainframe computers, servers or a group of networked computers may result in the loss of data, loss of evidence and potential civil liability. Secure the scene and request assistance from personnel with advanced training in digital evidence collection of large or complex computer systems.

(We suggest you print Parts I and II of this series into a manual format.)

BNI Operatives: Street smart; info savvy.

As always, stay safe.