• Categories

  • Archives

  • Pages

  • Who. What.

    For the trial law and legal community from a private investigator's perspective. The Beacon Bulletin is the weekly newsletter authored and published by our parent company, Beacon Network Investigations, LLC (BNI). We're a private investigation company. We DON'T dispense legal advice, respond to anonymous queries or black hat your enemies for you. (Internally, however, points are alloted for perfectly wordsmithed compliments.) We DO hope to inform. That's our business.
  • August 2019
    M T W T F S S
    « Jul    
     1234
    567891011
    12131415161718
    19202122232425
    262728293031  
  • Recent Posts

Uncovering the Bullies: Monitoring Your Child’s Cell Phone

It is rare that we release information that can be used in a negative manner but our concern over the sharp rise of child suicides – often due to bullying –  has caused us to take this unusual step to inform those who need to know: how to monitor their child’s cell phone.  (For those who choose to use this information for nefarious purposes – don’t be a jackass. That you need to rely on this article to spy on someone proves that you are clueless. You will be caught – your spying activity on others, without their express permission, is illegal.)

mSpy (Spy App for iPhone)

mSpy is very easy to use. All you have to do is install the mSpy app on the target phone and then activate it using your license code. Once that’s done, you’ll be able to monitor the phone’s activity remotely through the mSpy online portal.

Once mSpy is activated, you can log in to the online portal to access information collected from the target phone such as messages (texts, WhatsApp and other messaging apps), phone calls, browsing history, and GPS location. mSpy is easy to use but also has many advanced features including social media monitoring, keylogger, no-jailbreak version, parental controls and more.

  • Social Media Monitoring: mSpy tracks your child’s activity on Facebook, Snapchat, Hangouts, WhatsApp, and Skype.
  • Keylogger: It records every keystroke made by the user. If your child uses an instant messaging app that mSpy can’t track directly, you can still see every keystroke typed.
  • No Jailbreak Solution: The mSpy iPhone spy software allows you to spy on your child’s iPhone without jailbreaking it. This technique works by pulling data from iCloud backups. You will need to know your child’s Apple ID and password.
  • Parental Controls: mSpy can be used as a parental control software for mobile phone. It allows parents to block inappropriate websites and incoming calls. In addition, you can control which apps can be used and when on your child’s phone.
  • Price: mSpy Basic costs $29.99 per month; mSpy Premium costs $69.99 per month or $199.99 per year.

 

Highster Mobile (Spy App for Android)

Highster Mobile is also simple to install and use.  Just download and install it onto the target phone, enter your license key, and you are good to go.  There are no settings or options to configure. After installation, you can log into your account and start tracking.

While Highster doesn’t have as many features as mSpy, but it’s a great app for those who want to spy on an Android phone without rooting or unlocking the phone. It has most of the features you’ll likely need.

  • Real-time GPS Tracking: Know where they are at all times and know where they are going. Track their cell phone location history & current location. Locations are displayed on a map on the company’s website.
  • Text Message Monitoring: Read their text messages, even those that have been deleted. Keeps a running record of all text messages sent and received.
  • View Call Logs: View the phone’s call history, including calls made, calls received, calls missed, phone numbers, and the date, time, and duration of the calls.
  • View Photos: All of the photos on their phone will be uploaded to your account.
  • View Browsing History: Track which websites they’ve visited and what they’ve searched for.
  • View Contacts, Calendar & Apps: View their contacts, calendar entries and installed apps.
  • Social Media Monitoring: Monitor different social media apps they use and who they talk to, including Facebook, WhatsApp, and even Snapchat messages. This feature, however, is only available on rooted devices. (If you do not know what this means (rooting or jailbreaking), or the consequences, don’t even think about it.)
  • Price: It only costs a one-time fee of $69.99 – making it one of the cheapest spy apps on the market today.

There are more high-end cell phone spy apps that have many more features: such as recording phone calls and even surroundings but we suggest training wheels at first.  This is your child, not an international, deep-cover spy.

BNI Operatives: Situationally aware.

As always, stay safe.

Why Lawyers Should Be Paranoid About Client Confidentiality

From Clio, January, 2017:

In April 2016, a lawsuit was filed claiming one Chicago-based law firm had failed to protect confidential client information.

The suit didn’t accuse lawyers at the firm of inadvertently sharing client information. In fact, according to The American Lawyer, “[t]he complaint makes no claim that data was stolen or used against clients.” The claim solely focuses on the fact that lax data security could have put client information at risk.

Talk about an eye-opener, for lawyers and others (such as private investigators) who retain confidential information during the normal course of business.  And, it could be inadvertent actions – usually online – that can cause these security breaches.

Client confidentiality in the age of social media:

Consider the amount of information that gets shared on social media:

  • Facebook users send 31.25 million messages per minute
  • Twitter users send nearly 350,000 tweets per minute
  • Instagram users post almost 50,000 photos each minute

If you’re a lawyer, you need to take extra care when using social media. There are plenty of ways your tweets or posts could inadvertently breach client confidentiality.

For example, if you use Swarm to check in at Starbucks during a client meeting, you could inadvertently disclose your client’s location as well. This may be an issue if your client wishes to remain anonymous, or if they don’t want it to be known that they have legal representation.

Photos can also be a problem. You should be more aware than lawyer and politician Kris Kobach, who accidentally revealed notes on proposed immigration policy in a photo with Donald Trump. You should always be extremely aware of what might be in the eye of a camera lens. Your son could take an impromptu photo while you’re catching up on some work at the dining room table; if there’s any sensitive information is visible in the image,  you need to make sure that photo doesn’t get posted online (and does get deleted from his device).

Steps lawyers need to take on social media

Does this mean you need to stop using social media? No. But you do need to reconcile the practice of sharing information online with the need to keep client information confidential.

Here are a few things you can do to ensure you’re protecting client information:

  • Go private on Facebook. This is a simple step for all lawyers (and for anyone using Facebook, for that matter). Go to “Settings,”, then “Privacy,” and set all of the visibility options so that only “Friends” can see your profile. If you want to market your law firm on Facebook, set up a separate Facebook page—and be extra mindful of the information you’re sharing on it.
  • Use two-factor authentication. Using two-factor authentication to protect your online accounts is one of the most effective steps you can take to protect client information.
  • Don’t use live mic technology. Someone’s always listening. Amazon hasn’t given up user data in this now-infamous murder case from late 2016 (so far), but that doesn’t mean you should put client information at risk by keeping an Echo or an equivalent device inside your office.  And definitely ensure that no one in your office is walking around with a live mic device.

In short, you want to do everything you can to prevent unauthorized access to client information. In 2017, that means a lot more than just shutting the door each time you meet with your clients.

BNI Operatives; situationally aware.

As always, be safe.

 

Working Around Invisible or Partially Available Social Media Profiles

As part of our due diligence during a subject’s comprehensive background check, we generally begin with a review of social media.  Sites like Facebook, Twitter, Instagram and LinkedIn are primary and initial stops in the identification verification aspect of a background check. (For the purpose of this week’s article, we will concentrate on business connection site, LinkedIn.)
Searching for your subject through Linkedin may return an invisible profile if you’re not in your subject’s connections network. Your Linkedin network consists of your 1st, 2nd and 3rd degree connections and your group members. The more connections, the more full profiles available to you. You can also see attachments such as resumes.

Once you have your subject’s Linkedin profile, Google the name or search for it through bing.com to get the profile URL.

Linkedin Profile at Bing

Paste that URL into a private viewing web browser.

Private Linkedin Profile

This result is what we want to view and download.

See Resume

If the Linkedin resume is stored at their slideshare.net account, you can find it via a quick Google search- while in an incognito browser session:

Slideshare Resume Search

Select the top entry link and you will be taken to the full resume.  Download.

Slideshare resume download

Mission accomplished! The above method is a viable workaround to the limitations placed on profile sharing by social media.  Where there’s a will…

BNI Operatives; Situationally aware.

As always, stay safe.

Your Online Pics Are Broadcasting Your Location; GeoTags.

geotag

When you post your pics online, you could be sharing more than you know.  Most pics taken via our cell phones contain embedded location info that is easily readable by would-be criminals who can then use that data to track you.

How Do Your Pics Get GeoTagged?

When you take a picture with your smartphone or digital camera, it’s typically saved as a JPEG to your device. That image file gets embedded with Exchangeable Image File Format (EXIF) data, which includes the time, date, and GPS location where your photo was taken. That photo’s GPS location is called a geotag.

The Dangers of GeoTagging

Once a geotagged photo in uploaded online, or attached to an email, the geotag becomes available to anyone with access to your online pics or email messages.

How can this place you in danger from a stalker or other would-be criminal? Envision the below scenarios:

1. You are selling an item online.

You want to sell your TV so you take a picture with your iPhone 6 and upload it to your Craigslist posting.  A potential buyer contacts you and in the email exchange, in an effort to show more of the item, perhaps you even send along additional pics. If your pics were geotagged, the interested buyer can now identify the location from which you took the photo – usually your home.   The “buyer” may ask if you have additional home appliances, electronic devices, etc. to sell.  He could be digitally casing your home – with your active cooperation.

2. You are dating online.

1 out of every 4 marriages now originates from online dating sites such as Match, Our Time, Christian Singles, JDate, etc.   In your initial posts, to err on the side of safety, you hide your full name, contact information, and where you live. But all of these sites request a personal pic.  You take a selfie and post away.  Now, whether you like it or not, you have given a potential stalker your exact location.

Young Blonde Woman Takes Selfie On Vacation

3. You’re traveling.

It’s almost impossible to not upload and post those envy-evoking beautiful vacay pics of the Bahamas.   While you are Instagramming away your gorgeous sunset shots, bear in mind that you have just alerted one of your wacky followers that you are thousands of miles from home.

4.  Your valuables.

It’s natural to want to post pics of your new car, shiny Rolex and other bling.  Why not post a complete itemized list of your valuables since the criminal already have the address from your geo-tagged brag pics? Trolling social media for just such pics is the new work-from-home gig for today’s thieves.

Although Facebook strips geotags from your uploaded photos, it does show a map of photos you tag. (Just look under “Places” on your profile.)  Even the dumbest criminal can figure out that the 35 pics of your bling are probably taken from the same location and, you may even inadvertently let them know where you stash your family jewels.

5. You have a stalker.

If your online profiles are public, any stranger can figure out your routine. We are creatures of habit – a definite advantage for the online stalker who can track when and where you post, whether you are at work, where you live, where you hang out, and when you’re not home.  Imagine a stalker (or sex offender)  tracking your family pics of your kids in your backyard, at school, at a nearby park, etc.

How To Remove Geotags From New Photos

Now that you realize the very real danger of allowing geotags to remain in your pics, here’s how you remove the geotags before you take the photos:

For an iPhone 5 or 6:

  1. From your iPhone’s home screen, tap the “Settings” icon.
  2. Scroll down until you see the “Privacy” tab, and tap “Location Services.”
  3. Look for the “Camera” tab. Open it, and you’ll see ALLOW LOCATION ACCESS. Click “Never.”

For an iPhone 4:

  1. Hit the “Settings” icon from the home screen.
  2. Find the “Privacy” tab, and tap “Location Services.”
  3. After tapping the “Camera” setting, switch the tab from “ON” to “OFF.”

For an Android:

  1. Find the camera app.
  2. Tap the “Settings” icon on in the app.
  3. Find the Location or GPS tag, and turn it off.

How To Remove Geotags From Photos You’ve Already Taken

If you’ve never disabled location services on your phone’s camera, you have photos in your library that are still geotagged.

To remove geotags from stored pics: use these apps:  deGeo or ViewExif for an iPhone or iPad, Exif Eraser for an Android, or Pixelgarde for an Android or Apple device. Pixelgarde allows you to strip geotagged photos in bulk.

 

Do Social Sites Allow GeoTags?

Fortunately, no. Instagram, Facebook, Twitter,  Pinterest, eBay and IMgur automatically remove geotag data from your photos when you upload them.   Of the online dating sites, Match.com, PlentyofFish, and OKCupid also strip your pics’ location data.

However,  Tumblr, Picasa, Photobucket, Dropbox, and Google+ do not remove geotags from uploaded images. Flickr gives you the option to do it.

Craigslist doesn’t provide a definitive answer on its website. Neither does Tinder.

Do Texts And Emails Show Geotags?

Yes. When you attach a photo to an email, that photo’s EXIF data is also included. SMS messages don’t typically retain this data, but iMessages can.

How can access your geotag info?

There are several ways, and some of them are more useful and prettier than others. It all depends on the computer you’re using. Just remember that a determined stalker will take all of the time in the world to break obtain and breakdown the geotag data in his desired target’s pics. But for the rest of us, here are a few ways to get the GPS information from your photos.

On a Mac

If you’re using a Mac, you can access your GPS information by simply right clicking on the photo file you want to view and then picking “get info.”

This will bring up a box showing all of the EXIF data attached to that particular image file.

On a PC

It’s a little different on a PC, but it’s pretty much the same thing. Right click on your image, and then pick “properties.” From there, a similar window should pop up showing all the EXIF data, including the location of the picture you just took.

Bottom line: Pay attention to what you are posting and don’t leave your security – and that of your family-  in the hands of a third party.

BNI Operatives: Situationally aware.

As always, stay safe.

10 Steps To Erasing Your Digital Footprint (Part I/II)

footprint2

We all have something to hide.  Usually, it’s benign family or photobombed pics and then,  in some cases, a miserable and dirty divorce battle bitterly played out online. Time is the objective archivist of that which we’ve shared online; perception and therefore judgment, however, resides with the reviewer of our public personas.

The vast majority of people have been online now for several years at the very least; interacting on such social media sites as Facebook, Twitter, LinkedIn, etc.   Some of us have fairly large, embedded digital footprints and others cast light personal shadows on the internet landscape but we are all there, in some detectable form.

Whether you are going for your first real job, seeking a post-divorce relationship or just realized that your kids can conduct an FBI-quality thorough background check on their parents, you’ve decided it’s time to clean up your online presence.  Although the task may at first appear overwhelming, the job itself doesn’t have to be – and, some things that are out there you are going to simply have to learn to live with.  So, let’s begin.  (To make this effort manageable in light of our busy lives, we are presenting this information is two parts – a week apart – to allow our readers time to complete the suggested tasks.)

footprint

1. Search yourself.

First things first, pull up your public profile.   It is now common practice among prospective employers to perform searches online when vetting job applicants. The information pulled up by search engines such as Google can be seen not only by you, but future bosses — and so if there is anything unprofessional out there, this will be the first glimpse they see of you. Run a search on your name (including maiden names) and see what appears.  Also, conduct image searches, as they can link to websites or accounts you’ve long forgotten about. Understanding your basic digital footprint is the first step in taking control of it.  By the numbers, run your self through:

Google

Bing

Yahoo

YouTube

InstantCheckmate

Spokeo

(For the curious, while you can certainly look up friends, relatives and co-workers with the latter two personal data-collection services, if you wish them to remain as such, we suggest you just check your own info.  Also, often the data on these sites and others like it can, and most often is, dated and limited.  For your own review however, it serves the stated purposes in this article.)

2. Deactivate old social media accounts and check privacy settings.

MySpace (Yes, this dinosaur social site is still here, haunting us to eternity or the end of the Net – which ever comes first.), Facebook, Twitter, LinkedIn and Google+ are social media websites that can be mined by potential employers for personal information. If privacy settings are not at their highest, this could mean viewers can access pictures, posts and status updates best kept within your private life.

One thing to remember is that the Web often forgets about context — and so Tweets can be misconstrued, events from years ago can end up hampering your prospects, and your profile may not show you to be the type of person a company would want to hire.

In relation to accounts you actively use, check your privacy settings.

For Facebook, click on account Settings through the top-right button, and then select Privacy from the menu on the left. You can then decide who can see what information is posted — and whether you can be looked up based on your email address, phone number or search engines. You can also use another handy tool from your profile page to see what others view, by selecting the ‘…’ button and choosing ‘View as..’.

Twitter users, click your profile avatar in the top right of the Twitter.com screen, and select ‘Settings.’ From this menu, you can make your profile private or change a range of basic account options.

If you want to be completely hidden on social media, use a different surname.

3. Hide others, or add false information

Honesty may not be the best policy if old social media accounts hold information you’d prefer to keep low-key.   In addition, some services do not allow you to delete accounts — instead, they allow only for accounts to be “deactivated.” In these cases, consider changing your name, email address and uploading an innocuous profile picture — as well as deleting as much information as possible — before deactivation.

E.g., If you’ve conducted the above suggested Google, Bing, etc.  search and found pictures linked to old accounts you’d rather not have displayed, hiding your accounts may help in eventual refreshes. It will take time for search engines to stop pulling up these images, but the sooner you tweak old accounts, the better.

4. Contact webmasters

If websites have posted public information about you, contacting webmasters may be the only option to remove this information. Send them an email or give them a call, and explain what, and why, you need something removed.  If you are a member of the law enforcement community, most of these sites are very accommodating in removing identifying materials.  If you have field a police report in any criminal matter, likewise, with a short, concise letter attached to the report, most web masters are very helpful and willing to err on the side of safety in removing or modifying your public data.

5. Unsubscribe from mailing lists

Mailing lists are an integral part of the digital trail leading back to you, and unsubscribing can help break these connections — as well as uncluttering your inbox.

A suggestion for future subscriptions: add an identifier middle initial to your subscriptions so that you can quickly determine subscription categories: e.g., Lina N. Maini = news subs such as WSJ, NYT, etc.   This has seriously helped me identify, review and delete subscriptions in the past, rather than scour through each provider name and have to pop an email open to determine content.  (The Washington Post is obviously a news source – ok, keep the dissent to a minimum – but Birchbox?  I had completely forgotten that these are the wonderful folks who deliver my samples box – home products, beauty supplies, new foods on the market – each month.  I’ve loved everything they’ve sent thus far. ).

Next week, we bring you the next and final five steps in repairing, if necessary, and managing your very public online profile.

(For those looking for professional reputation repair and management services – in which we delve into archival materials deeply buried but ultimately findable by dedicated, prying eyes – we do provide unique, tailored packages that are maintained in the strictest of confidentiality – as is all of our work.)
BNI Operatives: Situationally aware.

As always, stay safe.

%d bloggers like this: