Archive for the 'Dirty Tricks' Category

Remote File Handling

Published on January 30, 2012 in Dirty Tricks, Due Diligence, Methods, Privacy and Security. 0 Comments Tags: , .

High Risk Files

When doing IIR, I often come across files that I don’t want to handle for security reasons. These can be Word documents, PDF documents, PostScript, or even Gzipped PostScript files. These file may include a load of malicious code. I sometimes don’t want any record of viewing the file on my computer. To accomplish this I must load these files remotely and safely so they don’t touch your system (the web cache should be disabled to accomplish a true remote viewing of the file as should the swap and home partitions, if the whole system isn’t encrypted).

Unless you verify each file through checksum verification (like MD5 or GPG) there’s a chance they could’ve been trojaned or the file may contain phoning home instructions or some other type of malicious feature within the file. If I don’t want to be recorded as a recipient of the file via something like ReadNotify then the file must be verified clear of such code or it must be viewed remotely.

The Remote File Viewer

I use the site at http://view.samurajdata.se/. I have only used it with PDF and Word documents. PDF and Word files are transformed into single paged graphics which you may navigate through. Most of the time it works, occasionally a PDF does not load. It doesn’t require Flash and works without cookies or javascript enabled.

I don’t know anything about the site’s privacy policy and how that might that might affect anonymity.

 

 

Lucifer’s Kingdom

Published on February 9, 2011 in Dirty Tricks and Private Investigator. 0 Comments

Managing risk is sometimes akin to a black art because it involves predicting future events. By the time I get a mandate, things have started to happen and the client wants a quick resolution to his torment. This always involves predicting the adversaries next move and planning your counter move.

A recent engagement began after some libelous Internet posts. What struck me was that the libel was directed at people who had no direct interest in the libeled company, but rather at a low income neighbourhood near its main plant. This agitating nearly forgotten resentments, fanning hostilities, and exaggerating a controversy from decades past struck a cord in me. It was like a nearly forgotten memory that I couldn’t bring out of the shadows.

After analyzing pamphlets, flyers, and Internet material, it struck me what I was witnessing.

Very quickly a small group of organisers began recruiting local groups to the ill-defined cause — churches, unions, politicians, and an assortment of unsavory gadflies. This was quickly followed with events that were obviously intended to goad the company into rash actions and statements. A so-called news reporter ambushed a senior executive at a charity event and began asking slanderous questions intended to elicit an angry and intemperate response.

What I was witnessing came straight out of Rules for Radicals, written by Saul Alinsky in 1971, which begins, “Lest we forget at least an over-the-shoulder acknowledgment to the very first radical: from all our legends, mythology, and history… the first radical known to man who rebelled against the establishment and did it so effectively that he at least won his own kingdom — Lucifer.”

Fortunately, I had read a lot of 60′s and 70′s radical literature at one point in my career. Being older and more cynical I realised that this would evolve into a shake-down to acquire something from the company unrelated to the needs of the community.  With that expectation, substantial resources were used for surveillance, lawyers, and police involvement.

Surveillance identified vandals and organisers. Police interrogated. Lawyers sued. Prosecutors prosecuted. One Rochdale College educated con man turned crooked property developer is now on the lam after being exposed as the “brains” behind the scheme. It looks like he won’t get his kingdom any time soon.

I recommend reading Rules for Radicals first, and then proceeding to Reveille for Radicals as these books are as relevant today as they were when they were written. The tactics and strategies are relevant for today’s G20 ruckus as they were in the 50′s and 60′s.  I don’t want to change the world, but I like to know how other people try to.

Disgruntled Employees Outdo Terrorists

Published on October 27, 2010 in Dirty Tricks, Reputation Management, Security, Statistics, Terrorism and United Kingdom. 0 Comments Tags: , , , , , , .

Two articles on the Brand Killer Robots blog drew my attention. Not because the data offered anything new, but that Stephen Ryan was able to create a bot to clearly show that insiders, employees, and former employees are the most likely to launch cyber attacks.

Raps BOT : Predicts Insider Cyber Terrorism Threat HIGH

Raps Bot : Sniper Attack Methods – Number 1 Cyber Terrorism Threat

WikiLeaks, YouTube, Propaganda, Politics, and SEO

Published on July 29, 2010 in Detecting Decption, Dirty Tricks, Due Diligence, Methods and News Media. 3 Comments Tags: , , , , , .

It never ceases to amaze me how gullible people are. Let’s look at two examples recently in the news.

First, the case of Shirley Sherrod, the black U.S. Department of Agriculture official accused of racism. The evidence of her racism was a short, edited video clip offered up by a partisan web gadfly, Andrew Breitbart, who has a small empire of web sites. This guy knew such a controversial and inflammatory out-take would drive millions to his web sites. This huge burst of site traffic is money in Brietbart’s pocket.

What surprised me was that the NAACP and the Obama administration swallowed this hook, line, and sinker. They didn’t review the full video, interview people present at the event, or evaluate Breitbart’s motives for publishing the edited video.

Second, the leaked military documents that now appear on the WikiLeaks site need closer examination.

The founder of WikiLeaks, Julian Assange, is what a judge would describe as an unreliable witness. He pleaded guilty to 25 charges of hacking in Australia; and according to the National Post, “Before he set up the website in 2006, Julian Assange spent years hacking into government and company computers, including those of the U.S. Department of Defense, as part of a group calling themselves the International Subversives.”

With Assange’s talk about “war crimes” and his background, it isn’t hard to understand that this guy has an agenda. How his agenda distorts the picture of events depends upon what documents he publishes from this large volume of previously classified material.  We will never know what he didn’t publish and this creates a very similar situation to the selectively edited video clip published by Breitbart.

Internet Honeypots

Published on June 29, 2009 in Courts, Dirty Tricks and Forensic Science. 1 Comment Tags: , , .

 A honeypot is a trap set to attract (or detect) some manner of interaction with an information system.

FBI posts fake hyperlinks to snare child porn suspects

The FBI has recently adopted a novel investigative technique: posting hyperlinks that purport to be illegal videos of minors having sex, and then raiding the homes of anyone willing to click on them.

Undercover FBI agents used this hyperlink-enticement technique, which directed Internet users to a clandestine government server, to stage armed raids of homes in Pennsylvania, New York, and Nevada last year. The supposed video files actually were gibberish and contained no illegal images…

The implications of the FBI’s hyperlink-enticement technique are sweeping. Using the same logic and legal arguments, federal agents could send unsolicited e-mail messages to millions of Americans advertising illegal narcotics or child pornography–and raid people who click on the links embedded in the spam messages…

Civil libertarians warn that anyone who clicks on a hyperlink advertising something illegal–perhaps found while Web browsing or received through e-mail–could face the same fate.

When asked what would stop the FBI from expanding its hyperlink sting operation, Harvey Silverglate, a longtime criminal defense lawyer in Cambridge, Mass. and author of a forthcoming book on the Justice Department, replied: “Because the courts have been so narrow in their definition of ‘entrapment,’ and so expansive in their definition of ‘probable cause,’ there is nothing to stop the Feds from acting as you posit.”

Iranian HoneyPots

The Iranian authorities are creating a different type of honeypot to catch people who may object to the re-election of Ahmedinejad and his crowd.

Marked for Death by Twitter

But in recent days people believed to be members of the Iranian security apparatus have set up apparent decoy Web sites about the demonstrations to gather IP addresses that will allow them to locate the computer of anyone tricked into clicking on them. Others—again believed to be government agents—have begun what appears to be an active campaign to mis- and dis-inform through Twitter postings.

Craigslist Dirty Talk Conviction

Published on May 26, 2009 in Dirty Tricks, Identity Theft and News. 0 Comments Tags: , , .

A Wisconsin woman has been convicted of disorderly conduct for posting her ex-boyfriend’s work telephone number and photos under the “casual encounters” section of Craigslist, encouraging men to “talk dirty to me.”

The 20-year-old has been ordered to write an apology and perform community service for the misdemeanor charge, and should consider herself lucky. She was originally charged with identity theft, a felony that would have entailed time in an unflattering orange jumpsuit.

The Modern Slave Bracelet

Published on April 24, 2009 in Communication, Dirty Tricks, Privacy, Security and Surveillance. 0 Comments Tags: , , , , .

Your mobile phone can become a slave bracelet if it is compromised by malicious software.

Craigslist Crooks

Published on April 10, 2008 in Dirty Tricks and Fraud. 2 Comments Tags: , , .

We have seen our share of weird cases involving Craigslist, but nothing like these: Continue reading ‘Craigslist Crooks’

Hedge Fund Dirty Tricks

Published on April 2, 2008 in Dirty Tricks and Private Investigator. 0 Comments Tags: , .

A good look at how modern crooks operate from Michael Thomas at The Daily Caveat.

Hedge Fund Dirty Tricks and the HBOS Implosion

You’ll love this article from The Daily Telegraph – an inside look at the “dirty-tricks unit” of a London-based hedge fund. This story has all the good stuff – PIs, hacking, the obligatory sub-prime mortgage crisis connection, rogue traders, market manipulation – it’s one stop shopping.

This isn’t Competitive Intelligence

Published on March 24, 2008 in Competitive Intelligence, Dirty Tricks and Industrial Espionage. 2 Comments Tags: , , .

An interesting post on B2B Sales Pipline:

Adam…asked a pricing question about an application component that could not be purchased alone…

…this question doesn’t pass the “Smell Test”…

Called him anyway…Cell Phone, with no company name provided…

…search Adam’s name in LinkedIn. Lo and behold – Adam works for a competitor. I called the competitors office, asked for Adam, and let him know that I would love to chat with him, since it’s always good for competitors to get to know each other. At the time of this posting, Adam has not called me back, and has likely joined the witness protection program.

This kind of amateurish nonsense passes for Competitive Intelligence far too often.

Business Identity Theft

Published on March 11, 2008 in Company Research, Competitive Intelligence, Dirty Tricks, Fraud, Identity Fraud, Identity Theft, Methods and Private Investigator. 0 Comments Tags: , , , , , , .

Infamous hacker Kevin Poulson paid the defaulted Yellow Page accounts of escort services to get their defunct telephone numbers reactivated. He collected the profits and when the police became interested, only the original advertiser was on record with the telephone company. I once saw this done in a home renovation scam.

In Cynthia Hetherington’s excellent book, [asa link]1889150495[/asa], she tells of a group of crooks who moved into an office recently vacated by an insurance company. They took-up the old phone number and began selling insurance.

When new policy holders complained about bad service to the insurance company’s head office, the scam was revealed, but the crooks had moved on.

It’s not just people who have their identity stolen.

WikiLeaks

Published on March 5, 2008 in Dirty Tricks, Methods and Privacy. 0 Comments Tags: , , , , , , .

I just found this:

WikiLeaks.org is developing an uncensorable version of WikiPedia for untraceable mass document leaking and analysis.”

I’m not sure how I might use this site, but it does have some very interesting instructions on how to submit material anonymously.

The Prepared Hotel Room

Published on January 18, 2008 in Dirty Tricks, Espionage, Security and Surveillance. 0 Comments Tags: , , , , , .

EASY TO PLANT CAMERAS IN HOTEL ROOMS

THE recent sex DVD scandal involving former Malaysian Health Minister Datuk Seri Dr Chua Soi Lek shows how easy it is to rig a spy camera and film someone without their knowledge.

Experts tell The New Paper on Sunday that it takes anyone just 30 minutes to rig a spy cam.

It takes the professionally trained even less time…

GeoSlavery, Surveillance, & Murder

Published on December 31, 2007 in Dirty Tricks, Privacy, Security and Surveillance. 0 Comments Tags: , , , , .

I wrote about the dangers of mobile telephones a while back. Now we have a new term for the abuse of GPS tracking associated with mobile telephones — Geoslavery.

This story links geoslavery to the probable murder of Stacy Peterson.

Private Investigators Indicted for Pretext

Published on December 21, 2007 in Dirty Tricks, Ethics, Fraud, Identity Fraud, Identity Theft, Privacy and Private Investigator. 0 Comments Tags: , , , , .

We wrote about this here in Ten Private Investigators Indicted on 7 Dec 07.

Wired Magazine has posted the Indictment of the accused who allegedly employed false pretenses to gain personal information. A related Wired article compares this type of pretexting to the HP mess.

The accused are from Washington, California, Oregon, Texas and New York:

Emilio Torrella, BNT Investigations, Washington State
Brandy Torella, BNT Investigations, Washington State
Steve Berwick, BNT Investigations, Washington State
Victoria Tade, C.I., Inc., California
Megan Ososke, P.I. and Information Services, Oregon
Robert Grieve, Robert Greive International, Texas
Ziad Sakhleh, Robert Greive International, Texas
Darci Templeton, sole proprietor, Texas
Patrick Bombino, AAA Allstate Investigations, New York
Esau Pinto, AAA Allstate Investigations, New York

The Indictment alleges that BNT supplied the improperly obtained personal information to the PI’s for a fee. BNT was not identified as a private investigation firm in the Indictment, but was identified as a company that sold its pretexting services to PI firms. Some of the PI firms even advertised for sale to other PI’s what they were obtaining from BNT.

Accusations #17 and #21 allege that BNT obtained medical information by pretext, much in the same way as was revealed by he Royal Commission of Inquiry into the Confidentiality of Health Records in Ontario, Canada, by Mr. Justice Horace Krever.