Canadian banks, police following money trail to target human trafficking

[escapefromstress]

I posted this in the Trafficking Sticky, but I don't know how many people read it, so am posting some exerpts here because I think everyone should be aware of this technology. You can read the whole article in the Sticky.

Canada’s financial watchdog has sent more than 100 disclosures to police in the past year on human trafficking in a quiet new initiative that targets traffickers by following their money.

Project Protect is a partnership between the Financial Transactions and Reports Analysis Centre of Canada (FinTRAC), financial institutions and law enforcement that is using money trails to detect and investigate traffickers.

Banks’ anti-money laundering arms are starting to red flag suspicious accounts, based on indicators such as multiple motel bookings, large expenditures at drug stores and frequent ATM deposits in the middle of the night. They report suspicious activity to FinTRAC, which in turn notifies law enforcement.

In the year since the project was launched, FinTRAC has made 102 disclosures to police across Canada under the Project Protect label. By comparison, in the year before, there were 19 such trafficking-related disclosures.

Those who work to counter human trafficking say following the money trail can help back up a victim’s story and potentially reveal other people who are being exploited. It may also, eventually, help secure convictions, which are still rare for this crime.

In December, FinTRAC released an operational alert to 31,000 businesses, partners and police that included a lengthy list of indicators that point to signs of trafficking. Red flags include payments for online escort ads, frequent hotel and motel bookings along with air and rail purchases, frequent large purchases at pharmacies and lingerie shops, payment in bitcoin and frequent deposits or withdrawals between 10 p.m. and 6 a.m., along with banking activity at ATMs in different cities or provinces.

It’s not just banks getting on board. Accounting firms are, too. Grant Thornton LLP joined the project a year ago, and has produced two reports for clients in different sectors on the financial red flags for trafficking. “There’s been a strong response to stop this; we need to eradicate this and get this out of our communities,” said Jennifer Fiddian-Green, partner and anti-money laundering expert, who went to Winnipeg this month to train credit unions on what to watch for.

****************************

Although the technology was developed to help identify potential victims of trafficking, the same red flags could identify a SP who's working voluntarily, and this data could alert your bank, your accountant and Law Enforcement about the type of work you're doing. It could also flag banking activity of prolific pooners who pay for expensive hotel rooms, lingerie, condoms, etc. for consensual pay for play, frequently.

So if you don't want people to know you're an escort or client who sees them, be really careful how you do your banking and how you pay for stuff like hotel rooms and ads.

 

[Warl0ck]

I'm not saying it's wrong to do this, but it's easily bypassed. It's akin how BC bud is traded for harder drugs to the USA. The IRS in the USA has a system where all deposits, etc over $10,000 dollars are noted and flagged. It's assumed they are illegal transactions. So in the world of drugs they trade weed for meth, put it out on the street to sell & then the smaller dealers can bank the actual money and not raise any suspicion.

If the feds really want to go after trafficking, they need to up their ante with digital forensic investigators. They need hackers. They need guys who get the flow of data, guys who get the flow of information. The best example was Kim Rossmo whose Rigel software pointed to Pickton as the killer of women. Rossmo was a hacker. Only his police service (and many today) see that shit as all voodoo magic. If you want to have some fun sometime, go to the Crime Stoppers most wanted in your city then look for those people on social media. You'll find a whole bunch of them, the "most wanted" posting away, and no one is arresting them. That's how little the police use DFI's.

You hire a digital bloodhound and look out. That's what the NSA is. Unless you're a feckkin wizard at shit, you WILL get vanned. So why don't we do this more often with trafficking?

 

[escapefromstress]

I'm not saying it's wrong to do this, but it's easily bypassed. It's akin how BC bud is traded for harder drugs to the USA. The IRS in the USA has a system where all deposits, etc over $10,000 dollars are noted and flagged. It's assumed they are illegal transactions. So in the world of drugs they trade weed for meth, put it out on the street to sell & then the smaller dealers can bank the actual money and not raise any suspicion.

If the feds really want to go after trafficking, they need to up their ante with digital forensic investigators. They need hackers. They need guys who get the flow of data, guys who get the flow of information. The best example was Kim Rossmo whose Rigel software pointed to Pickton as the killer of women. Rossmo was a hacker. Only his police service (and many today) see that shit as all voodoo magic. If you want to have some fun sometime, go to the Crime Stoppers most wanted in your city then look for those people on social media. You'll find a whole bunch of them, the "most wanted" posting away, and no one is arresting them. That's how little the police use DFI's.

You hire a digital bloodhound and look out. That's what the NSA is. Unless you're a feckkin wizard at shit, you WILL get vanned. So why don't we do this more often with trafficking?

Yes, we need to figure out innovative ways to avoid being flagged, and to track down human traffickers.

Lack of funding. Lack of manpower. Lack of understanding on the part of non-tech savvy people and organizations about how social media and online forums work.

I've talked to the RCMP several times about cybercrime in the industry, and hear the same thing every time. "We don't have the funding, and we don't have the manpower to go after these people." I also had to start from scratch each time, explaining the online world that they knew little to nothing about.

That's one reason I wanted to start posting about trafficking on our industry forums, and raise awareness about what's happening and not happening.

This is our industry, it's our issue whether we want to acknowledge it or not, and we're going to wait forever if we wait for government and law enforcement to do something about it.

 

[Warl0ck]

I've talked to the RCMP several times about cybercrime in the industry, and hear the same thing every time. "We don't have the funding, and we don't have the manpower to go after these people." I also had to start from scratch each time, explaining the online world that they knew little to nothing about.

Yes, the RCMP is underfunded and needs a major funding increase. Some smaller police services don't have much in the way of digital forensic departments. I've submitted reports & research I did on my own time and been greeted with suspicion and a "what do you mean". I submitted a major piece of digital evidence in a missing woman situation recently. The officer was absolutely great but it was clear they did not understand what I was showing them. A recent missing teen in Toronto (age 15) happened and the first place I went was Backpage. Guess whose ad I found? Took 2, maybe 3 minutes too. She was rougher looking, skinnier and not healthy but the facial structure was a match. A call to Toronto and the ad came down lightening fast. I just hope they have the skill set to analyze all the digital information. Policing is expensive and time consuming. You have to follow due process or your evidence becomes inadmissible. In the case of technology when you image computers taken from a crime scene you have to write block the drives. So much as a single bit changes on the drive & the defense could well argue that the data is corrupted. All that takes time and doesn't come cheap.

#NoticeWhatYouSee

 

[westwoody]

Yes, the RCMP is underfunded and needs a major funding increase. Some smaller police services don't have much in the way of digital forensic departments. I've submitted reports & research I did on my own time and been greeted with suspicion and a "what do you mean". I submitted a major piece of digital evidence in a missing woman situation recently. The officer was absolutely great but it was clear they did not understand what I was showing them. A recent missing teen in Toronto (age 15) happened and the first place I went was Backpage. Guess whose ad I found? Took 2, maybe 3 minutes too. She was rougher looking, skinnier and not healthy but the facial structure was a match. A call to Toronto and the ad came down lightening fast. I just hope they have the skill set to analyze all the digital information. Policing is expensive and time consuming. You have to follow due process or your evidence becomes inadmissible. In the case of technology when you image computers taken from a crime scene you have to write block the drives. So much as a single bit changes on the drive & the defense could well argue that the data is corrupted. All that takes time and doesn't come cheap.

#NoticeWhatYouSee

The Force is hiring.
You already know all there is to know about being a police officer, you could skip Depot and go right to informatics.

 

[Warl0ck]

The Force is hiring.
You already know all there is to know about being a police officer, you could skip Depot and go right to informatics.

I worked in a civilian capacity so I know basics, that's it. Not sure I'd want too. And truth is I think that if a police force wants "hackers" it should make them civilian jobs. To be great at it requires a whole lot of hard work, reading, etc. You can't do that and be a cop at the same time. Overall I think recruiting is difficult for police forces. The US military is trying to beef up it's cyber force and now hackers enter the military as Colonels (which blows me away, wish I was American). You're taking a sub culture notorious for it's anti authority/anti cop mindset and hoping they conform to what they despise (generally). It's hard to explain but imagine a guy who is rough, hard core and sometimes extremely offensive yet comes with a moral compass that's all about doing the right thing. And, hacker ethos = the truth sometimes at all costs (think Snowden or Assange).

Plus you'd have to let these guys take their cats to work.

Time for a ride on the Lulz Boat.

<iframe width="640" height="360" src="https://www.youtube.com/embed/AXl4CStJVlI" frameborder="0" allowfullscreen></iframe>

 

[sdw]

I worked in a civilian capacity so I know basics, that's it. Not sure I'd want too. And truth is I think that if a police force wants "hackers" it should make them civilian jobs. To be great at it requires a whole lot of hard work, reading, etc. You can't do that and be a cop at the same time. Overall I think recruiting is difficult for police forces. The US military is trying to beef up it's cyber force and now hackers enter the military as Colonels (which blows me away, wish I was American). You're taking a sub culture notorious for it's anti authority/anti cop mindset and hoping they conform to what they despise (generally). It's hard to explain but imagine a guy who is rough, hard core and sometimes extremely offensive yet comes with a moral compass that's all about doing the right thing. And, hacker ethos = the truth sometimes at all costs (think Snowden or Assange).

Plus you'd have to let these guys take their cats to work.

Time for a ride on the Lulz Boat.

<iframe width="640" height="360" src="https://www.youtube.com/embed/AXl4CStJVlI" frameborder="0" allowfullscreen></iframe>

China and Russia have dedicated military units. The west had Bradley Manning and Edward Snowden. Just a little difference. Patriots working for their Nation vs Traitors working for their pocketbook.

Somewhere in Canada, United Kingdom and USA there is another greedy, angst ridden traitor collecting files to sell. Somewhere in China and Russia there is a patriot collecting files to aid their government.

The spy game has always provided an advantage to the Chinese and Russians. There has never been a shortage of beautiful young women that are willing to bed Westerners for their country in China or Russia. In the West, the media leaks the names of beautiful young women that try to assist their government.

 

[Warl0ck]

China and Russia have dedicated military units. The west had Bradley Manning and Edward Snowden. Just a little difference. Patriots working for their Nation vs Traitors working for their pocketbook.

Somewhere in Canada, United Kingdom and USA there is another greedy, angst ridden traitor collecting files to sell. Somewhere in China and Russia there is a patriot collecting files to aid their government.

The spy game has always provided an advantage to the Chinese and Russians. There has never been a shortage of beautiful young women that are willing to bed Westerners for their country in China or Russia. In the West, the media leaks the names of beautiful young women that try to assist their government.

The Chinese & Russian APT's tend to be part of their military. Working in national intelligence in China is considered an honor (portrayed in the movie Blackhat) as it is in Russia. The USA has the NSA and is part of the 5 eyes. They have an agreement where one country spies on the other countries citizens then hands over the data. Voila, no constitution broken. The USA uses 3rd party contractors sometimes because they fall out of the scope of government oversight. Snowden is an excellent example. Had he been a full time government employee, heads would have rolled. Instead, he's just some guy who went rogue. Don't kid yourself, the NSA is an extremely powerful entity and they their weapon stash includes 0 days which they use against foreign nations. It is one giant cluster fuck. Lately, the USA is like a big reality TV spy show.

 

[escapefromstress]

Lately, the USA is like a big reality TV spy show.

A new episode of Reality TV USA


Trump's New FCC Chairman Lets ISPs Sell Your Private Data Without Your Consent

Bad News for privacy concerned people!

It will be once again easier for Internet Service Providers(ISPs) to sell your personal data for marketing or advertisement purposeswithout taking your permission.

Last October, the United States Federal CommunicationsCommission (FCC) passed a set of privacy rules on ISPs that restrict them fromsharing your online data with third parties without your consent and requirethem to adopt "reasonable measures" to protect consumers' data fromhackers.

However, now the FCC suspended privacy rules before they cameinto effect.

The reason? President Donald Trump's newly appointed FCCchairman Ajit Pai, a Republican and ex-Verizon lawyer.

Ajit Pai, who has openly expressed his views against netneutrality in the past, just last week said during a speech at Mobile WorldCongress that Net Neutrality was "a mistake" and indicated that theCommission is now moving back to internet regulations.

Now, Pai suspends privacy rules on ISPs, arguing that theyfavored companies like Google and Facebook, which are regulated by the FederalTrade Commission (FTC), over internet providers like Comcast and Verizon.

Pai wants the FCC, and the Federal Trade Commission shouldtreat all online entities the same way. So those new privacy policies should bescrapped.

"All actors in the online space should be subject tothe same rules, and the federal government shouldn’t favor one set of companiesover another," FCC said in a statement.

"Therefore, he has advocated returning to atechnology-neutral privacy framework for the online world and harmonizing theFCC’s privacy rules for broadband providers with the FTC’s standards for othersin the digital economy."

The FCC will now likely pass a new set of standards in theway the FTC regulates websites. It's like, if the FTC requires sites like Facebookand Google to seek explicit permission before selling your data, the FCC mayfollow suit for ISPs.

In other words, the FCC will keep a hold on new privacyrules. Since FTC would never hurt advertising business model of Google andFacebook, FCC would never restore those suspended rules on ISPs.

How does this Move Affect You?

If you are unaware, your internet service provider knowsyour most intimate and personal online activities.

Unlike Google which uses encryption to prevent anyone fromseeing your online searches, your ISP can see your search queries, whatwebsites you visit, when you visit them, and what apps you use.

The ISPs then share this data with other companies foradvertisements, marketing or other purposes. And with this information in hands,it's very easy for any advertising company to know users' interests based ontheir online behaviors and serve them targeted ads.

Not surprisingly, the broadband industry applauded the FCC'snew move, calling it "a welcome recognition that consumers benefit mostwhen privacy protections are consistently applied throughout the Internetecosystem."

But privacy advocates are not at all happy with the FCC'saction, arguing that suspending the privacy rules favor the Internet providerslike Comcast and Verizon since the ISPs do not need the same data securityrules the FTC requires of websites.

http://thehackernews.com/2017/03/fcc-ajit-pai-net-neutrality.html

 

[Jethro Bodine]

frequent large purchases at pharmacies

I guess I'll have to start buying my lotion, Kleenex and dirty magazines in smaller quantities.

 

[escapefromstress]

I guess I'll have to stop buying my lotion, Kleenex and dirty magazines in smaller quantities.

Only if you buy yourself expensive lingerie to wear in expensive hotel rooms in cities you've flown to on expensive jets, to spend time with yourself, while making large ATM deposits earned from gambling, at 2am.

 

[Warl0ck]

Only if you buy yourself expensive lingerie to wear in expensive hotel rooms in cities you've flown to on expensive jets, to spend time with yourself, while making large ATM deposits earned from gambling, at 2am.

No, it's buying a dozen cartons of Sudafed that will get you flagged lol. Buying lingerie (as a male) gives the clerk a good laugh ;-).

 

[sdw]

The Chinese & Russian APT's tend to be part of their military. Working in national intelligence in China is considered an honor (portrayed in the movie Blackhat) as it is in Russia. The USA has the NSA and is part of the 5 eyes. They have an agreement where one country spies on the other countries citizens then hands over the data. Voila, no constitution broken. The USA uses 3rd party contractors sometimes because they fall out of the scope of government oversight. Snowden is an excellent example. Had he been a full time government employee, heads would have rolled. Instead, he's just some guy who went rogue. Don't kid yourself, the NSA is an extremely powerful entity and they their weapon stash includes 0 days which they use against foreign nations. It is one giant cluster fuck. Lately, the USA is like a big reality TV spy show.

5 eyes is all on the cloud. Even the "Hackers R US" twerps have access. The NSA's "weapons stash" is a lending Library for Anonymous. Days after the NSA provided Stuknet to Israel for use against Iran, the "script kiddies" were already using lines of it's code - long before Iran discovered why their centrifuges were stuttering - proof of concept was already out on destroying "platter" Hard Drives. That's why the important data centers converted rapidly to solid state drives.

 

[Warl0ck]

5 eyes is all on the cloud. Even the "Hackers R US" twerps have access. The NSA's "weapons stash" is a lending Library for Anonymous. Days after the NSA provided Stuknet to Israel for use against Iran, the "script kiddies" were already using lines of it's code - long before Iran discovered why their centrifuges were stuttering - proof of concept was already out on destroying "platter" Hard Drives. That's why the important data centers converted rapidly to solid state drives.

There is a hacker flick called Blackhat that runs that sort of premise. Yeah, they REALLY fucked up on Stuxnet. I figure all these guys are doing is using unknown 0 days. They have thousands of coders who reverse engineer shit and find flaws. It's ironic too because the NSA was designed to protect America, but it harbours the tools that, when released into the wild, hinder America.

The real shit is all this TLS stuff. The whole thing was open source and written by a few neckbeards with UNIX shirts. Total donations were like 27 grand a year, YET, every major vendor used the fucking shit as their standard but put nothing into it. Then heartbleed came along. Now it's a priority. I love open source software but the assumption it's secure is crazy.

 

[sdw]

There is a hacker flick called Blackhat that runs that sort of premise. Yeah, they REALLY fucked up on Stuxnet. I figure all these guys are doing is using unknown 0 days. They have thousands of coders who reverse engineer shit and find flaws. It's ironic too because the NSA was designed to protect America, but it harbours the tools that, when released into the wild, hinder America.

The real shit is all this TLS stuff. The whole thing was open source and written by a few neckbeards with UNIX shirts. Total donations were like 27 grand a year, YET, every major vendor used the fucking shit as their standard but put nothing into it. Then heartbleed came along. Now it's a priority. I love open source software but the assumption it's secure is crazy.

Back in the day, everyone signed their contribution to production software. Windows 95, 98 and 98SE all have enough Easter Eggs to match the code that is the actual operating system. Microsoft publicized those OS Easter Eggs and also the ones that are still in MS Office. You can play Pong and Asteroid in Excel.

If a person is writing a "free" contribution to open source software - I guarantee that the writer has at least one Easter Egg and at least one Back Door in their contribution.

NSA employs people like Edward Snowden. Despite him leaving, there are many still there and distributing anything they get their hands on. Commercial software is all based on code that was developed for military and national security use. Ashton Tate didn't invent dBase. They just used Grace Hopper's work on fire control for 8 inch guns to store business data. Every OS owes Grace for the basic concepts for a working OS. TCP/IP was a military protocol developed by Vinton **** of Stanford for DARPA. It was a commercial product (Xerox) before Congress voted the Military the money necessary to implement if for military use.

 

[Warl0ck]

Back in the day, everyone signed their contribution to production software. Windows 95, 98 and 98SE all have enough Easter Eggs to match the code that is the actual operating system. Microsoft publicized those OS Easter Eggs and also the ones that are still in MS Office. You can play Pong and Asteroid in Excel.

If a person is writing a "free" contribution to open source software - I guarantee that the writer has at least one Easter Egg and at least one Back Door in their contribution.

NSA employs people like Edward Snowden. Despite him leaving, there are many still there and distributing anything they get their hands on. Commercial software is all based on code that was developed for military and national security use. Ashton Tate didn't invent dBase. They just used Grace Hopper's work on fire control for 8 inch guns to store business data. Every OS owes Grace for the basic concepts for a working OS. TCP/IP was a military protocol developed by Vinton **** of Stanford for DARPA. It was a commercial product (Xerox) before Congress voted the Military the money necessary to implement if for military use.

Yeah, I was around in the Windows 95 days. Most technology was built for the military or education initially. The roots of UNIX, the true OS. Same for the internet. It was built to design a nuclear attack, yet today your IP enabled toaster can take it down. My idle was always Kevin Mitnick and a couple of early hacker crews. I'd devour phrack & 2600 The Hacker Quarterly. I remember figuring out how to manipulate phone cards so they'd work perpetually without running out of money. I'd call my online friends overseas. Good times indeed.

As for software, I'm fluent in Windows but I love Linux. I am a Debian Linux guy though I don't mind Mint but dislike Ubuntu. There is something pure about Debian. I just wish they made laptops that looked like Mac's with a Tux logo. Add a little style to the command line.

 

[sdw]

Yeah, I was around in the Windows 95 days. Most technology was built for the military or education initially. The roots of UNIX, the true OS. Same for the internet. It was built to design a nuclear attack, yet today your IP enabled toaster can take it down. My idle was always Kevin Mitnick and a couple of early hacker crews. I'd devour phrack & 2600 The Hacker Quarterly. I remember figuring out how to manipulate phone cards so they'd work perpetually without running out of money. I'd call my online friends overseas. Good times indeed.

As for software, I'm fluent in Windows but I love Linux. I am a Debian Linux guy though I don't mind Mint but dislike Ubuntu. There is something pure about Debian. I just wish they made laptops that looked like Mac's with a Tux logo. Add a little style to the command line.

LOL, little known factoid. Steve Jobs and Steve Wozniak got their start designing, building and selling "Blue Boxes" that allowed free long distance calls. http://www.todayifoundout.com/index...ed-users-to-get-free-phone-service-illegally/

"Pure" as in "has a command line interface"? You can buy laptops with Linux factory loaded from Dell and probably any of the other manufactures. Dell prefers to use Ubuntu, but they have images for other flavors.

 

[Warl0ck]

LOL, little known factoid. Steve Jobs and Steve Wozniak got their start designing, building and selling "Blue Boxes" that allowed free long distance calls. http://www.todayifoundout.com/index...ed-users-to-get-free-phone-service-illegally/

"Pure" as in "has a command line interface"? You can buy laptops with Linux factory loaded from Dell and probably any of the other manufactures. Dell prefers to use Ubuntu, but they have images for other flavors.

Oh, I'm very aware of that. They were essentially hackers as was the senior editor at Wired (Poulsen). Mitnick was on the run from the FBI and documents in Ghost in the Wires. Hacking is one of the few gigs where you can be a complete criminal, go straight and make money. Look at the guys from Lulzsec. I think it's Sabu and T Flow who have legit jobs

I like Debian because I'm a Linux purist. Ubuntu is great and I respect Canonical but I'd never use it. And I don't like Unity. I'm cool with Red Hat, but always saw Debian as "pure". If I go stealth it's Whonix or TAILS. All in all I'm a Debian guy. apt-get shall always rule over yum ;-). I like FreeBSD too.