Centry Quick Check Program for Corporate Due Diligence

New technology has revolutionized corporate investigations and changed the way we go about them. There’s greater efficiency, new insights, and broader reach. However, the downside is that this technology can lull both investigators and clients into a false sense of security.

Computers can provide us with information, but people are still better at evaluating data within context, such as identifying how useful the information is and what it is relevant to. In short, technology can’t yet replicate human analysis – and yet we continue to see a growing dependence upon it for exactly that.

The Value of Professional Investigators in Corporate Due Diligence

In countries where there are robust public records, this dependence on automated scanning and investigative tech is particularly evident. Although investors and corporations still recognize the value of actual investigators in challenging regions across the globe where the public records may not be so accessible or accurate, when it comes to investing in due diligence insidethe US and Canada for example, companies are increasingly drawn by the promise of these low-level automated scans.

However, it’s important to consider that these types of surface level scans will not and cannot encompass a breadth of understanding of an investigated subject. Software driven data harvests conducted without the analytical power of the human mind could expose businesses to risks they may be unaware of, including things like reputational risk, fraud, money laundering, and more.

Most of these automated scans lack coverage on the target in media, whether that’s on social platforms or journalistic content. This surface level research cannot hope to provide a clear and accurate picture of a subject, and it certainly would not appease judicial officials if something were to go wrong.

For example, single-location local records checks cannot account for whether a person has moved cities. It would also not pick up any information about whether or not the subject faced allegations of criminal activity, which is something that can be identified through doing a media assessment. Furthermore, media research can also illustrate any extreme political views or subjects that an investor or company might not want to be associated with.

The professional experience of a professional who has done hundreds, if not thousands of due diligence investigations is something that is highly valuable. They are more likely to be able to provide context around findings that may initially seem adverse, such as whether or not a particular practice is typical for a particular industry or they might pick up contextual clues that could uncover a previously overlooked detail.

Companies seeking to save a dime by purchasing an automated scan with no human inference could be unknowingly setting themselves up for a huge risk in the future.

Our Answer: Investigator Driven Quick Checks for Individuals and Companies

Propelled by increased regulatory concerns among corporate entities and a more competitive environment amid the offers of automated checks, Centry Global has formulated an answer to the question of how to marry meaningful analysis to efficiency in due diligence investigations with our Quick Check (QC) program.

What to Expect from a Centry QC

The QC program combines an identity review, sanctions screening, compliance check, and media research into a single, well-organized background check package on either individuals or companies with a turnaround time of 5-7 business days.

Quick Check of a Company

  • Identity Review
    • Key financial figures
    • Risk Level
    • Beneficial Owners and Senior Management
  • Compliance Review
    • Sanctions and Watchlists Screening
  • Social/Adverse Media Review
  • Analysis and/or Recommendations

Quick Check of an Individual

  • Identity Review
    • Shareholdings and Directorships
  • Compliance Review
    • Sanctions and Watchlists Screening
    • Politically Exposed Persons Screening
    • Litigations Check
  • Social/Adverse Media Review
  • Analysis and/or Recommendations

For more information on these Quick Checks, please feel free to contact us at info@centry.global or on our LinkedIn, Facebook and Twitter pages!

A Millennial’s Guide to Avoiding Romance Scams

As online dating has started to gain traction as a means of finding your match, so too has the threat of being scammed in romance fraud.

We often hear about these stories where an elderly person was manipulated by a con artist into giving away their life savings, or a predator has been grooming an adolescent to take advantage of them. Many of us millennials and gen z have a false sense of immunity to these scams because we have grown up with the internet and online dating. We might think that we already know all the signs, or that it might be less likely to happen because these dating platforms have established trust in the consumer base.

And yet, romance-based scams account for some of the highest dollar losses per year in the category of mass marketing frauds. It is one of the least reported types of fraud despite its proliferation across the internet, and it can target people of all ages.

Usually these types of situations have a few common themes:

  • They ask you early on to move communication off the dating platform. Moving away from the online dating site messaging services means that the interaction can be harder to track. Usually they will ask to communicate by email or text messages instead.
  • The relationship moves very fast. If after just a few contacts, they are expressing their profound love or feelings of deep friendship for you, it’s time to be suspicious. This is a tactic to try to manipulate vulnerable people into trusting the con artist, so that they can be more easily scammed.
  • Yet they will not meet you in person or talk on the phone/video chat. Even though they could be professing deep feelings for you, they are somehow evasive when it comes to the topic of meeting in person, or they have all these excuses about why they can’t speak on the phone or video chat. This factor alone is huge– when romance is real, you want to be together and you want to see each other. So even if on the off chance that they are not scamming you and don’t want to meet, they still may be hiding a big secret.
  • They want you to send them money. This is usually not something that happens immediately. It takes time and grooming for the con artist to build trust with their target. At that point, they may come out with an elaborate story about how they need financial help to get out of a problematic situation. Common stories of this nature include being stuck traveling and needing help with airline tickets, requiring assistance with medical bills, or having a family member in a life or death situation. These stories are engineered to prey upon your need to help those that you care about. If the victim agrees to pay even just once, there will most likely be more requests in the future to cover other fictitious expenses.

You should never agree to send money to someone that you don’t know. Besides the potential of opening up a figurative drain, you could be unknowingly helping the scammer in something shady. Especially if they ask you to move money or goods on their behalf.

If you feel like something about the person’s profile doesn’t quite add up, you can reverse image search the photo by right-clicking it on the website and selecting the ‘Search Google for image’ option. This will show you if the profile picture has been uploaded anywhere else, which could show if it was taken from someone else or a stock photo. This also works on mobile if you access the photo through the Chrome browser app, hold your finger down on the photo until a pop-up menu appears, and then you can select the option to search google as usual.

One more thing to consider is avoiding sending intimate photos of yourself or providing sensitive details about your personal life that could be used against you. Scammers have been known to hold individuals hostage in these relationships by threatening to blackmail them with information they had voluntarily provided.

If, over the course of reading this article, you have found yourself recognizing red flags in a situation you or someone you know are involved in, know that you can reach out to us to help. Visit our website https://www.datecheckonline.com/ for more information on our identity verification investigations and to get in contact with us so that we can help you.

This article was written by Kristina Weber, Content Manager of Centry Global. For more content like this, be sure to subscribe to Centry Blog and follow us on Twitter @CentryGlobal and @DateCheckOnline.

2 Years of Centry Blog!

After two years in operation, Centry Blog has been steadily reaching a wider audience and netting more and more views across Facebook, Twitter, and LinkedIn. If you take a look in our archive, you will find all sorts of content ranging from simple guides on how to bolster personal security to full articles on issues such as counterfeiting, money laundering, data breaches and more. For all of our new followers, we warmly welcome you and invite you to learn more about who we are!

CENTRY GLOBAL is an international security solutions company that not only advises businesses on best practices in security, but also carries out the dynamic services needed to meet those goals. Our work takes us around the world – it’s more than a job; it’s a lifestyle.

Our professionals come from many different cultures and backgrounds, with a combined expertise based around security and risk management. Within our ranks, you will not only find professionals in investigative, fraud control, security and risk issues, but also experts in programming, software development, and security technology.

As a result, we use technology where it proves to be suitable tool, but we don’t get hooked on the tools because we know that the type of security risks you face are not machine made; they are related to people. And above all, we are people persons. We are highly communicative, we like to interact and network, and we do that in many different languages across many different countries.

The facets of our core business are divided into five different streams – those being Security Risk Management, Compliance Screening & Investigations, Business Support, Cyber Security Services, and Supply Chain Security.

Our Security Risk Management program revolves around the service of a Project Security Manager, who is a highly experienced professional, usually with prior military experience, that works to secure client project sites, no matter what country they are in. Our PSMs have worked in countries such as Algeria, The Ivory Coast, Mexico, Ukraine, Iraq, Yemen, India, and more. Each of these places comes with their own unique set of risks and we always rose to the occasion.

Meanwhile, our Compliance Screening and Investigations professionals are on the frontline, protecting our clients from unknowingly engaging with shady businesses or sanctioned individuals. Our services on in this sphere range from performing background security checks for recruitment to months-long corporate investigations to private field investigations for individual persons.

Our Business Support program has two avenues: Pathfinding and Business Process Analysis. Pathfinding is an advisory and liaison service that is useful for businesses looking to expand to a new location or culturally different market. Our professionals serve as the middle-man between our clients and the new area, by conducting research on the locality and liaising with relevant officials to ensure client operations are as seamless as possible. The Business Process Analysis (BPA) is an operational review specifically designed to identify vulnerabilities associated with a process on a preventive basis. A BPA can also be used to investigate specific losses by reviewing the process where the losses originated, without creating a negative atmosphere with employees having to be involved in an internal investigation.

Our Cyber Security professionals have the singular goal to ensure that our clients’ online business assets are safe and secure. This takes a multi-faceted approach comprised of security training, a high-level business review of existing policies and procedures, a threat risk assessment, and the creation of new policies and procedures if necessary.

Finally, the stream of Supply Chain Security services work around supporting organizations that are interested in enhancing the resilience of their supply chains by applying for and remaining compliant with international certificates and authorizations, such as TAPA and AEO.

Above all, we are a united team that takes pride in providing meaningful impact on the world around us by ensuring that the people who work with us can be protected and taken care of.

If you have any questions or comments for us, please feel free to submit them on the Contact page of this website!

Cryptocurrency OneCoin revealed to be $3bn pyramid scheme

An international pyramid scheme involving the marketing of the cryptocurrency OneCoin has now been revealed. Konstantin Ignatov, his sister Ruja Ignatova and Mark Scott have been charged by the Southern District of New York (SDNY) for wire fraud conspiracy, securities fraud, and money laundering.

OneCoin is a Bulgarian-based company that was founded in 2014 and is still active today. The company’s main operations depended upon selling educational cryptocurrency trading packages to its members, who in turn receive commissions for recruiting others to purchase these packages. SDNY has identified this as a multi-level marketing structure and attributes that to the rapid growth of the OneCoin member network. The company claims to have more than 3 million members worldwide.

In a government press release, Manhattan attorney Geoffrey Berman said that the OneCoin leaders essentially created a multi-billion dollar company “based completely on lies and deceit.”

Leaders of OneCoin were furthermore alleged to have lied to investors to inflate the value of a OneCoin from approximately $0.50 to over $30.00. This was just one facet of a breadth of misinformation perpetrated by the leaders of the company, including claims about how how OneCoin cryptocurrency is mined by company servers, when in reality OneCoins are not mined with computer resources and the use of a private blockchain, which was found to be false in the investigation.

So how damaging was this scheme? The SDNY claims that between 2014-2016 alone, OneCoin was able to generate more than $3.7 billion in sales revenue and earned profits of approximately $2.6 billion. The investigation revealed that Ignatova and her co-founder created the business with the full intent of using it to defraud investors. In one email that was found between OneCoin’s co-founders, Ignatova described her exit strategy for OneCoin, which was simple to take the money and run and to blame someone else.

Konstantin Ignatov was arrested on March 6, 2019 at LAX, while his sister remains still at large. It is estimated that Ruja Ignatova could see up to 85 years in prison if she is found guilty on all accounts, as she faces five separate charges. Mark Scott was arrested in Massachusetts on Sept. 5, 2018 and faces 20 years in prison.

Many authorities across the globe have been notified of OneCoin’s fraudulent behaviours and have attempted to stop the company’s operations.

This article was written by Kristina Weber of Centry Global. For more content like this, be sure to subscribe to Centry Blog for bi-weekly articles related to the security and risk industries. Follow us on Twitter @CentryGlobal!

Tactical Catfishing

Most of us think of ‘catfishing’ in the context of someone using a fake profile, usually on some dating app, to trick unsuspecting people. Maybe they do it for manipulation and blackmailing purposes, or to scam people out of money.

Now, however, a social engineering drill conducted by the NATO Strategic Communications Centre of Exellence (NATO StratCom COE) has shown us that these catfishing tactics can be used on soldiers to glean sensitive information about things like battalion locations, troop movements, and other personal intel.

The operation used the catfishing technique to set up fake social media pages and accounts on Facebook and Instagram with the intent of fooling military personnel. This clandestine operation, designed to take place over the course of a month, was arranged by a “red team” based out of NATO’s StratCom Center of Excellence in Latvia.

The falsified Facebook pages were designed to look like pages that service members use to connect with each other – one seemed to be geared toward a large scale military exercise in Europe and a number of the group members were accounts that appeared to be real service members.

The truth was, however, these were fake accounts created by StratCom researchers to test how deeply they could influence the soldiers’ real world actions through social engineering. Using Facebook advertising to recruit members to these pages, the research group was able to permeate the ranks of NATO soldiers, using fake profiles to befriend and manipulate the soldiers into providing sensitive information about military operations and their personal lives.

The point of the exercise was to answer three questions:

  1. What kind of information can be found out about a military exercise just from open source data?
  2. What can be found out about the soldiers just from open source data?
  3. Can any of this data be used to influence the soldiers against their given orders?

Open source data relates to any information that can be found in public avenues such as social media platforms, dating profiles, public government data and more.

The researchers found that you can, indeed, find out a lot of information from open source data – and yes, the information can be used to influence members of the armed forces. The experiment emphasizes just how much personal information is ‘open season’ online, especially as our lives are increasingly impacted by our digital footprints.

Perhaps even more troubling is the fact that even those of us who are the best positioned to resist such tactics still managed to fall for them, illustrating just how easy it is for the average person with no experience with digital privacy.

Many of the details about how exactly the operation was conducted remain classified, such as precisely where it took place and who was impacted. The research group that ran the drill did so with the approval of the military, but obviously service members were not aware of what was happening.

The researchers obtained a wide range of  information from the soldiers, including things like the locations of battalions, troop movements, photographs of equipment, personal contact information, and even sensitive details about personal lives that could be used for blackmail – such as the presence of married individuals on dating sites.

Instagram in particular was found to be useful for identifying personal information related to the soldiers, while Facebook’s suggested friends feature was key in recruiting members to the fake pages.

Representatives of the NATO StratCom COE stated that the decision to launch the exercise was made in the wake of the Cambridge Analytica scandal and Mark Zuckerberg’s appearance before U.S. Congress last year.

A quote from the report says:

“Overall, we identified a significant number of people taking part in the exercise and managed to identify all members of certain units, pinpoint the exact locations of several battalions, gain knowledge of troop movements to and from exercises, and discover the dates of active phases of the exercises.

“The level of personal information we found was very detailed and enabled us to instill undesirable behaviour during the exercise.”

Military personnel are often the target of scams like catfishing. Recently, a massive blackmailing scheme that affected more than 440 service members was uncovered in South Carolina, where a group of inmates had allegedly used fake personas on online dating services to manipulate the service members. This just goes to show that it’s not just finances at risk through catfishing, but security overall.

Facebook has taken a decidedly firm stance against the proliferation of fake pages and accounts designed to manipulate the public. The company prohibits what it calls “coordinated inauthentic behavior”, and has bolstered its safety and security team over the past year in an effort to combat phishing and other types of social scams.

But after the success of StratCom’s endeavor, it seems that Facebook’s efforts to crack down on this aren’t completely successful. Of the fake pages created, one was shut down within hours, while the others took weeks to be addressed after being reported. Some of the fake profiles still remain.

One thing to keep in mind is just how small-scale this experiment was in relation to the massive yield of information. Three fake pages and five profiles were all it took to identify more than 150 soldiers and obtain all of that sensitive information. This is tiny in comparison to the coordinated efforts of bad actors that utilize hundreds of accounts, profiles, and pages. One can imagine just how much data could be obtained through those schemes.

As a result of the study, the researchers suggested some changes Facebook could make to help prevent malign operations of a similar nature. For example, if the company established tighter controls over the Suggested Friends tool, it would not be quite as easy to identify members of a given group.

Digital privacy is especially important – the picture we present of ourselves across different social media platforms can help people build a clear idea of who we are, which could, consequently, be used against us in terms of manipulation tactics and social engineering.

The use of social media to gather mission sensitive information is going to be a significant challenge for the foreseeable future. The researchers suggest that we ought to put more pressure on social media to address vulnerabilities like these that could be used in broad strokes against national security or individuals directly.

Centry Global has a service for identity verification of online profiles. If you suspect you may be at risk for being manipulated, contact us at www.datecheckonline.com!

This article was written by Kristina Weber, Content Manager of Centry Global. For more content like this, be sure to follow us on Twitter @CentryGlobal and subscribe to Centry Blog for bi-weekly updates.

At the Cost of Life: The Counterfeit Pharmaceuticals Industry

Out of all the fraudulent goods that circulate the world amongst their legitimate counterparts, the counterfeit pharmaceuticals market is one of the largest sectors. Counterfeit pharmaceuticals is a booming business, with multiple sources pointing between an estimated $200-$300 billion dollar revenue. Worse, the stakes behind counterfeiting pharmaceuticals are higher than fake handbags – people around the world depend on medication for their livelihood.

The World Health Organization has a broad definition of what constitutes a counterfeit drug – any drug that has been deliberately or fraudulently mislabeled with respect to identity or source. The term ‘counterfeit pharmaceuticals’ is an umbrella that encompasses everything from changing things like date of expiration on packaging to altering the raw materials to removing the active ingredients from the medication.

Counterfeit medications make up roughly 10% of pharmaceuticals on a global scale, but it’s important to note that this isn’t an even spread throughout each country in the world. Developing countries face fraudulent pharmaceuticals on a wider scale than you might find in first world countries that have more regulations.

But even in those areas there are plenty of opportunities for criminals to take advantage of the system. Counterfeit pharma is an attractive industry to criminals – especially those with organized crime connections – as it can generate enough revenue to rival trafficking things like heroin. This is because they can charge near market prices for big ticket medicines like cancer treatments and insulin, which makes it easier to mass produce knockoffs for a substantial profit.

All drugs must undergo clinical trials to test their efficiency, quality, and potential side effects before they can be marketed to the public. These measures function as a safety valve to protect consumers. However, these regulations are not observed by the manufacturers of counterfeit products. Instead, they use substandard products, leave out active ingredients, or otherwise tamper with the components. The end result can range from ineffective treatment to severe health problems or death.

The way pharmaceuticals move through the supply chain can leave them vulnerable. There’s typically three major phases of it – manufacturing, distributing, and retailers.

Usually the chemical compounds that compose the active ingredients of a drug are manufactured in places like China or India due to the relatively low cost of raw materials in those regions. Indeed, India itself is home to more than fifteen thousand illicit drug factories, which are estimated to supply approximately 75% of the world’s counterfeit drugs. Continuing the manufacturing process, those chemical compounds are made into their respective forms – whether that’s capsules, injections, creams, etc. – either in the country of origin or in USA/Europe.

The drugs are then shipped in large quantities to packing facilities, where they are prepared for the distribution phase. This part is particularly vulnerable, as this is an area where criminals can deposit convincing fakes to be combined with the legitimate drugs.   

That said, counterfeiting can occur outside the distribution chain as well because of internet and mail order markets, street vendors, etc. This is especially common in areas where medicine can be hard to acquire – counterfeit pharmaceuticals are a big problem in the developing world. Some pharmacists in these developing regions are compelled to buy from the cheapest – but not necessarily the safest – suppliers in order to compete with the street market.

Things such as lotions, creams, and oils are often counterfeited as they are relatively easy to make and then sold by illegitimate suppliers. Production of these goods is generally less regulated than pills or injections because knockoff ointments are most likely going to be less potentially damaging than their oral counterparts. That said, there were a significant portion of counterfeit injectables found amongst the legitimate pharmaceutical supply chain, which tend to cost more and can have deadly effects. Overall, though, anything that is profitable is at risk to be counterfeited – things that range from treatments for AIDS to Cancer to Diabetes to antibiotics and more. Theoretically, every patient is at risk – thus counterfeit pharmaceuticals are a problem that should concern everyone.

The human toll is enormous, as a study by the World Health Organization calculated that up to 72,000 deaths from childhood pneumonia could have been attributed to the use of antibiotics that had reduced activity, and that number climbs to 169,000 if the drugs had no active ingredients at all. These low quality drugs also add to the danger of antibiotic resistance, which threatens to undermine the power of these life-saving medicines in the future.

Three international security organizations including Interpol, the Institute of Security Studies, and the Global Initiative against Transnational Organized Crime have called for an overhaul of the regulatory, enforcement, and education systems for medical supply chains in Africa specifically. This is in order to reduce the spread of counterfeit pharmaceuticals across the continent. The three organizations commissioned a study called “The rise of counterfeit pharmaceuticals in Africa” under a bigger project funded by the European Union that is dedicated to Enhancing Africa’s Response to Transnational Organized Crime (ENACT). Findings from the study suggested that counterfeit pharmaceuticals accounted for nearly 30% of drugs on the market in Africa.

In order to address the proliferation of fraudulent pharmaceuticals, anti-counterfeiting measures have been rising up around the world. For example the U.S. Drug Supply Chain Security Act requires pharmaceutical companies to add serial numbers to all packages over the next few years, which should help in tracking the movement of the medications through the supply chain. Several non-profits have been founded to combat the issue as well.  Overall, however, finding a solution to this issue is going to be something that requires sustained commitment not only on a national level but on an international plane between health organizations, law enforcement, healthcare stakeholders, and the pharmaceutical industry as a whole.

This article was written by Kristina Weber of Centry Global. For more content like this, subscribe to our blog for bi-weekly articles related to the security industry and follow us on Twitter with our new handle @CentryGlobal!

The Future of AI, Security, & Privacy

Artificial Intelligence is a subject that is not just for researchers and engineers; it is something everyone should be concerned with.

Martin Ford, author of Architects of Intelligence, describes his findings on the future of AI in an interview with Forbes.

The main takeaway from Ford’s research, which included interviews with more than twenty experts in the field, is that everyone agrees that the future of AI is going to be disruptive. Not everyone agrees on whether this will be a positive or negative disruption, but the technology will have a massive impact on society nonetheless.

Most of the experts concluded that the most real and immediate threats are going to be to cyber security, privacy, political systems, and the possibility of weaponizing AI.

AI is a very useful tool for gathering information, owing to its speed, the scale of data it can process, and of course the automation. It’s the most efficient way to process a large volume of information in a short time frame as it can work faster than human analysts. That said, it can come with some detriments. We have started to see that its algorithms are not immune to gender and race bias in areas such as hiring and facial recognition software. Ford suggests that regulation is necessary for the immediate future, which will require continuing conversation concerning AI in the political sphere.  

AI-based consumer products are vulnerable to data exploitation, and the risk of that has only risen as we have become more dependant on digital technology in our day to day lives. AI can be used to identity and monitor user habits across multiple devices, even if your personal data is anonymized when it becomes part of a larger data set. Anonymized data can be sold to anyone for any purpose. The idea is that since the data has been scrubbed, it cannot be used to identify individuals and is therefore safe to use for analysis or sale.

However, between open source information and increasingly powerful computing, it is now possible to re-identify anonymized data. The reality is that you don’t need that much information about a person to be able to identify them. For example, much of the population of the United States can be identified by the combination of their date of birth, gender, and zip code alone.

With consent-based regulations such as GDPR concerning the right to digital privacy, it is clear that people want to know how their information is used, why, and how it can affect their lives. Furthermore, that they want control over how their information is used.

This article was written by Kristina Weber, Content Supervisor of Centry Ltd. For more content like this, be sure to subscribe to our blog, which updates every other Friday with articles related to the security industry!