LPRC - CrimeScience – The Weekly Review – Episode 148 with Dr. Read Hayes, Tom Meehan & Tony D’Onofrio
Episode Date: May 18, 2023Our hosts are traveling all over the world this week and discuss travel updates from the LPRC, challenges in San Francisco including store closures, shrink surveys from Jack Hayes International, and a... Google versus Bing competition for AI deployment. A resurgence of bad actors using QR codes for malware has been seen so we discuss some best practices for preventing issues. Listen in to stay updated on hot topics in the industry and more! The post CrimeScience – The Weekly Review – Episode 148 with Dr. Read Hayes, Tom Meehan & Tony D’Onofrio appeared first on Loss Prevention Research Council.
Transcript
Discussion (0)
Hi, everyone, and welcome to Crime Science. In this podcast, we explore the science of
crime and the practical application of this science for loss prevention and asset protection
practitioners as well as other professionals. Welcome, everybody, to another episode of
Crime Science Podcast. This week is the latest in our weekly update series and joined by
Tony D'Onofrio and Tom Meehan. All three of us are traveling all over the place.
I know Tony's been over in Europe traveling back soonest,
and Tom himself is traveling to conferences.
We've been busy with Fox Business Network with a major retailer globally in our labs.
Now I find myself here today in Washington, D.C. area,
Tyson's Corner to be exact,
working with Mace Rich,
the major shopping center owner-operator,
a multitude of federal and state
and local law enforcement agencies,
but a whole bunch of retail companies
and other actual mall operators
all getting together for a summit.
ICSC will be here. ICSC will be here.
NRF will be here. We'll be doing a panel looking a little bit at some of the issues and some of
the research and development that us and others are working on. And so I won't have a whole lot
of time here on this particular episode. So let me go ahead and we will brief you later on what we're up to with all of our
different initiatives, what we're finding in the summit and beyond. So with no further ado,
let me turn this over to Tony D'Onofrio. Tony, take it away if you would.
Thank you, Reid, for all those great updates. Let me start this week with a summary from the Jack L. Hayes International 35th Annual Retail Theft Survey just published early in May. took place in 2022 by just 26 large retailers who recovered an astounding $288 million from these apprehended thieves.
81% of the survey respondents reported an increase in shrink in 2022,
and this is reflected in their total apprehensions and recovery statistics.
Total apprehension increased, are you ready for this?
Nearly 46%.
And total recovery, are you really ready for these apprehensions?
Increased over 70% in 2022.
Many retailers returned to making shoplifter apprehensions post-pandemic
and focused more on their attention on external
theft issues in 2022. The survey revealed shoplifter apprehensions and recovery dollars
from these apprehensions increased significantly, nearly 51% and over 90% respectively.
Recovery dollars where no shoplifter appreh you was made, but merchandise recovered increase again an amazing 44% in 2022.
On the employee tax side, there was an increase in 2022 in both dishonest employee apprehensions and recovery dollars, 18% and nearly 15% respectively.
18% and nearly 15% respectively.
My favorite part of this report every year is the Job Applicant Admission section.
To further evaluate the severity of employee theft,
Hayes International analyzed over 19,000 randomly selected applicant review questionnaires,
which were pre-employment honesty tests given to retail job applicants nationwide. Of these 9,000 plus job applicants just over 12,000 or 64% were rated low risk
and 3,700 or just 19% were rated as high risk due to their admission of previous wrongdoing
and their attitudes regarding honest and dishonest behavior.
Over 18% of the high risk applicants agreed to have a high frequency associated
with fellow employees who admitted they were stealing merchandise from the company.
they were stealing merchandise from the company.
Just over 9% of the high-risk applicants agreed with,
I am not an honest person and I might steal or cheat.
Nearly 27% of the high-risk and an additional 8% of the low-risk said,
I could be tempted to steal from my employer. And nearly 16% of the high-risk and 4.5% of the low-risk admit,
I have stolen merchandise within the past three years.
Previous theft admissions from the high-risk job applicants totaled just over $256,000,
or roughly $69 per applicant, while the admissions of the group of low-risk
total just over, actually nearly $72,000 or $6 per applicant.
It is generally estimated the correct dollar amount for stolen money and merchandise is
approximately 10 times
the admitted amount. Therefore, based on the amount of admissions made in the applicant review
questionnaire, the average high-risk job applicant was responsible for theft of roughly $692 compared to $58 for the average low risk.
What an amazing year for shoplifting and theft in 2022 as Jack Case highlights from the 26 large retailers.
Switching topics but staying on the theme of shrink and what's taking place,
from the Wall Street Journal, an update on
what is happening in San Francisco.
As they reported, Nordstrom is closing two stores near downtown San Francisco, including
one in a private indoor shopping mall, the latest blow in the city's retail landscape.
The closures also reflect the challenge that merchants face in key districts in large cities
across the country as they deal with rising costs, concerns about crime, and food traffic
remaining well below pre-pandemic level.
As the Wall Street Journal said, the loss of Nordstrom adds to the exodus of office
and retail tenants out of San Francisco following one of the slowest
returns in-person work in the country.
Dozens of stores have shuttered over the last three years in downtown and adjoining areas,
including H&M, Abercrombie & Fitch, Gap, and Crate & Barrel in and near Union Square.
Other luxury retailers such as Whole Foods and Walmart this year have announced to close
stores in urban areas.
Retails have fallen steeper in San Francisco than in other counties in California.
According to one of the mall owners in the city, a growing number of retailers and businesses
are leaving the area due to unsafe conditions for customers, retailers and employees, coupled with the fact that these
significant issues are preventing an economic recovery of the area. San Francisco does have a
lower violent crime rate than many other major cities, but it has one of the highest property crime
rates.
Robbery, motor vehicle theft, and larceny theft all increased in 2022 from the year
earlier, according to police statistics, while homicides were flat.
Large retailers have been vocal about the problem they face in urban and other locations
regarding the increase in shoplifting and other community issues.
Executives from chains such as Home Depot and Best Buy have said they are stepping up
locking away items on store shelves to prevent theft and keeping close tabs on high-risk
goods.
Installing also from the Wall Street Journal article is in US
downtown food traffic in April increased from the prior year but was still 25%
lower than April 2019 levels. San Francisco has a lot of work to do to
really get back to where it was. The challenges continues for that cities and as the Wall Street Journal indicated
also in many other urban areas. Let me close on some good news and this time from the NRF.
I'm going to go to chain storage and from there they reported some of the data coming NRF on the
U.S. economy for the first quarter. According to the chief economist of the NRF,
the US economy remained in gear during the first quarter,
even as GDP growth slowed to a modest 1.1% annual rate
from the average of 3% in the previous three quarters,
two quarters.
The numbers could have been more than two percentage points
higher, but many businesses
reduced built-up inventories rather than producing or buying more goods. Consumer spending, which
accounts for two-thirds of GDP, grew six and a half percent, up from 0.1 percent growth the
previous quarter, as disposable income saw annual growth of 8.4%. Heading into the second quarter, employment numbers were better than expected, despite
a high interest rate with net jobs of 253,000 year-on-year, an increase of 4.4%, and the
unemployment rate of 3.4% tying January for the lowest in more than 50 years.
Inflation has tracked by the Personal Consumption Expenditure Price Index.
The Fed's preferred measure was 4.9% year-over-year in the first quarter.
That was down from 5.7% in the fourth quarter and far below the 6.4 percent seen a year earlier. The core PCE index, which excludes
volatile food and energy, was 4.7 percent. So at least some good news on the economy
and what's going on there. And with that, let me turn it over to Tom.
Well, thank you, Reid, and thank you, Tony.
Well, thank you, Reed, and thank you, Tony.
Hopefully the background noise isn't too bad.
I'm recording from Mexico City at a conference.
Wanted to just talk about some current events in cybersecurity and risk.
I want to first start off with an announcement that both Google and Apple made where they're working on a standardized method for Bluetooth tracking devices and a standardized way to alert someone
who is potentially being tracked by these devices. Most of the news that you'll see is around the
AirTag, and that has more to do with its popularity in a relationship to Apple
than the fact that it's the only device of its kind. Android has a version that's similar.
Tile has a version that's similar. And then there are a host of other ones that are out there. One
interesting thing about the AirTag is it was really the first to use a mesh network, which basically any Apple device online would be used to beacon out.
So, for instance, if you had an AirTag on your luggage and you went to the airport,
it would use surrounding Apple devices to communicate back to you to let you know where it is. When the Apple AirTag first came
out, the device had a few anti-stalking methods deployed, one being that it needed to have a host
device or an account that it's assigned to be in a certain proximity to the device, uh, within 48 hours. So after 48 hours, the device
would actually start beeping. Uh, and I know this cause I actually, when AirTags first came out,
put them on my dog's collars and when I would travel, they would beep. This was kind of the
first of many different, uh, different renditions to come up with an anti-stalking methodology. Today,
if you've ever noticed with your iPhone, an unknown device is in your area, it pops up on
your phone. That's one of the things that occurs. Android and iOS both have methodologies to do this.
And there are a host of third-party apps that do it as well. What Google and Apple did is they got together,
and this has been a challenge for about two years.
There have been a lot of stalking cases because these are low-cost devices
and are working on a standardized way to identify an end user
that there's a device in the area and that you would get a notification
that would help you find that said device to help curve
some of the
illicit tracking that occurs. I know from time to time here in the investigative space, people have
used these type of tractors for short-term investigations. Just keep in mind that these
notifications are coming. Switching gears a little bit, for those of you that have scanned a qr code for a menu at a
restaurant there this has always been a risk of you and you scan a qr code that you don't know
who it belongs to while this risk is minimal it is starting to pop up again where a bad actor goes in
and puts a sticker over the qr code and has you scan that QR code.
Now, I think it's important to say that this type of attack
requires interaction from you as the end user.
When you scan it, it will ask you to install an app potentially
or to give it permissions to something.
As we always say, if you're scanning something to read a menu,
you shouldn't have to give it permissions to anything,
and you also should not be installing anything.
If it asks for any permissions to things on your device, there's no real good reason to do that if you're just trying to look at a menu.
Unfortunately, we're all on the run, moving around quickly, and bad actors are taking advantage of this,
primarily in larger venues like sporting venues and airports and some hotels. So just be mindful that one
simple trick is to just simply rub your finger over the top. If it feels like a sticker on top
of a sticker, then that's sometimes a warning sign. The other thing is when you scan a QR code,
unless you're implicitly wanting to let you know where you are or access to any of your files, you should decline those.
There was a recent news story listed about this that talked about asking a waiter if it was a legitimate QR code.
I'm not sure in the real world that that would work very well.
But just be mindful of when you scan a QR code for anything, if it asks you to do something, what that means. I use QR codes for business cards today.
I use them in restaurants all the time. The likelihood of you coming across this is rare.
And if you practice good cybersecurity hygiene, you'll be okay and you should not have a big risk plateau to worry about.
As always, we'll continue to kind of update and remind folks on some of the inherent risks for cybersecurity.
As you listen to the podcast, if you feel things are repetitive, and sometimes it is by design, as education and awareness with cybersecurity is the key, and to not ever let your guard down. That's going to be the number one way that you're going to continue to be successful in protecting
yourself. Switching to kind of updates on AI. I think that we're in this ever-changing world
with chat GPT, open AI, and there is a legitimate strong battle between Microsoft and Google to
corner the market. One of the most interesting things is Bing
is taking a significant amount of market share very quickly.
And while it's still nowhere near Google's market share
in the search world, it is rapidly evolving
because of the integration with ChatGPT in Microsoft's Bing.
One of the things that Google made several announcements this week
is they've updated their version of chatGBT, BARD. The update has been significant. It works
much better. And they're similar in nature. One of the biggest and probably most interesting
announcements is that Google will, they've already shortlisted, and there's a
wait list for some folks to get onto this, they're out beta testing, a new Google search, which is
fully integrated with their AI deployment. And it looks and feels very, very different. Search
results come up with pictures and descriptions versus websites. So this is going to be an evolution in how you search the Internet.
And I think for all of us, not only will there be a learning curve here,
but I'm projecting and predicting that some websites will receive less traffic
because the search is much more of an answering type question piece.
So this is really, really interesting.
Competition breeds innovation.
So I think we're going to see,
continue to see a really, really quick turn
for artificial intelligence.
I caution all of the listeners here
to be mindful of the privacy
when you are using these type of tools
and understand what the tool's limitations are.
Additionally, Google announced, similar to while they're a little bit behind, Microsoft
announcing Copilot.
Microsoft Copilot is a fully integrated AI feature that would work with the Office suite
and their Microsoft for Work and Home suites.
And basically, Copilot would allow a person to say,
create a slide about the Lost Virgin Research Council,
and it would go ahead and do that.
This is very, very interesting
because this is the next leg of really an end user using it
in practicality.
Proofread this document for me.
Rewrite this sentence for me.
Find a picture to insert here of this.
You're seeing that Google has announced
that they will be releasing their version of the same
for the Google Suite tools.
Summarize this email.
Find me the key points of this document.
Really, really useful tools to help speed productivity up,
but it's very, very, again, important
that you understand the risks out there.
One other announcement,
which I think will really be interesting,
is Adobe, Adobe Photoshop Premiere
has also announced that they will have
a very similar tool
where you'll be able to go in
and actually write in plain human language.
I need to change the color of the hair
of this individual to black
and it'll do the heavy lifting for you.
So we will continue to watch this
and communicate on it.
You also will see,
and if you haven't already, through LinkedIn and through trade shows, I'm sure at the NRF,
this will be a big thing, a lot of computer vision products, a lot of data analytics products,
incorporating a version of ChatGPT. We're already starting to see that out there. And again,
these are all really good movements. These are all really going to help all of us enhance the way we do business. As long as we understand the limitations and the risks that come with it, I think we will continue to see some of those
risks that are occurring come out into the open very, very soon. And then last but certainly not
least, something that we don't often talk about here on the podcast is there has been an increase of armored car robberies throughout the United States.
There were some in the Northeast.
This is a very interesting phenomenon because generally in the past there's been ice that are on pockets.
And we're continuing to monitor that.
I think I'll continue to give updates.
I was actually at a conference and some really, really glaring stats.
Bank robberies occur very often, but bank robberies generally have minimal hauls.
You know, banks don't keep that much cash outright where armored cars are moving larger sums of cash.
Also, as you probably imagine, you know, a typical bank robbery,
if you read about in a big city is someone passes a note, they leave with a bag,
and it's just a relatively unaffected environment.
On the other hand, with an armored car robbery,
you have folks with guns driving an armored car,
you have folks with guns stopping them,
and it is a much more violent-prone event,
and there's much more risk for injury.
So something to certainly keep an eye on.
We'll continue to watch and see what
occurs. But I thought it was a very interesting tidbit that that was increasing. And with that,
I will turn it back over to Reid. All right. Thanks so much, Tom. Great stuff as always.
Thank you very much, Tony, for your insights as everybody's moving in all over the place, trying to help all of us work together on reducing theft, fraud, and of course, our amazing LPRC team, our staff working away on
two, count them, summits next week. One will be live and in Houston, Texas. I understand there
will probably be 40 to 70 retailers. I'm not sure what the number is going to be, plus all type of
law enforcement agencies going through violent crime, the violent crime summit.
So I think I understand at this point enrollment is closed because of an overwhelming turnout and the wish by all to keep it somewhat intimate so that there can be a lot of sharing, hands-on exercises, a lot of takeaways and go-to-work-with type of learnings.
So we also will have our annual virtual, in this case, typically annually, and that's our Product Protection Working Group Summit.
That will be online.
In the first case, we'll have Dr. Corey Lowe facilitating the Violent Crime Working Group
Summit.
In the next case, we'll have Dr. Justin Smith facilitating
the Product Protection Working Group. So, we encourage everybody to go to lpresearch.org,
learn more, enroll, engage, and of course, impact coming up that first week in October as always.
We've already got a record number of enrollees and participants coming up, sponsorships.
The content has already been specced out. Some of it's already actually done. Others, of course, other content is in the works,
but I don't think you're going to find more detail, more hands-on, more takeaways
in a cooler environment than, especially compared to last several impacts, which continue to be off
the charts from the feedback we're getting and the reviews that we get in surveys.
So we'd love to get everybody engaged in LPRC Impact.
Again, go to lpresearch.org.
Look for us on LinkedIn, Twitter, Facebook, and other social media platforms as well.
Again, we always want to invite you all, just like we continue to have a stream of retail companies and leaders coming through here to strategize and plan and learn together.
We'd like to extend the same invitation to you.
So lpresearch.org.
We appreciate it.
Everybody stay safe and keep in touch.
Thanks for listening to the Crime Science Podcast presented by the Loss Prevention Research
Council.
If you enjoyed today's episode, you can find more crime science episodes and valuable
information at lpresearch.org.
The content provided in the Crime Science Podcast
is for informational purposes only
and is not a substitute for legal,
financial, or other advice.
Views expressed by guests of the Crime Science Podcast
are those of the authors
and do not reflect the opinions or positions
of the Loss Prevention Research Council.