Category Archives: Crime

by | May 11, 2010 · 6:17 am

Hospitality Industry Theft Risks: Hotel Surveillance Cameras And Guest “Identification” Procedures Are Best Deterrent To Property Theft

Gordon called the April 3 thefts at the Hampton Inns “very brazen, and quite frankly stupid,” given that the hotel lobbies have surveillance cameras.

In both cases, Gordon said, Cole checked in using a fake ID and paid in cash. Then he and Harrington left with flat-screens worth more than $1,000 each, Gordon said.

(From an AJC.com article)   Jonathan Cole and Brooke Harrington have been arrested by the Atlanta Police Department, Alpharetta police spokesman George Gordon said Friday.

Police were looking for Cole and Harrington after they hit two Hampton Inns in Alpharetta on a single Saturday. They also are wanted for similar thefts in Gwinnett County and the city of Norcross, Gordon told the AJC.

“We had been looking for them for a while … They hid out really well,” Gordon said. “This was a prolific crew traveling all over metro Atlanta area.”

http://www.ajc.com/news/atlanta/atlanta-police-nab-flat-522306.html

Comments Off on Hospitality Industry Theft Risks: Hotel Surveillance Cameras And Guest “Identification” Procedures Are Best Deterrent To Property Theft

Filed under Crime, Insurance, Liability, Theft, Training

Tagged as , , , ,

by | May 3, 2010 · 5:49 am

Hotel Industry Safety: Guest Safety Will Always Be Compromised If Hotels Do Not Demand Physical Proof Of Identity

There is a conflict of interests between guest safety and guest satisfaction, which plagues the industry. By nature, hotels — especially five-star properties — are welcoming and discreet when a guest checks in. More rigorous identification procedures that require front-desk staff to demand additional personal information or physical proof of identity could jeopardise this.

(From a HotelierMiddleEast.com article)   Identifying hotel guests used to be a simple procedure; the receptionist had to match the name of the guest with the name on the reservation and then hand over the room key. But in today’s world of cyber crime, credit card fraud and identity theft, it is more important (and complicated) than ever to ensure that the person checking in to your hotel is really who they say they are.

In GCC countries, industry standards require hotels to upload data from the passport of every guest who is staying in the hotel on to a central government portal.

Two months ago, numerous individuals who were carrying false passports managed to enter the UAE, check into hotels using fake identities and fake credit cards, and then depart the country less than 24 hours later, after they allegedly assassinated Palestinian Hamas chief Mahmoud Al Mabhouh.

The events that took place at the Al Bustan Rotana Dubai in late January have still not been confirmed, but one thing is clear; a number of individuals managed to check into the hotel under assumed identities.

According to Al Bustan general manager Mohamad Haj Hassan, hotel staff followed standard protocol when several of the suspects checked in; taking a scan of their passports and a credit card swipe before handing them their room keys and wishing them an enjoyable stay.

http://www.hoteliermiddleeast.com/8056-whos-there/

Comments Off on Hotel Industry Safety: Guest Safety Will Always Be Compromised If Hotels Do Not Demand Physical Proof Of Identity

Filed under Crime, Liability, Theft, Training

Tagged as , ,

by | April 30, 2010 · 6:18 am

Hotel Security And Legal Issues: Municipalities Are Considering Enacting Legislation Which Would Force Hotels To Obtain Photo ID From Guests Or Be Fined

A proposed law before Ocean City’s Town Council would force resort hotels and motels to obtain photo ID from guests, or else face a $1,000 fine.

The board of Ocean City’s Hotel-Motel-Restaurant Association unanimously opposes the idea, said HMRA executive director Susan Jones. She said having each and every guest show photo ID would be “cumbersome,” but that a majority of hotels already ask for it.

“We found it a little too intrusive,” she said. “What we were most against in that part of the ordinance was a fine, because how can you tell somebody how to run their business? That’s not a public safety issue.”

“Obviously, we want to work with the police, but in its current written form, we couldn’t support it,” she added.

The matter was on the Town Council’s agenda for this week’s meeting, but it was postponed without discussion.

Ocean City Police Chief Bernadette DiPino says it is a matter of public safety.

She asked resort leaders to consider the law as a proactive community policing idea –a tool, she said, meant to help identify any hotel guest suspected of committing a crime. It also would be a measure helping homeland security, she said.

http://www.delmarvanow.com/article/20100428/WCT01/4280429

Comments Off on Hotel Security And Legal Issues: Municipalities Are Considering Enacting Legislation Which Would Force Hotels To Obtain Photo ID From Guests Or Be Fined

Filed under Crime, Legislation, Liability

Tagged as , ,

by | April 20, 2010 · 8:36 am

Hospitality Industry Risk: Cybercrime Is Targeting Smaller Companies Who Need To Employ Security Packages

“We are in an arms race with sophisticated, high tech enemies who are now concentrating on smaller business bank accounts in addition to their continued efforts to steal from large corporations.” To combat the risk, Conner suggests that small businesses employ a “triple threat” security package that would include

• Authentication 

• Fraud detection  

• “Out-of-band transaction verification and signing for high-risk transactions”

(From a USAToday.com article)    Authentication and fraud detection intuitively make sense – these sorts of products look at your transaction, and transaction history, and check for suspicious activity. Conner explained that while Entrust already offers the first two types of protection, to better serve its customers, it is adding that third, necessary layer, of protection with a new product being launched this week.

 “IdentityGuard Mobile” is an app for your smartphone. When a potentially suspicious activity begins to hit your account, this product sends you a text of the transaction details and asks you to authenticate and approve it before the bank can approve it.

 With the challenges to small business coming from all sides – decreased lending, tighter budgets, wary consumers – the last thing we need is to take a financial hit due to cybercrime, so we must be vigilant. Keep your security patches up to date. Make sure you have a robust antivirus suite. Change your pass codes frequently. Use the triple threat.

  http://www.usatoday.com/money/smallbusiness/columnist/strauss/2010-04-18-cyber-threats_N.htm

Comments Off on Hospitality Industry Risk: Cybercrime Is Targeting Smaller Companies Who Need To Employ Security Packages

Filed under Crime, Liability, Theft, Training

Tagged as , ,

by | April 14, 2010 · 5:41 am

Hospitality Industry Risk: “PCI Security Standards” Should Be Implemented By Hotels And Restaurants To Protect Customer Data

The PCI Security Standards Council will enhance the PCI DSS as needed to ensure that the standard includes any new or modified requirements necessary to mitigate emerging payment security risks, while continuing to foster wide-scale adoption.

(From a PCIsecuritystandards.org posting)   The PCI DSS, a set of comprehensive requirements for enhancing payment account data security, was developed by the founding payment brands of the PCI Security Standards Council, including American Express, Discover Financial Services, JCB International, MasterCard Worldwide and Visa Inc. Inc. International, to help facilitate the broad adoption of consistent data security measures on a global basis.

The PCI DSS is a multifaceted security standard that includes requirements for security management, policies, procedures, network architecture, software design and other critical protective measures. This comprehensive standard is intended to help organizations proactively protect customer account data.

The PCI Security Standards Council will enhance the PCI DSS as needed to ensure that the standard includes any new or modified requirements necessary to mitigate emerging payment security risks, while continuing to foster wide-scale adoption.

Ongoing development of the standard will provide for feedback from the Advisory Board and other participating organizations. All key stakeholders are encouraged to provide input, during the creation and review of proposed additions or modifications to the PCI DSS.

The core of the PCI DSS is a group of principles and accompanying requirements, around which the specific elements of the DSS are organized:

Build and Maintain a Secure Network

Requirement 1: Install and maintain a firewall configuration to protect cardholder data
Requirement 2: Do not use vendor-supplied defaults for system passwords and other security parameters

Protect Cardholder Data

Requirement 3: Protect stored cardholder data
Requirement 4: Encrypt transmission of cardholder data across open, public networks

Maintain a Vulnerability Management Program

Requirement 5: Use and regularly update anti-virus software
Requirement 6: Develop and maintain secure systems and applications

Implement Strong Access Control Measures

Requirement 7: Restrict access to cardholder data by business need-to-know
Requirement 8: Assign a unique ID to each person with computer access
Requirement 9: Restrict physical access to cardholder data

Regularly Monitor and Test Networks

Requirement 10: Track and monitor all access to network resources and cardholder data
Requirement 11: Regularly test security systems and processes

Maintain an Information Security Policy

Requirement 12: Maintain a policy that addresses information security

To further the adoption of the PCI DSS, the PCI Security Standards Council defines credentials and qualifications for QSAs and ASVs. The PCI Security Standards Council also manages a global training and certification program for QSAs and ASVs, and will publish a directory of certified providers on this Web site.

https://www.pcisecuritystandards.org/security_standards/pci_dss.shtml

4 Comments

Filed under Crime, Liability, Theft, Training

Tagged as , , ,

by | April 13, 2010 · 5:17 am

Hotel Industry Theft: Criminals Target Small Hotel Flat-Screen TV’s To Steal

Alpharetta police said the thieves, a man and a woman, will rent a room to steal the televisions. They pay with cash and use a fraudulent driver’s license for identification.

(From a CBSAtlanta.com article)   A couple is stealing flat screen televisions from Alpharetta hotels, police said Thursday.

“It’s very frustrating because we put a lot of money and energy into the hotel, and somebody just checks in and decides to take it,” said Tracey Cox.

Cox is the manager of a Hampton Inn in Alpharetta that had two flat screens stolen this past weekend.

Alpharetta police said the thieves, a man and a woman, will rent a room to steal the televisions. They pay with cash and use a fraudulent driver’s license for identification.

Just hours before Cox’s hotel was hit, the thieves targeted another Hampton Inn in Alpharetta stealing three televisions. Alpharetta police said they’re also investigating if the couple is responsible for similar burglaries in other area cities.

The man and woman’s images were clearly captured on hotel surveillance cameras. Police have identified the woman and are looking for her. However, they’re asking for the public’s help identifying and locating the man.

“We want to prevent this from happening at other hotels, and we want to get the bad guy, because that’s a crime,” said Cox.

http://www.cbsatlanta.com/news/23090169/detail.html

Comments Off on Hotel Industry Theft: Criminals Target Small Hotel Flat-Screen TV’s To Steal

Filed under Crime, Liability, Theft

Tagged as , ,

by | April 8, 2010 · 6:33 am

Hospitality Industry Legal Issues: There Is No Clear Legal Guidance For Hotel And Restaurant Operators If They Suspect A Guest Or Patron Is Likely To Commit Illegal Acts

“A proprietor of an inn, tavern, restaurant, or like business is liable for an assault upon a guest or patron by another guest or third party where the proprietor has reason to anticipate such an assault and fails to exercise reasonable care to forestall or prevent the same.”

(From a Volokh.com posted article)   “The duty of a proprietor of a tavern or inn to protect his patrons from injury does not arise until the impending danger becomes apparent to him, or the circumstances are such that a careful and prudent person would be put on notice of the potential danger.” 

Other jurisdictions have applied the landowner-invitee analysis to determine whether a university has a duty to protect students from the criminal actions of third parties. In analyzing the issue, [most of the courts] relied upon Restatement (Second) of Torts § 344 (1964), which provides:

“A possessor of land who holds it open to the public for entry for his business purposes is subject to liability to members of the public while they are upon the land for such a purpose, for physical harm caused by the accidental, negligent, or intentionally harmful acts of third persons or animals, and by the failure of the possessor to exercise reasonable care to 

“(a) discover that such acts are being done or are likely to be done, or

“(b) give a warning adequate to enable the visitors to avoid the harm, or otherwise to protect them against it.”

The general rule is that a landowner has no duty to protect an invitee on the landowner’s premises from a third party’s criminal attack unless the attack is reasonably foreseeable. Prior similar acts committed upon invitees furnish actual or constructive notice to a landowner. A university owes student tenants the same duty to exercise due care for their protection as a private landowner owes its tenants.

http://volokh.com/2010/04/06/what-should-landlords-do-if-a-tenant-is-accused-of-a-violent-crime/

Comments Off on Hospitality Industry Legal Issues: There Is No Clear Legal Guidance For Hotel And Restaurant Operators If They Suspect A Guest Or Patron Is Likely To Commit Illegal Acts

Filed under Crime, Liability, Training

Tagged as , , , ,

by | April 7, 2010 · 6:37 am

Hotel Cybercrime: Debit Cards Do Not Offer Same Protections As Credit Cards If Account Information Is Stolen

Jacque Tiegs of Clair Shores, Mich., had a similar experience a few years ago. She used her debit card at a hotel in Milwaukee for incidental charges and found out on her next month’s bank statement that someone had run up a $3,500 bill at another hotel of the same brand in Chicago. Her bank couldn’t (or wouldn’t) solve the problem, and the hotel claimed she had run up the charges. Only by threatening to go to the police and offering proof that she had been out of town on a work assignment was she able to get the charges reversed.

(From a WalletPop.com article)   Don’t think that the same protections you get from your credit card apply to your debit card. If someone steals your credit card number and runs up a big bill, you won’t be responsible for the fraudulent charges — at least not until the card company completes its investigation and probably not at all if they find evidence of fraud. But if someone steals your debit card information and starts charging away, you’re on the hook. The money comes straight out of your bank account. Not only are they your funds — with no one there to cover for you — but getting the money back can be a huge hassle that can easily take a month, if not more, to resolve.

Even if your money is only locked up temporarily, as Greg Meyer’s was, it can still be devastating, especially if you don’t have a large balance to tide you over. Not only that, but if the hold is greater than your balance, it can trip an overdraft protection and subsequent transactions can be denied or add to your overdraft woes.

So how do you protect yourself – and your debit card? “Be alert when there’s an opportunity for so-called ‘skimming’ or where people can look over your shoulder to track your PIN number,” says Tim Lukens, a senior vice president at Affinion Security Center, a company that makes anti-cybercrime software for big banks. Also, think twice before using your debit card at a restaurant, where you don’t actually see the server swiping it, or at gas stations, where surveillance cameras can record you keying in your PIN.

http://www.walletpop.com/blog/2010/03/31/debit-card-disasters-what-to-do-when-you-get-burned/

Comments Off on Hotel Cybercrime: Debit Cards Do Not Offer Same Protections As Credit Cards If Account Information Is Stolen

Filed under Crime, Liability, Theft

Tagged as , , ,

by | April 6, 2010 · 10:12 am

Hotel Industry Sexual Harassment: Smaller Hotel Operators Have Minimal “Workplace Hostility” Procedures In Place And Managers Are Often “Friends” Of Senior Management

The situation was difficult to report internally, as the hotel had no clear-cut method of filing such a form of workplace hostility, according to Tsamis. Calls by Windy City Times to the human resources department at the hotel were not returned.

The matter grew more complicated because the manager is friends with the son of the general manager and the human resources manager, according to Kosman.

“Because there was not a policy of reporting in place, I wrote a letter to Bricton Group,” Tsamis said.

(From a WindyCityMediaGroup.com article)   When Hernan Cortes began working for Holiday Inn in 2006, he was pleased with the job.

“It was an excellent work environment,” said Cortes.

Things changed radically in August 2009, when, according to Cortes, his new male supervising manager began sexually harassing him and, ironically, discriminating against him due to his sexual orientation.

Sexual harassment and discrimination based on sexual orientation, two forms of workplace hostility, have intersected in a case involving employees of a Holiday Inn franchise in Elmhurst, Ill. The hotel is run by The Bricton Group, which is based in Park Ridge, Ill.

Two employees of the hotel have sought legal advice due to the alleged incidents.

Dan Kosman, the second employee seeking legal assistance, began working for the hotel in June 2009. Around August, his supervising manager—the same manager who also supervised over Cortes—allegedly began sexual harassing him as well.

“I’d walk by and he’d pinch my butt,” Kosman said. “I’d be by the filing cabinet, bending over, and he’d come over and bump me purposely.

Kosman added that the manager also committed more lewd actions, such as exposing his penis to him. Cortes reportedly faced similar harassment.

Discrimination based on sexual orientation also came into play, when other employees were present, said Kosman and Cortes.

“He called me ‘F squared,’ which mean ‘f’ing faggot,'” Cortes said.

“As the harassment went on, he was obviously a closeted gay,” Kosman said. “When there were other people around, he was definitely throwing [ homophobic words ] around to whomever he was talking to. I would be somewhere on the sidelines … and he’d say, ‘Oh, that guy’s a fag.'”

Kosman sought the advice of Lambda Legal, an organization that offers legal assistance to the LGBT community, in December. Lambda referred Kosman to his current lawyer, Betty Tsamis.

http://www.windycitymediagroup.com/gay/lesbian/news/ARTICLE.php?AID=25872

Comments Off on Hotel Industry Sexual Harassment: Smaller Hotel Operators Have Minimal “Workplace Hostility” Procedures In Place And Managers Are Often “Friends” Of Senior Management

Filed under Crime, Liability, Training

Tagged as , , , ,

by | March 31, 2010 · 6:03 am

Hospitality Industry Cybercrime: The 10 Riskiest Cities For Cybercrime Include Major Hotel Destinations Such As #1 Seattle, San Francisco And Boston

The 10 Riskiest Cities for Cyber-Crime identified in the The Norton Top 10 Riskiest Online Cities report make up a laundry list of the most famous places in the country.

The top 10 listed are:

  1. Seattle
  2. Boston
  3. Washington, D.C.
  4. San Francisco
  5. Raleigh, N.C.
  6. Atlanta
  7. Minneapolis
  8. Denver
  9. Austin, Texas
  10. Portland, Ore.

(From a GovTech.com article)   Other notable cities in the remaining 40 include Honolulu (11), Las Vegas (13), San Diego (14), New York (24), Los Angeles (30), Houston (32), Phoenix (34) and Chicago (35). Rankings were determined from Symantec data on cyber-crime, third-party data on online behavior and demographic data from Sperling.

These cities have been ranked based on the numbers of malicious attacks received; potential malware infections; spam zombies; bot-infected machines; and places that offer free Wi-Fi, per capita. They were also ranked based on the prevalence of Internet use; computer use, based on consumer expenditures for hardware and software; and risky online activity, like purchasing via the Internet, e-mail and accessing financial information.

Seattle ranked in the top 10 of all categories, which is how it wound up as No.1 riskiest city in the survey.

“When you look at the data, they are way ahead on all these measures, so you’ve got a concentration of heavy usage of technology engaging in the kinds of activities that we know increase your risk of being a victim of cyber-crime,” said Marian Merritt, Norton Internet Safety Advocate.

http://www.govtech.com/gt/articles/750409

Comments Off on Hospitality Industry Cybercrime: The 10 Riskiest Cities For Cybercrime Include Major Hotel Destinations Such As #1 Seattle, San Francisco And Boston

Filed under Crime, Liability, Theft

Tagged as , , , ,