In our latest interview with expert Nick Barreiro, Chief Forensic Analyst of Principle Forensics, we discussed the security risks from any/all social media platform postings and how someone can obtain critical information from your pictures. If you haven’t watched the interview yet, please find it below
According to Vice’s latest article, authorities have been following Instagram profiles of the women related to, or involved with, Russian oligarchs to obtain information about them, their holdings, accounts, and locate assets to seize/freeze by merely identifying and following the weakest link who posts the most. These women who act like ”influencers” or social media celebrities are looking for publicity, but they now represent a significant threat to the security of the individuals they’re around and expose them to unwanted scrutiny. ”Oligarchs themselves rarely use Instagram to accidentally crack open a window into their high living. Rather, it’s the people partying with them: A stepdaughter, an ex-wife, or in the least one infamous case, an escort.” Read the full article here.
The use of social media and the way it affects our lives and businesses have brought a new challenge to the security industry and the protective team’s responsibility. It gives the entire world the ability to look into people’s lives with the mere push of a button. Scandals are created, secrets exposed, and lives ruined. In the case of personal security, social media can be used in the advancement of a protective detail; however, one must know how to utilize it properly. Today, we will talk about Social Media Investigations and Monitoring. For those who are not aware of the term, as we utilize it in protection circles, Social Media Investigation and Monitoring is the process by which you can identify what is being said about your clients, a brand they represent, or the corporations with which they are involved and any threats or dangers that may exist in relation to those aspects.
As we sift through different social media platforms and online channels, we must then determine if what is being said has any significance regarding your clients’ reputation, persona, and safety and if there is the need to mitigate any risks. In other words, it’s like setting up an online, social media “net”. This process then helps you discover everything that is being said, written about, or portrayed on social media and determine its relevance to your clients. You can gather information about the ‘’public opinion’’ surrounding your clients, about people or entities who are angry with them for one reason or the other, people who are obsessed with them, or people who are making online threats. SOCMINT or Social Media Intelligence (not to be confused with OSINT) has seen a huge rise in necessity due to the use of social media and a competent protective detail needs to always be informed and social media investigations and monitoring are a huge part of this process.
Now, let’s see some examples of how social media investigations and monitoring applies in protective services. Let’s say one of the people you are protecting belongs to a large pharmaceutical company and they decided to raise the price of a specific drug, thus affecting the lives and wellbeing of thousands of people. Perhaps another client is involved in a financial institution that quite suddenly makes a significant decision that affects people’s lifetime savings and pensions. You can imagine that there will be a significant number of people who become very angry, and some may want to harm your client. During the recent pandemic, there were a number of “anti-vaxx” groups that were quite vocal and utilized Facebook as one of their many platforms to accomplish their goals. Another example would be the need to discover if there is someone using your client’s name or company to scam others and commit crimes.
We are sure that many of you today are aware of the infamous ‘’Tinder Swindler’’, Shimon Yehuda Hayut, who legally changed his name to Simon Leviev to pretend to be the son of the billionaire Lev Leviev and used his name and company logos to scam people. Although his actions were known since 2017, it was only after the airing of the Netflix documentary in 2022 that the Leviev family found out and filed a lawsuit against Hayut for falsely portraying himself as the son of Lev Leviev, receiving benefits, and committing crimes.
According to Leviev’s family attorney, Guy Ophir, they will now include anyone who has attempted to make a profit from his scam during the next lawsuit. What we can ask is, as security providers, why didn’t someone from the real Leviev family ever discover this scam artist who was extremely public and active on social media as the ‘’son of Lev Leviev’’? Although the real family members were never part of this fraudulent scheme, and it didn’t appear to affect their safety, it did, however, involve their name/brand in a very public and negative way. In other words, it should have definitely been considered as a threat to their reputation. Other people who were harmed by this scam artist were the businesses who did work with them, and their secondary service providers as well.
Another interesting case to mention is Elon Musk where he, the actual client, took it upon himself to “solve” the issue and directly contacted the person of interest who had begun posting his private flight details and created the security risk for him and was literally blackmailing him unless the POI was paid. According to media reports “Elon Musk states social-media accounts that track his travel movements are ‘becoming a security issue.” Tail numbers and yacht names of billionaires are increasingly being shared on online platforms and one can track them by having the appropriate app unless significant efforts are made to secure them from the reach of those diligent few. These are some unique specific details that the security team needs to pay close attention to at all times.
Since Social Media platforms are the way people today communicate with each other, we as security providers must keep in mind that this is not always a positive aspect. Perhaps a person or persons will utilize social media to collectively gather people with their same goal or mission, to get together and plan their next move (Example: protesting outside your client’s house or corporation). In this case, you will want to know what is being said online about the person you protect to determine if there is something of extreme necessity to include in your risk and threat assessment and then take protective measures as well as inform their legal department.
As we have all witnessed too many times, it only takes one well-placed picture or story regarding some alleged activity on the part of your client, and it will go viral quickly, truth or not. Staying one step ahead of this type of “attack” has become a crucial necessity in order to protect your client from embarrassment or exposure. One of the most common issues in recent history is when personnel close to the client i.e., family, staff, vendors, and any other secondary customers post pictures, stories, or opinions and subsequently fail to understand the negative effect these types of communications can and will have on the client’s life, business, and the lives of their loved ones.
Why do you need a Social Media Investigations and Monitoring Strategy when you are a security services provider? To summarize we can say:
1) To identify new threats.
2) To discover what information about your client is posted online either by himself, the ones close to him, or his employees and evaluate how these affect his safety.
3) To evaluate a threat (someone is posting online threats directed at your client).
4) To add to your due diligence.
5) To geolocate a picture or a video, sometimes even audio.
6) To include any findings in your Risk and Threat Assessment (We can never highlight this enough, social media surveys and investigations are now a critical part of your Risk and Threat Assessments).
7) To find people obsessed with or following your clients (stalkers).
8) To identify hate groups or terrorist organizations that may affect your client.
9) To identify people or businesses your client may or may not want to do business with.
10)To mitigate risks from the information found online about the person you protect (How are the pictures of my client used or tampered with and for what purpose?).
11)To identify if someone is impersonating your client or a family member.
12)To find out if your client’s moves/visits/travels are posted online (Exposing them to others who may be in the same hotel, conference room, restaurant).
13)To identify workplace violence or insider threats indicators.
14)To find out what is the ‘’public opinion’’ regarding your client (Always keep an eye on what is being said about your client and have a strategy to respond).
15)To determine if a person or persons are utilizing your client’s name or business name in a malicious or unauthorized manner for their own personal gain. (Claiming associations or partnerships, etc.)
How to perform Social Media Monitoring for security purposes?
First, let’s clarify one important thing. ‘’Googling it’’ is not enough, nor is it the answer. There are a number of search sites that allow for user input thus watering down or contaminating information and it’s accuracy. For those who are not aware, Social Media Investigations and Monitoring is quite a different department of protective services and quite often falls under Intelligence Analysis and Open-Source Intelligence. It requires unique skills and knowledge. One must clearly understand different social media and research platforms and how to use each one of them (and/or in combination) to obtain information. How you will approach each case is different and certainly depends on who your client is, their business, close relations, and/or their public image. This will directly affect the searches and the resources used and for what purpose. It is vital in our current day and age to include SOCMINT (Social Media Intelligence) in your client’s service proposal, no matter how public the person may or may not be. Hiring ten Executive Protection agents and a Residential Security Team is not enough anymore. SOCMINT services are a vital part of your Risk and Threat Assessments (Dynamic Risk Assessments too) and enable your protective detail to function more efficiently.
For those who can not provide a certified Social Media Investigator for their clients, follow up with these steps:
1)Understand who your client is, his/her background, the threats, where do they stand in political, social, financial sectors.
2)Be aware of any of the latest changes in your clients’ lifestyle, public opinions, and professional decisions.
3)Be aware of any of their political and social changes. Watch the news from multiple channels.
4)Familiarize yourself with all close family, friends, staff, and associates and their respective social media footprints.
5)Set up a social media investigation and monitoring strategy.
6)Have a good understanding of the Intelligence Cycle (How the intel is being collected, analyzed, disseminated, reviewed, etc.).
7)Have a good understanding of the search tools on different platforms (Facebook, Twitter, Instagram, TikTok, LinkedIn, Tumblr, Reddit, etc.)
8)Do research on the available search engines and the strengths and limitations each one may have.
9)Know how to conduct image, video, and audio research and gather intelligence from them.
10)Invest in appropriate platforms for social media investigations and monitoring (Have in mind, NEVER rely on one platform’s result or just platforms’ results. The user/investigator is the main component of a social media investigation).
11)Download and use appropriate search engines extensions and apps.
12)Invest time in creating ‘’sock puppets’’ or fake profiles and maintain their persona. Sometimes you may need a profile to have access to different forums or groups without being discovered.
13)Train yourself in link analysis (How to look for connections between people, events, and organizations).
14)Set keyword alerts (In multiple languages in case your client has ties with more than one country).
15)Gather, analyze, evaluate, and report your findings to the appropriate department or leadership.
As the threat landscape changes every day, we as protection providers must be able to adapt and keep ourselves up to date with additional training. Today’s executive protection agent must also be skilled and knowledgeable in investigations, open-source intelligence, protective intelligence, HUMINT, and have an increased understanding of cyber security. Large corporations have already created their own embedded intelligence departments, while others are hiring threat analysts and OSINT investigations from outside security providers. The rise of protective intelligence, and whatever that includes, is here to stay and we are seeing it more and more through the highly increased number of related job postings every day.
If you are an Executive Protection Agent and want to learn more on how to utilize Social Media Investigations and Monitoring for Risk Mitigation Purposes, reach out to us.
f you are a service provider and want to add Social Media Investigations and Monitoring for Risk Mitigation Purposes on your service list, contact us to learn about our vendor services.
Bias is a topic that many industries like to avoid, and the security and intelligence industries are no exception. However, there is a profound need to discuss biases in regard to the security industry and when educating security practitioners and intelligence analysts. When the subject of biases has been raised in the past, the majority of commentators cannot seem to agree, in fact, they will often argue against the existence of biases and/or why there is a need to discuss them in the first place. In this article, we would like to address the topic of bias – what bias is, who has biases, are biases wrong, and what types of biases there are. Then, we will highlight WHY it is important for security professionals and intelligence analysts to be able to identify their biases and address them, and, then, we will share HOW one can identify his/her biases.
Now before we start, there is one thing on which we can all agree: As a security professional, you don’t only make assessments about incidents or places, but also about people. Keep this in mind as we proceed further, we will come back to it.
4. any deviation of a measured or calculated quantity from its actual (true) value, such that the measurement or calculation is unrepresentative of the item of interest. —biased adj.
There are a few key words from the definition — predisposition, against, tendency, preference”. Keep those words in mind when thinking about how they affect the threat assessment of a security professional. While you do that, think of a scenario when a security guard has to assess, either by observation or by interviews, any visitors in the area for which he/she is responsible. That security guard believes that women are less likely to commit a crime (bias) and, during his/her threat assessment, he/she misses the fine details that a woman is, in all actuality, a terrorist. You think perhaps this couldn’t occur? Well, it has actually happened. In July 2017 in Mosul, a female suicide bomber, holding her child in her arms, managed to walk by security guards and detonate her bomb.
The security guards, instead of being observational and watching her hands (in which she was holding the detonator), just saw a mother with her child. Many people see women as weak and incapable of committing acts of terror, especially one who is carrying her own child. This is not the only incident when ‘’miscalculation of threat or of threat actors’’ was catastrophic.
Before we answer that, ask yourself, “Are there people, things, or ideas you like better than others? Are there places/events where you feel more comfortable than others?” We are sure your answer to these questions is “yes” and that is because all humans have biases. Some biases are passed to us through evolution and some are learned through socialization and/or direct experience. One must understand that biases serve a purpose. Simply put, because the human brain has the tendency to categorize information, people, events, experiences, etc. during his/her learning and development process, the brain will connect the new information and people to past experiences. Once that is done, the brain will respond to it in the same way it does to other things belonging to that same category. So, by putting people with similar traits into a specific category, one believes that everyone else in that category must be the same. Biases are not limited to race, gender, ethnicity, religion, social or political groups but many characteristics may be subjected to one’s biases such as physical appearance, sexual orientation, educational level, profession, etc.
Are biases wrong and racist?
When discussed, the majority of people tend to disregard biases, believing that even acknowledging those biases will label them as racists. The first mistake when talking about biases is when someone considers someone else good or bad based on his/her biases.
According to Matt Grawitch, PhD‘’Biases make decision-making easier by giving us a starting point, an initial prediction, or a “leaning of the mind” regarding which choice to make. We anchor our original judgment in the biased conclusion and then adjust it based on supplemental information.’’
Having biases is not necessarily bad, wrong, or racist. In fact, we’ve discussed that biases improve the decision-making process and help the human brain to categorize new information. We could say that since biases help us simplify information processing, they basically function as rules of thumb that help us make sense of what is happening around us and make faster decisions.
However, biases can become bad and even dangerous when we treat or judge someone unfairly or when the accuracy of the decision is of the utmost importance, such as behaviour or threat assessment. In addition, what can make a bias shift from ok to “bad” is when an individual allows their biases to influence their decision-making process in such a way that they allow those biases to affect someone else in a negative fashion by either being unfair or causing a miscalculation in the threat level.
Not being able to recognize and address our biases can lead to neglecting or discounting information that would be valuable for our job functions. Information that we process and use to make decisions can directly affect a risk/threat and vulnerability assessment, an interview with a suspect, the analysis of intelligence and data, or the use of link analysis in putting together an intelligence report. In these situations, biases can become a systematic thinking error that can cloud our judgment, and, as a result, impact our decisions, thus rendering our final product limited or even useless.
What types of biases do people have?
People can have conscious biases (biased attitudes toward specific ideologies, events, groups of people, etc. that we are aware of) or unconscious biases (biases we are not aware of, cannot control, are difficult to access and can quite often influence our actions more than conscious biases).
In one of her articles, Kendra Cherry mentions that ‘’some of our cognitive biases are related to memory. The way you remember an event may be biased for a number of reasons and, that in turn, can lead to biased thinking and decision-making. Other cognitive biases might be related to problems with attention. Since attention is a limited resource, people have to be selective about what they pay attention to in the world around them.’’
If you are aware of a biased attitude, it is more likely and consciously possible for you to be able to address it during your decision-making process. However, the unconscious biases are the most ‘’dangerous” ones since it often takes specific training and study of yourself to be able to identify that you have them. Here, Carly Hallman is listing 50 types of unconscious biases. Have a look and see how one or more of them can affect your decision-making process.
Fundamental Attribution Error: We judge others on their personality or fundamental character, but we judge ourselves on the situation.
Self-Serving Bias: Our failures are situational, but our successes are our responsibility.
In-Group Favoritism: We favor people who are in our in-group as opposed to an out-group.
Bandwagon Effect: Ideas, fads, and beliefs grow as more people adopt them.
Groupthink: Due to a desire for conformity and harmony in the group, we make irrational decisions, often to minimize conflict.
Halo Effect: If you see a person as having a positive trait, that positive impression will spill over into their other traits. (This also works for negative traits.)
Moral Luck: Better moral standing happens due to a positive outcome; worse moral standing happens due to a negative outcome.
False Consensus: We believe more people agree with us than is actually the case.
Curse of Knowledge: Once we know something, we assume everyone else knows it, too.
Spotlight Effect: We overestimate how much people are paying attention to our behavior and appearance.
Availability Heuristic: We rely on immediate examples that come to mind while making judgments.
Defensive Attribution: As a witness who secretly fears being vulnerable to a serious mishap, we will blame the victim less if we relate to the victim.
Just-World Hypothesis: We tend to believe the world is just; therefore, we assume acts of injustice are deserved.
Naïve Realism: We believe that we observe objective reality and that other people are irrational, uninformed, or biased.
Naïve Cynicism: We believe that we observe objective reality and that other people have a higher egocentric bias than they actually do in their intentions/actions.
Forer Effect (aka Barnum Effect): We easily attribute our personalities to vague statements, even if they can apply to a wide range of people.
Dunning-Kruger Effect: The less you know, the more confident you are. The more you know, the less confident you are.
Anchoring: We rely heavily on the first piece of information introduced when making decisions.
Automation Bias: We rely on automated systems, sometimes trusting too much in the automated correction of actually correct decisions.
Google Effect (aka Digital Amnesia): We tend to forget information that’s easily looked up in search engines.
Reactance: We do the opposite of what we’re told, especially when we perceive threats to personal freedoms.
Confirmation Bias: We tend to find and remember information that confirms our perceptions.
Backfire Effect: Disproving evidence sometimes has the unwarranted effect of confirming our beliefs.
Third-Person Effect: We believe that others are more affected by mass media consumption than we ourselves are.
Belief Bias: We judge an argument’s strength not by how strongly it supports the conclusion but how plausible the conclusion is in our own minds.
Availability Cascade: Tied to our need for social acceptance, collective beliefs gain more plausibility through public repetition.
Declinism: We tend to romanticize the past and view the future negatively, believing that societies/institutions are by and large in decline.
Status Quo Bias: We tend to prefer things to stay the same; changes from the baseline are considered to be a loss.
Sunk Cost Fallacy (aka Escalation of Commitment): We invest more in things that have cost us something rather than altering our investments, even if we face negative outcomes.
Gambler’s Fallacy: We think future possibilities are affected by past events.
Zero-Risk Bias: We prefer to reduce small risks to zero, even if we can reduce more risk overall with another option.
Framing Effect: We often draw different conclusions from the same information depending on how it’s presented.
Stereotyping: We adopt generalized beliefs that members of a group will have certain characteristics, despite not having information about the individual.
Outgroup Homogeneity Bias: We perceive out-group members as homogeneous and our own in-groups as more diverse.
Authority Bias: We trust and are more often influenced by the opinions of authority figures.
Placebo Effect: If we believe a treatment will work, it often will have a small physiological effect.
Survivorship Bias: We tend to focus on those things that survived a process and overlook ones that failed.
Tachypsychia: Our perceptions of time shift depending on trauma, drug use, and physical exertion.
Law of Triviality (aka “Bike-Shedding”): We give disproportionate weight to trivial issues, often while avoiding more complex issues.
Zeigarnik Effect: We remember incomplete tasks more than completed ones.
IKEA Effect: We place higher value on things we partially created ourselves.
Ben Franklin Effect: We like doing favors; we are more likely to do another favor for someone if we’ve already done a favor for them than if we had received a favor from that person.
Bystander Effect: The more other people are around, the less likely we are to help a victim.
Suggestibility: We, especially children, sometimes mistake ideas suggested by a questioner for memories.
False Memory: We mistake imagination for real memories.
Cryptomnesia: We mistake real memories for imagination.
Clustering Illusion: We find patterns and “clusters” in random data.
Pessimism Bias: We sometimes overestimate the likelihood of bad outcomes.
Optimism Bias: We sometimes are over-optimistic about good outcomes.
Blind Spot Bias: We don’t think we have bias, and we see it on others more than ourselves.
WHY security professionals and intelligence analysts must address bias training?
As a security professional or intelligence analyst, seeing what biases are and how they can significantly affect us, do you see how important it is to recognize and address them during the decision-making process? Do you see how biases can affect your risk and threat assessment, information gathering and analysis as well as behavioural assessment while you are conducting a first interview with a visitor, suspicious person, etc.?
We will give you an example. During the Manchester arena attack investigation, one of the security guards claimed that he did feel something was “off” with one of the terrorists but he was uncertain of how to approach and ask questions (first interview of a suspect) because he was afraid he was going to be labelled a “racist’’.
Being trained in how to recognize and address your biases will not only help you to make a better decision but will also give you peace of mind and confidence knowing that you are approaching and properly interviewing a person whose presence seems to be unjustified and/or suspicious. You will be able to clearly gather more information and assess the risk without feeling that you are merely racially profiling that person. You will also build more awareness of the subjects with which you hold biases and that awareness will lead to more choices. More choices will lead to a more ‘’open mind’’ and allow you to seek further information before you make a decision.
Now that we have discussed the many aspects of biases, what they are and how they can affect your decision-making process do you want to test yourself and find out what biases you have? You can use one of the many online tests available, the Implicit Association Test (IAT) created by Harvard.
This will help you assess and better identify all that biases you or your staff may have that can affect risk and threat assessments as well as intelligence gathering and analysis. In addition, your staff’s performance and how they interact with others to make sure their decision making will be as accurate as can be ascertained from the information provided and not just from their own personal biases.
If you are an individual interested in receiving training in biases or you represent an organization looking to train your employees in this very much needed and important topic, please reach out to us.