Small, loosely connected gangs illustrate the challenge of stopping organized retail theft When police caught a thief trying to steal $4,500 in goods from a Publix supermarket near Lakeland, Fla., the local sheriff didn’t treat it like just another shoplifting case. He assigned a detective to look into it. As part of Operation Beauty Stop, a seven-month investigation, a detective found a ring of thieves hitting stores throughout central Florida. They stole from Publix, Sweetbay, Target, Wal-Mart and other stores. They could hit 15 stores in a day, stealing roughly $3,500 of goods per store. Goods were resold through Lola’s Discount Warehouse, which operated on eBay and at area flea markets. When officers moved in and arrested 18 people, they estimated that over a five-year period, between $60 million and $100 million worth of goods were stolen. “It’s staggering,” says Grady Judd, Polk County’s Sheriff. Also see Mall Rats: Shoplifting and Organized Retail CrimeAnd well organized. The Polk County ring used to fill shopping lists for Lola’s owner, Theresa Parrish. Another ring, busted by Polk County Sheriff’s officers in March, had operated for seven years, recruiting illegal aliens to steal baby formula. It had a facility in North Carolina where it could relabel cans. That ring probably stole $17 million worth of baby formula over seven years. Organized Crime Bookshelf By Howard Abadinsky (9th Edition – 2009)A comprehensive look at organized crime origins, methods and impact. by Charles Sennewald and John Christman (2008)A four-disc documentary on the mafia in America, from Prohibition to John Gotti. The U.S. national motto is often “shop ’til you drop.” In times like these, the corollary becomes “steal it and deal it.” In retail stores, crime rings have found what Sheriff Judd calls a “soft underbelly” of American law enforcement. He says even retailers often think of retail theft as “a minor event,” he says. The penalties for shoplifting are low, retailers have little interest in making it harder for legitimate consumers to get at goods. Meanwhile, bloodless crimes often don’t make pulses race, even in the 28 percent of cases where traditional organized crime seems to be involved. Perhaps that’s why retail criminal rings offer a melting-pot view of America. “It’s an unbiased crime,” says Casey Chroust, senior vice president of retail operations at the Retail Industry Leaders’ Association (RILA). It happens everywhere: urban stores and rural retailers, mom-and-pop shops and Wal-mart. A National Retail Federation survey found that 92 percent of retailers said they’d been the victims of organized retail theft in 2008. Organized retail thieves swiped between $15 billion and $30 billion in goods a year. Their favorite targets: razor blades, infant formula, teeth whiteners, Oil of Olay, diabetes-related supplies, branded apparel, consumer electronics and Blu-ray discs. Tens of billions of dollars, lost. Some of it occurs when thieves target warehouses or even individual trucks filled with goods. A case in New Jersey alleges that the Gambino crime family planted an associate in a Lowe’s store to steal from within. But often, goods walk out of stores in “booster” bags, hollowed-out, oversized purses lined with tin foil, a simple kludge against store security gates. The best defense against nonemployee retail theft is usually feet on the floor, says retail security consultant King Rogers. But retailers have cut hundreds of thousands of jobs in the past 18 months, from sales floor workers to back-room loss-prevention staff. “It absolutely does increase risk,” says Rogers. He expects to see retailers report big inventory losses over the next 18 to 24 months. In fact, losses are already showing up: A RILA survey in April found that 72 percent of members saw an increase in organized retail crime over the prior four months, outstripping the 61 percent of members who saw simple shoplifting rise. But there was a sliver of members—3 percent—who saw a drop in organized retail crime, and another 25 percent whose numbers were flat. Brad Brekke, vice president of asset protection at Target, says the company has not seen a significant increase in organized retail theft. He says the main factor in Target’s success at holding the line on retail crime comes from the way it organizes itself. Its cuts have been strategic, not wholesale. The store also has a four-pronged approach in place to battle organized theft: 1. Diverse hiring in the security department. Target doesn’t just hire from law enforcement. Brekke himself is a lawyer who spent a number of years at the Federal Bureau of Investigation before coming to Target in 1997. Target has an internal forensics lab for lifting fingerprints, and it also hires people with experience in information systems, finance and analytics so it can look for patterns that help it predict where thieves might strike next. 2. Intergroup cooperation. Target collaborates through vehicles like LERPnet (Law Enforcement Retail Partnership and Network), an information-sharing network between big retailers and law enforcement; and the National Cyber-Forensics and Training Alliance, a government and industry collaboration for fighting cybercrime. 3. Technology. Target now uses IP-based camera systems that allow for remote surveillance of its stores. 4. Partnerships. Besides national information-sharing efforts like LERPnet, Target works to form alliances with various law enforcement officials and with other retailers. REFUND FRAUDIn one recent case, Target helped snare a four-person ring committing refund fraud. Refund fraud happens when people buy something, remove it from its box, put something of similar weight into the box, reseal it, return it, then sell the original item on an Internet auction site like eBay. Target spent four months tracking the thefts, which took place in Florida, Georgia, North Carolina, New Jersey and Pennsylvania. An analytics specialist created a map of the frauds. Its forensics lab was able to lift fingerprints from returned boxes to help track the criminal. It then worked with law enforcement officials in Florida, who seized eight computers, a shrink-wrapping machine and more than $50,000 in stolen merchandise.Four months of work by multiple people is indicative of what it takes to fight organized retail crime. Those who commit refund fraud tend to be college educated and well organized, planning trips of one to three days in length and then moving on. They may ship goods back to their home base for repackaging, then sell them through an Internet auction site. Often, these groups are just three or four people, which makes it difficult for law enforcement to infiltrate them in the way they could with traditional organized crime. Such groups are simply too small, says Sal Lafrieri, president of Protective Countermeasures in New Rochelle, N.Y. Law enforcement finds retail theft rings difficult to prosecute. Jurisdiction often is unclear or the relationship between a string of thefts is difficult to prove. The cases represent a staffing challenge, too. Polk County committed 40 officers to Operation Beauty Stop the day it made the arrests. Some experts in the industry point to the need for federal legislation against organized retail crime. That would ease jurisdictional issues, and more-serious penalties could deter some of the crimes. But practically speaking, laws against organized retail crime didn’t pass in better times, and currently proposed laws probably won’t gain much traction on Capitol Hill. Sheriff Judd favors federal legislation, but he says retailers would do better to work together on more secure practices. Why, for instance, don’t more retailers move baby formula to secure parts of the store? LERPNET LURCHES INTO ACTIONPart of the reason why is the natural reluctance to make it harder for legitimate customers to buy things. But retailers are beginning to collaborate through networks such as LERPnet (www.lerpnet.com). LERPnet, barely two years old, gets mixed reviews. “Execution and management of the process by the NRF [National Retail Federation] hasn’t quite got it to be a tool that people are getting a lot of value from,” says Paul Jones, global director of retail partnerships at eBay and former head of loss prevention for the Limited Brands. Also see CSO’s indepth exclusive Auction Blocks: Criminals Unload Stolen Goods on eBayLERPnet “has gone through some growing pains,” says Joseph LaRocca, senior advisor on loss prevention at the NRF. But he says even in its early stages, LERPnet does make a difference. A specialty retailer recently used data from LERPnet to alert store managers about a booster bag ring—shoplifters using specially lined bags to avoid setting off security sensors. When the ring hit one of its stores, managers recognized the crime as it was in process, preventing a $1,500 loss. In late July, a pilot program tying LERPnet with geomapping data was launched. It continues to work to bring major retailers into the system, which now has close to 100,000 incidents in its database. By the end of September, LERPnet should connect with the FBI-led Law Enforcement Online (LEO) network, opening access to law enforcement officials nationwide. Jones says the concept will work. When he was at Limited Brands, it shared data with several other specialty brands such as Abercrombie & Fitch. They even approached mall developers to involve them in helping to fight retail theft in malls by developing a training program for them. Separately, Chroust says, a small clothing-goods retailer in Washington, whose store was ripped off by gang members, posted video of the crime on YouTube. Other retailers in the area saw it and recognized the thieves, who had also hit their stores. Banding their evidence together, they approached Washington police, who also recognized the thieves in the video and were able to bust them. Technology giveth, technology taketh away. Internet auction sites are an important tool for thieves. They can sell goods to wider audiences than those of flea markets. Jones says he joined eBay in part to help alleviate an image problem with retailers, who often believe eBay is not open to working with them or that it cannot track sellers on its site. (CSO covered the issue in depth in August 2005. See ww.csoonline.com/article/220534.) Jones says neither is true, and that eBay has analytics staff that can help retailers parse theft data and point police toward thieves. “I’m here, I’m listening, I have the ears of folks at eBay,” he says. But LaRocca says eBay needs to do more than talk. “In all the security programs eBay proposes, it’s all one way—you bring me the information and give it to me, and if in my assessment a crime has been committed, I will take action. That’s backwards,” he says. The NRF wants to see eBay give retailers the same things it gives manufacturers battling counterfeiters: access to information about sellers. He also wants to see the company follow through on its agreements. EBay agreed to limit sales of gift cards in order to help prevent widespread gift card fraud, a move led by Jones. LaRocca says eBay is lax about enforcement: “You can go on almost any day of the week and find sellers in violation.” LaRocca wishes Jones well but says, “If he is able to make progress in this new position, he’ll be a hero.” Also see What Do the Mob, eBay and Winona Ryder Have in Common?Busts are usually a double-edged sword, says consultant Lafrieri. When cases go to trial, retail theft rings study the evidence and learn from the mistakes that led to the bust, allowing them to develop new tactics. Cyberintrusions and cybertheft will become much bigger threats in the next couple of years, Jones says. CSOs can reach out to other groups in their organizations and start talking. At The Limited, the CIO created a committee that would meet once a month to look at where it was vulnerable, discuss risk levels and look at the issues raised by hired penetration testers. Combining forces inside a company and outside creates strength in numbers for retailers. Whether that leads to reduced theft depends on how well CSOs can collaborate. One thing’s certain: “The risk is not getting smaller in the world we live in,” says Target’s Brekke. Related content news Is China waging a cyber war with Taiwan? Nation-state hacking groups based in China have sharply ramped up cyberattacks against Taiwan this year, according to multiple reports. By Gagandeep Kaur Dec 01, 2023 4 mins Cyberattacks Government news Apple patches info-stealing, zero day bugs in iPads and Macs The vulnerabilities that can allow the leaking of sensitive information and enable arbitrary code execution have had exploitations in the wild. By Shweta Sharma Dec 01, 2023 3 mins Zero-day vulnerability feature The CSO guide to top security conferences Tracking postponements, cancellations, and conferences gone virtual — CSO Online’s calendar of upcoming security conferences makes it easy to find the events that matter the most to you. By CSO Staff Dec 01, 2023 6 mins Technology Industry IT Skills Events news Conti-linked ransomware takes in $107 million in ransoms: Report A ransomware campaign linked to the ostensibly defunct Conti malware group has targeted mostly US businesses, in a costly series of attacks. By Jon Gold Nov 30, 2023 4 mins Ransomware Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe