Free Enterprise - The FindLaw Small Business Law Blog

Recently in Crimes and Scams Category

When it comes to information security, many small businesses think they have nothing to worry about, or may not think they have information worth stealing. Who would even bother to wiretap your small business anyway?

However, small to mid size businesses are among the most frequent targets for cyber attacks and corporate espionage. While your data may not be valuable to others, ransomeware attacks may force you to decide how valuable your data is to your own business. Client lists, sales data, and other intellectual property may have value to your competitors or wrongdoers that you just don't anticipate.

A senseless act of violence, and tragedy, has resulted in a lawsuit against retail giant Walmart. In May 2017, the murder of Grant Nelson, an Uber driver, by 16-year-old Eliza Wasni, sparked national headlines for the utter depravity of the allegations.

The lawsuit against Walmart alleges that the store was negligent in allowing the 16-year-old Wasni to walk out of the store with a stolen Machete and a stolen hunting knife. The civil wrongful death case alleges that Walmart's security guards allowed Wasni to just walk right out of the store.

Ever wonder why buffets are such a good deal? Well, in the case of four Bay Area Chinese buffet restaurants -- Golden Dragon Buffet in Brentwood, New Dragon Buffet in San Leandro, Golden Wok Buffet in Roseville, and Kokyo Sushi Buffet in Hayward -- they could afford to keep their prices down because they were paying workers less than $6 an hour and forcing them to work 12-hour shifts with no overtime. Oh, and they were also cheating on their taxes.

Now three of the chain's operators are heading to jail, must pay back $4.5 million to their workers, and owe the state of California $1.5 million in back taxes.

It's officially summer, when many of us are heading out of the office and onto a lake, river, or ocean to partake in our favorite relaxing pastime. And while a little fishing can be good for the soul, a little phishing can be bad for business.

Cyber attacks using familiar looking domain names or email addresses or formats can be both difficult to detect and destructive to your company's data and security. So here's how to spot a phishing attack -- and not fall for the bait -- from our archives.

Renee Rayton, a former sheriff's deputy and marijuana regulation compliance officer from Pitkin County, in Colorado, was recently indicted in an extensive interstate marijuana trafficking ring. Rayton's indictment, along with three others, issued June 7, raised the number of individuals charged in connection with the operation to 20.

Rayton was hired by Scott Pack to provide legal compliance consulting for his marijuana businesses. While there wouldn't seem to be a problem with a marijuana entrepreneur seeking legal compliance consulting, Rayton was subject to a law that requires industry regulators to wait six months between leaving a regulatory position for a job in the industry they were regulating. She was reportedly paid $8,000 per month for six months.

Uber has long promised Big Apple drivers they can "cash in on the action" of ridesharing. And just months after settling a lawsuit over allegations of misleading claims about how much drivers could earn, Uber is now admitting it mischarged its drivers for years, to the tune of about $900 per driver.

And with some 50,000 drivers in New York City, that could mean Uber owes underpaid drivers around $45 million in back pay.

Last month, an 18-year-old manager of a Texas Chipotle was arrested for placing a spy camera in the women's bathroom. Joanny Castillo was charged with invasive visual recording, but that wasn't the end for him or for the company.

A new lawsuit claims the location's general manager, along with Chipotle upper management, attempted to cover up the spying scandal, going so far as to direct another manager to get off the phone with police when she called to report the incident.

Ecommerce can be amazing. With a few simple clicks, a small business can be online in minutes, selling products and services across the globe. However, when it comes to the relatively new area of online affiliate marketing, businesses need to beware of money laundering schemes that take advantage of these programs.

Affiliate marketing programs incentivize third parties to market the affiliated business for a fee. Some affiliate programs will actually pay third parties percentages as high as 50 to 80 percent when a referred customer makes a purchase. These high percentage programs are particularly susceptible to money laundering schemes, particularly if the purchase results in a resalable item. If you are paying others for affiliate marketing, close monitoring for signs of money laundering should be built into your costs of doing business.

Many companies that do business in some dangerous parts of the world have kidnapping insurance to protect their executives and employees. But now that so much of our commerce and data is online, the whole world becomes dangerous and our companies become vulnerable to ransomware attacks.

So if hackers "kidnap" your network or your company or customer data and try to ransom it back to you, can kidnapping insurance help?

Over the past few weeks, businesses small and large have been forced to deal with the most recent ransomware attack, aptly named WannaCry. Like other ransomware, a business's computers, networks, data, and servers, all get locked down by a hacker that demands payment in untraceable bitcoins to unlock the systems.

However, unlike other ransomware attacks, the WannaCry attack is so simple to avoid that victims would likely want to cry after learning how easy it would've been to prevent, hence the name. The ransomware attack relies on an exploit (a vulnerability in the code) that existed in Microsoft XP. However, before the attacks even started, Microsoft issued a patch to close the exploit (fix the code). Basically, if a user updated their Microsoft XP machine after March of this year, they are safe from the attack. However, computers that were not updated are vulnerable.