Investigating Business Harassment & Stalking
Typically stalking and harassment are considered an activity against a private individual. However, many, if not most businesses will experience some form of harassment from a person at some point in their existence.
The types of harassment can vary considerably, as can the behaviour exhibited against an organisation. Behaviour can range from emailed threats against business leaders, but can also be aimed at staff at any level, theft of company data by disillusioned employees or ex-employees, a member of the public wasting company time, or even physical stalking of staff.
We typically see that prior to the harassment there has been contact one way or another with either:
the organisation as a provider of goods or services
an employee in their work role, or
an employee in their private life.
Determining whether the business or a staff member is the focus of the harassment, provides a starting point when determining where to start looking in order to uncover the culprit.
For example, if numerous employees are receiving threats from an individual, then there is a higher chance there is a grievance against the organisation as a whole (unless the culprit is purposely doing this to hide the fact they are particularly concerned with one individual). Once we know this, we can not only look at the digital footprint left by the culprit (I.e. emails, phone calls, on line chat logs etc), but also correlate this with historical data owned by the organisation (e..g. Previous purchase history, newsletter subscriptions, online website activity etc).
An experienced culprit will essentially hide their tracks, although this can be difficult for them to consistently manage over a long period without slipping up. It is this ‘slipping up’ that allows us to identify an individual and attribute the harassing behaviour. For example, we might see a harasser sending inappropriate material to a member of staff through a chat service on a company website. The individual may be hiding their digital location through a service that utilises a ‘unique VPN’ (a VPN, or virtual private network, is similar to using another computer between the culprits and the organisation, in order to mask their identity). A unique VPN (with a unique IP address), as opposed to a standard VPN service, is increasingly popular amongst those trying to hide their own identity, as ‘standard VPN’ services can often be blocked. So how do we identify someone hiding behind a ‘unique VPN?’ Well, we look for historical orders that have been made using that VPN IP address, or alternative sign ups for newsletters, again using that VPN service. This then provides details of the recipient, which we can then investigate to determine authenticity.
Any emails used to contact the organisation can easily be investigated to determine not only if a name has been associated with it in the past, but also if they have been used to register for any one of hundreds of services. Any one of these third party services may well provide public information that identifies a person or username. Again, allowing us to pivot on to that new information.
In a recent case for an online retailer, we investigated an individual who was consistently contacting staff to talk about items of clothing sold by the business, and in turn, making the staff feel very uncomfortable. The contact details of the individual, who appeared to have never purchased any items, was then passed on to us to investigate. Using just their email address, it was possible to determine the name they used, and then further information about other email addresses used by that person. Working with the company, we were able to determine that through these other email addresses, the culprit had been contacting the company for several years, wasting huge amounts of company resources, and was a known individual to one existing member of staff. A system was then put in place to block these email contacts, remove all the email addresses from company newsletters, and make the staff aware of names used by the individual. The contact immediately stopped and any suspicious emails are now passed to Leithan for us to check the potential owner.
When protecting an organisation and its staff it can be an emotional time, but data regulations still need to be followed when allowing third parties to view and work with company data. In most cases data can be viewed and investigated on site, or remotely, without data needing to be removed from an organisation. At Leithan we can not only work with you in identifying culprits of organisational harassment, we can work alongside any regulatory requirements you may have to protect company data.