News & Views from a Private Investigator

08
February
Share
Posted: February 08, 2016

Can Your Computer Keep a Secret?

Precise Investigation, like many private investigation firms, is generally considered to be a field player; taking to the streets in a plain car, with a camera in tow. Now, while that might be true in the majority of our cases, our expertise in the office is often just as important.

Zoneline Pty Ltd, a mid-sized web development firm based in Brisbane, recently came under a lot of fire; they received a large number of very negative reviews from numerous clients across their social media sites and, not only theirs, but their clients’ as well. To clarify, online marketing is a service that Zoneline offer and, in so doing, go about setting up Facebook, Twitter, LinkedIn, Google Plus and associated accounts for their clients before setting out to create strong advertising material through those channels.

The directors at Zoneline first became aware of the issue after they received calls form four different clients over the space of a week, complaining that they’ received highly negative feedback about their businesses from seemingly “fake” profiles on Facebook and Twitter.

At this point, Zoneline noticed twelve new reviews on their business, a sizeable increase on the six they’d accrued over the space of a year after launch. Each review described, in detail, a number of services offered by named account managers that hadn’t been delivered, were either late or the end products were still missing and the “outrageous” prices for the apparently shoddy service. Devastated, Zoneline immediately contacted Google in the hope of being able to have the reviews taken down, under the premise that whiles some aspects of the reviews were true, the company had taken all necessary steps to ensure that those customers were entirely satisfied as they moved forward.

Google were able to verify that two of the reviews had come from the same IP address, but the others from different locations, unable to disclose the details of the associated IPs. As such, they put the account under investigation but ensured Zoneline that the reviews would be removed if found to be fake.

Over the next few days, the directors came together for a meeting to decide how to proceed – fully aware of the fact that they advertised themselves as being one of the most trustworthy, cost-effective and professional developers in Brisbane. One of the Creative Team managers pitched in, questioning why so many reviews had come in at the same time and suggested that there had been some form of misconduct at play. After discussing their options, the team had no choice but to seek outside help.

Two days later, in a meeting with one of our Brisbane-based operatives, we asked Zoneline if they’d encountered any troublesome or “unhappy” employees over the last few months. They answered, saying that over the last quarter or two, they hadn’t noticed anything suspicious, nor were they aware of any one particular employee being so dissatisfied at work that they’d seek to cause so much damage. There had been arguments in meetings and after monthly reviews and the like, but nothing out of the ordinary that would inspire such a vicious act of online vandalism.

With the help of our dedicated support team, the operative at the scene began scouring through the reviews and the associated profiles of the people involved and, while they did seem legitimate on the surface, a little gentle digging revealed that all of them, along with those who’d reviewed Zoneline’s clients, were most likely fake. All of the accounts had been created eight to nine months before the attack, and none had more than 100 friends, followers of fans. The question still remained; who was behind it?

Our agent requested copies of performance reports dated at or around the same time as the accounts were created, in an attempt to gauge whether it had, in fact, been an internal attack and, if so, whether the employee was still working at the company.

After just two days of sifting though paper work, one particular staff member seemed a likely candidate; Gemma Sawyer, a junior bookkeeper who still worked at the company.

In her reports, it seemed as though she had originally had issues with getting to grips with her new position and, after failing to reach her targets for two months, was given her first warning. Following on from there, in one of her own reports, she described the environment in the office as being “unfair and cruel,” going on to explain, “using my phone at my desk at lunch time should NOT be an issue. I have a family to tend to and considering I can’t use it throughout the day to check up on my children is just not fair.” This point was raised as the company had a strict “no phones in the office” policy as they wished to desperately protect every element of their business and prevent the risk of any distractions, after Zoneline’s founder had previously been burnt in another development firm he’d tried to start just a few years earlier. In questioning the staff, most admitted that the rule was unfair, but simply asked to make calls from the corridor outside the office if there was an urgent need.

Gemma’s reports did improve, but there was a consistent bitterness to her own statements, some weeks far more prominent than others and some very underhanded and snide, yet based on her performance and her seemingly content attitude towards her superiors and her colleagues, little thought was given to the reports.

Our findings were passed on to management and, following our advice, the company implemented a “no-holds-barred” computer and mobile phone scan, to determine whether anyone had any evidence on the company machines. A little weary of the fact that many of the company’s developers were incredibly tech savvy, and most likely able to counter any forensic scans on their machines, had they done anything wrong, management proceeded, requesting that all employees back-up their data onto external drives.

Over the course of a week, and tending to Gemma’s computer and company phone towards the end of the investigation as a means to not raise pre-emptive suspicion, Precise Investigation ran deep data recovery services on each employee’s business devices, be they laptops, desktops, tablets or mobile phones.

With the data in hand, our dedicated support team cross-referenced the files created, downloaded or otherwise saved onto Gemma’s computer around the time of the profiles creations. Our findings could not have provided more substantial evidence if we’d tried; on Gemma’s office computer over the course of nearly a month, she had downloaded several photographs, every day, of clients, their friends and random stranger’s profile pictures from Facebook and LinkedIn. The data went on to show that she’d uploaded those files to an online email platform, potentially sending them to herself to use at home. On her mobile phone, she had deleted a note she’d made many months prior, containing the names of several clients that she had noted as being relatively unhappy with the service, reading:

“Pissed off people:” followed by seven names, five of which happened to have been associated with these seemingly fake reviews.

We compiled the information we uncovered and passed the the evidence over to Zoneline’s management. Pleased with the result, we were later informed that they used that information to help with Google’s investigation and have since had the reviews removed. Furthermore, Gemma was questioned and admitted to her actions, following which her contract was terminated under gross misconduct.

So, the answer to can your computer keep a secret? No. Unless you’ve got multi-tiered encryptions running on everything you do and burn the disks before they reach prying eyes.

Precise Investigation has helped hundreds of clients throughout the country with successful data recovery operations, be they to regain crucial information, essential media, long lost memories or, in some cases, evidence to overcome serious commercial issues.

If you’d like some help getting to the bottom of your troubles, whether you face them at home, at work or when you’re out and about, we can help.

Call Precise Investigation today on 1300 856 011 for a discrete, professional private investigation service.

Please click on this link to find out more about our Data Recovery Services.

Precise Investigation has offices and operatives stationed across all of Australia to give our clients and customers-to-be, unprecedented access to some of the country’s most successful, efficient and discrete private investigators. Brisbane, Melbourne, Adelaide, Sydney, Perth, Hobart and even the more remote areas of Australia are all well within reach, so if you’re ever in need, please get in touch with us and we’ll be able to provide a strong helping hand.


Please note: All names, defining characteristics, locations and business information described in this article have been changed to protect the identities of those involved.

Share This Post

Contact Us

Melbourne
Level 1, 379 Collins Street,
Melbourne. VIC. 3000
view Melbourne
Sydney
Suite 505/Level 5, 1 Alfred Street,
Sydney. NSW. 2001
view Sydney
Brisbane
Level 54/111, Eagle Street,
Brisbane. QLD. 4000
view Brisbane
Adelaide
5 George Street,
Morphett Vale. Adelaide. SA. 5162
view Adelaide
Perth
Level 25/Suite 24, 108 St George TCE,
Perth. WA. 6000
view Perth
Hobart
36 Creek Road,
Lenah Valkey. Hobart. TAS. 7008
view Hobart