Recruitment and Security

In Swamphole we’re trying to allow people with a past to participate in the community, when we feel the person may have a benefit and changed his/her old ways.
Obviously, that does put you at risk occasionally of a bad apple slipping through the cracks and missing some information that is crucial.

This happened to the recruitment process of Zedarh Amarizto. Initially the player applied to the corporation and we followed normal procedure of API-checks, security checks and such. Sadly, out of our complacency at the time we missed the fact that the history of Zedarh Amarizto contained clear proof of attempts to steal corporate assets. In this article I’d like to go into some of the details we found, and what it tells us as recruiters.

Initial observations:

When the player joined our public channel for questions, he seemed to be a decent lad with not much up his sleeve. We spoke about his experience, the goals and such. You know, the standard recruitment pitch. When we noticed he was acquainted to a very well known corporate thief named Searbhreathach, he became a little vague but not to the point where we intitially got suspicious. Flag number one: His reasons for knowing Searbhreathach was that they were in a similar public channel hanging out. This should’ve worried us but after some talking we kind of dismissed it as being that relevant. That is a mistake. Nothing is irrelevant when it comes to information about characters.

In order for us to filter out the people who aren’t serious about the corporation, we usually wait 24 hours untill we check the API-keys. We do this, as a person who is impatient (and thusly not interesting for us) will search/join another corporation without informing us. Alternatively these recruits resort to excessive request of when they get an update. Both are reasons for denying an application, and Zedarh Amarizto was displaying the latter of the two in some degree. This should be a warning sign but again we didn’t make it a breaking point when we should have.

So we noticed a few important things.

  • Zedarh Amarizto has multiple alts which would trade/send him money.
    • Gian Bal is the main character that recieves and transfers money to Zedarh Amarizto.
    • Akk Akk allegedly is an alt that traded actively with Zedarh.
    • TheLastSparton has repeatedly traded with Zedarh during heists, making him a potential accomplice.
  • There was a financial pattern to Zedarh leaving corporations, and items changing hands.

How did we find these aspects?

First off, we looked at their mailing history and for some reason it “magically” stopped with the mail history at the time he applied to the previous corporation. That in itself is a red flag but it was missed in the first place because our recruitment training wasn’t sorted out properly yet. As people weren’t aware of this technique, it was missed in the first review but stood out like a sore thumb in the second check.

Secondly, the financial logs of the player would indicate that he would have severe amounts of trades with his other character (Gian Bal) right after he left the corporation. In this example below, you’ll see that Zedarh Amarizto left the corporation named Allcorp Resource Union on 2015/08/06:

At the same time, the wallet entries show the following entries from during the time that he’s been taking stuff from the corporation:

When we confronted him initially, his argument was that Gian Bal was a guy who lived in his street and they would generally share ISK left and right. At that moment, the explanation seemed plausible to the recruitment team and we missed that there was a strong pattern that would reoccur during his membership in SL33P3R C3LL. We contacted the leadership of Allcorp Resource Union after we started to get some more doubts, and when we asked what they knew about Zedarh, they confirmed that he was a corporate thief. Upon looking into the API-key we noticed that there was a pattern to these transactions like the above, where Zedarh would sell a bunch of the things and then mail the money back to the original main: Gian Bal. Why would anyone sell items for someone else on such a consistent pattern and then claim it’s his friend? A red flag of its own.

Another example is when he left SL33P3R C3LL, where he was spotted taking ships with his other alts.

In the meantime we have had contact with the leadership of SL33P3r C3ll, and KARNAGE to confirm these allegations. Karnage could not verify if there were thefts done by Zedarh, but the wallet shows similar behaviour right before he left this corporation as well. While we were dealing with the damage control of him being in the corporation after we messed up initial recruitment, we got contacted by a member of Catastrophic Communication Failure further more affirming that the user above was indeed a corporate thief.

The Aftermath:

Obviously we removed all of Zedarh’s roles and permissions right off the bat, and changed all passwords for towers that he has had access to, but that didn’t stop him from trying to convince us to stay. As a CEO I have to choose if I wish to keep someone who is questionable but possibly a nice guy, over the reputation of our corporation. I do not mind giving second chances, but only if that does not hurt our corporation as a whole. The actions of Zedarh are severe enough that we could not consider him to be a member of our organisation.

What did we learn?

There are a few lessons that we need to keep in mind:

  • There is no such thing as 100% guarantee.
  • We need to revise how our recruitment process works internally.
  • We need to take our time, and not rush. As a result, all applications will take at least 24 hours, and after a maximum of 72 hours you should get a status update.
  • Apply a four-eye principle more thoroughly, meaning that new recruits will need at least two independent recruiters approving the background checks.

Conclusion:

As a person, Zedarh came across like a good lad with decent motivation. Sadly he is a confirmed corp thief, and while he might be the nicest lad in the world, we draw the line there.
I recommend everyone who runs across this guy to do a thorough check, and I hope that this article helps a future corporation in their recruitment process. That said, I also hope that people will not take this as a ticket to instantly begin and harass the guy.

Leave a Reply