Busy over at Scam Stop

I will be busy over at Scam Stop for the next few weeks, why not catch me there:

http://scamstop.co.cc

Sleeping with the "enemy"……

Would YOU consider “sleeping with the enemy”?

The question of a company dealing with a convicted fraudster, particularly in the banking and financial services field, will always present challenges as some people will view this as being ethically wrong and will fear that their reputation will be negatively impacted because they deal with me.

Companies, organisations and individuals may feel that they are running a reputational risk by dealing with a former fraudster and that this could result in negative perceptions arising in the market about their company or organisation.

Some organisations, companies or individuals have ethical reservations in dealing with a former fraudster.

These factors are obviously of concern to potential clients and I would like to address them by sharing my point of view.

First clients are not “dealing” with me in a traditional business sense, they are learning from my experiences, insights and expertise in order to better protect their company, shareholders, employees and all other stakeholders.

I have expertise, insights and experiences that are unique and surely a responsible organisation would be doing themselves and their stakeholders a disservice by NOT learning from me.

The point in could, in fact, be made that an organisation would be acting in an irresponsible, perhaps even negligent fashion, by not leveraging every tool and resource available in the fight against fraud and economic crime.

To be perfectly blunt they don’t have to respect me, like me or enjoy dealing with me even in an educational capacity but they should realize that there are some things that they can only learn from me.

By accessing my experience, expertise and insights an organisation will enhance its reputation because they are leveraging the very best knowledge available for the benefit of their organisation and its various stakeholders.

I have a powerful contribution to make that will change their entire mindset on risk and how they manage risk and the people in the organisation that will add huge value.

I provide perspectives and insights that they must have to protect themselves and they cannot get these perspectives anywhere else.

My contributions and input changes the client’s paradigm regarding fraud prevention and risk management; these contributions change their world view and approach to risk and expose them to a whole new perspective on fraud and fraud risk.

The only real question that arises is the question of what value I add to their fraud prevention efforts and I don’t have any doubt that my contributions add huge value.

So, “sleep with the enemy” you owe it to yourself and your organisation….

Risk Mitigation Services

The most effective protection against fraud, social engineering and economic or financial crime is to get the input and perspective of a reformed fraudster.

It makes sense to speak to someone with experience when designing your prevention strategies.

I provide that essential perspective in the risk mitigation services I provide in the fraud, social engineering and economic crime fields.

I conduct a comprehensive risk assessment and evaluate the risk policies and procedures of clients identifying weaknesses and vulnerabilities in systems, procedures, policies, governance and structures that are only apparent from my unique insider perspective.

A report is produced detailing the vulnerabilities that I would exploit if I was intent on defrauding the company, subjecting it to a social engineering attack or obtaining confidential information.

This assessment is conducted from my perspective as a reformed fraudster with expert knowledge of the techniques, tools and strategies employed by fraudsters.

This service enables companies to design and implement counter measures, systems and procedures to prevent potential attacks.

This assessment is a critically important tool in the fight against fraud and crime.

It is essential that companies are fully informed of the strategies and tactics that will be used against them in order for them to design appropriate prevention systems and strategies.

This service is not available from traditional advisors who lack the insider perspective required to pinpoint weaknesses to be addressed by an appropriate prevention strategy.

Full details of my services are available at http://davidalexander.co.cc

Consultation via Skype (David.Alexander2856) is available for service delivery wherever you may be located.

Please contact me at davidalexander649@gmail.com if I can be of assistance to you or your organisation.

ForensicAuditing Hub

I am the the Resident Practical Expert at Forensic Auditing where I provide practical advice and assistance to members.

Please visit this great site, it has loads of excellent information and resources for anyone in the fraud, auditing or accounting fields.

I have written an article on the site, What Auditors need to know, please have a read while you are there.

Swine Flu Spam

The spammers are very proactive in their efforts to trap and defraud us.

This article from

PC World outlines the dangers that face us from Swine Flu Spam:

Beware Swine Flu Spam

Swine flu spam is spreading like a virus of its own and recently turned malicious.

Spam campaigns often start with harmless e-mail messages and slowly build into more serious threats, according to Stephan Chenette, manager of security research at Websense Inc.

READ THE FULL ARTICLE HERE

 

 

 

 

Conditional trust

Do you think that there can or should be “conditional” trust in any relationship?

Conditional trust is given to an employee, partner, child or whoever else provided that certain preconditions are met.

“I trust you enough to employ you to work with my data but don’t touch the petty cash and make sure that you don’t work unsupervised”

Dumb concept.

Trust is not something that can be given conditionally, either you trust somebody or you don’t, end of the story.

The truth is that both conditional trust and mistrust are the same animal, conditional trust IS mistrust in another guise.

You know what?

That person KNOWS that you don’t trust them, it is clear from your words, body language and actions.

People who have been given the poison pill of conditional trust tend to fulfil your expectations of them by striking back at you at the first opportunity.

The second most common reason for employee fraud and theft?

The employee didn’t feel valued by the company and struck back.

Would conditional trust make you feel valued?

Off course not.

Bottom line?

Don’t employ ANYBODY ANYWHERE who you don’t trust 100%

Or run the risk of creating your own worst nightmare.

My people ARE my security! (YOU say)

The equation is very simple, right (good?) people equals good security. They (your people) would NEVER do anything to harm your company!

True?

Like all things, this is not as simple as it seems.

What is your definition of a “good” person? Good at his or her job? Honest? Trustworthy? Good moral fibre? Loyal?

Good when you hired them? Good now? Good in the future?

Is obedient and malleable “good”? Or is a rebel, a non-conformist “good”?

Problem is that “good people”, whatever your definition may be, are as vulnerable to temptations, greed, desperation, coercion and other pressures and emotions, as the rest of us.

And “good” people are normally not able to deal very well with threats, blackmail, abuse, emotional pressures or coercion BECAUSE they are “good” people.

Perhaps more so when family or close friends are involved.

How many times have you seen in the news that “good” people go wrong and commit crime?

So when I hear a company say that they are not concerned about internal security threats, fraud or abuse because they have “good” people it sets off a warning bell in my head.

Having “good” people alone is NO PROTECTION against fraud, security threats and abuse.

No doubt having good people IS critical to the security of your company.

BUT!

Make sure that you back your “good” people up with a comprehensive fraud risk assessment, have a proper fraud management plan in place.

Institute appropriate fraud prevention policies, procedures and systems and ensure that your corporate governance and ethics policy is conducive to creating a fraud free environment.

Most important of all make sure that your policies create an environment where an employee feels safe, where they are nurtured, where they know that somebody cares about them and their problems.

An environment where reporting of fraud and abuse is encouraged and accepted, where “good” people are protected, and where they can get help if something happens that may force a “good” person to go wrong.

Then the “good” people will be empowered to take their proper place in your security policy.

The benefit of experiences is……

that you can recognise a mistake when you make it again!

“They” also say “Marry in haste, repent at leisure”.

The point of all this?

My decision to stop this blog was premature and wrong.

I LOVE this blog, WHAT was I thinking?

Anyway, I hope you are still around or will come back and if you have no idea what I am rambling on about, it was nothing, forget it, please.

And if you are seeing this for the first time check us out at Corporate Crime Watch.

Ever wondered who “They” are?

Developments at Scam Stop

We have been very busy putting the services and sites in place to be able to fulfil our vision of assisting our members in STOPPING the scams, schemes, bogus job offers, sales frauds, spam and general abuse that plague us every day both online and in the “real” world.

Scam Stop offers its members a confidential advice and resolution service should they ever fall victim to a scam or fraud.

This service is available from the Scam Stop portal, http://scamstop.co.cc.

Scam Stop has a voluntary panel of experts who are prepared to provide assistance in their area of expertise.

They are:

David Alexander http://davidalexander.co.cc of Mercury Advisors who is a social engineering and fraud prevention education expert.

John Dierckx http://www.visualcv.com/johndierckx, of the Arcis Fraud Discovery and Exposure Centre, http://arcisfdec.com/ , who is an internationally recognised expert on all matters relating to fraud, Insurance fraud, computer fraud and the resolution of fraud situations.

Patrick Dacre http://www.linkedin.com/in/inbusiness4good, of Computer Helpers Without Borders, http://www.computerhelpers4good.net, and a member of the ICAN Anti Spam Task Force since 1995 is our computer safety expert and will advise members on any computer safety related issues.

Deborah Berchem http://www.linkedin.com/in/debberchem, of DLB and Associates, http://www.dlbandassociates.com/, who is a Certified Identity Theft Risk Management Specialist and an expert on all matters relating to identity theft.

This group can only grow and flourish through the active participation of all members so we would request that you visit us often make us part of your online life and invite your friends and family, remember together we can do more!

We are committed to adding value to our members by assisting them to navigate the hazards of the online experience and to providing valuable assistance and advice should it ever be required.

Thanks

The Scam Stop Team

DANGEROUS ATM Urban legend!

I received this message in one of those infamous, mass hysteria, bulk forwarded e mail messages:

In the spite of armed robbery, here is something you may really need.

WHEN A THIEF FORCES YOU TO TAKE MONEY FROM THE ATM, DO NOT ARGUE OR RESIST, YOU MIGHT NOT KNOW WHAT HE OR SHE MIGHT DO
TO YOU.
WHAT YOU SHOULD DO IS TO PUNCH YOUR PIN IN THE REVERSE, I.E IF YOUR PIN IS 1254, YOU PUNCH 4521.
THE MOMENT YOU PUNCH IN THE REVERSE, THE MONEY WILL COME OUT BUT WILL BE STUCK INTO THE MACHINE HALF WAY OUT AND IT
WILL ALERT POLICE WITHOUT THE NOTICE OF THE THIEF.
EVERY ATM HAS IT, IT IS SPECIALLY MADE TO SIGNIFY DANGER AND HELP.
NOT EVERYONE IS AWARE OF THIS.
FORWARD THIS TO ALL YOUR FRIENDS AND THOSE YOU CARE FOR.

Why do I say that it is dangerous?

BECAUSE IT IS FALSE! 100% URBAN LEGEND.

Picture the scene, your granny, mother or whoever desperately entering her PIN in backwards and waiting for the cavalry to arrive to rescue her.

Not going to happen.

That is supposing she CAN enter the thing in backwards in a moment of extreme stress. Most of us have trouble enough remembering our PIN forwards at the best of times!

The thing that cooks my blood is that 30 seconds on Google, or Snopes or About or any number of other sites will tell you that this is crap and dangerous to boot.

Yes, the technology does exist and has done for a long time but it is not in use.

NEWSFLASH!

NOT EVERYTHING YOU READ IN AN E MAIL OR ON THE INTERNET IS TRUE!

I have written about  forwarding e mails here. Please read it again.

This e mail IS NOT HARMLESS because it can lull people into a false sense of security thereby exposing them to danger.

Use your common sense, the layout, language use, the use of capitals throughout should alert you to the fact that this is a hoax.

Just ask yourself if FNB would EVER send out information that looks as bad as this one does.

Common sense tells you that this is a hoax even before you check it out.

It may be a well meaning hoax, maybe the person who sent it believes it but this does not reduce the damage that it could cause.

Please do your entire mail list a favour, STOP FORWARDING THE E MAILS and if you really, really think you must, the information is true and of critical importance, here is some advice that will keep you out of trouble:

• Check the veracity of the information, as mentioned just by using Google, or Snopes or About.com you can satisfy yourself if the information has a reasonable chance of being true. Invest the few minutes required and save yourself from a lot of potential embarrassment.
• Don’t fall for the hysterical, urgent, critically important “you must do this now” appeal that all of these things contain (Don’t worry the world will not stop and no curse will befall you if you don’t forward the message to at least 10 people)
• If you decide that you must inform you entire network about the content of the email, here is what to do:
• Copy the message into a new e mail.
• Address it to yourself.
• Put all your other contact’s e mail addresses in the BCC field, this will protect your contact’s privacy and not display their address to all and sundry. (Remember that your contact’s shared their e mail address with YOU, not your entire network, it is only good manners and practice to respect their privacy)

You should NEVER just forward any e mail to your entire network, do this often enough and your contacts will start blocking you as an irritating, brainless, spammer.

And you are not, are you?

Let’s stay safe, sensible and be a good, reliable, considerate contact, one who people know that they can rely on.

Play your part in reducing spam.

Don’t give your contact to the “address harvesters”.