Busy over at Scam Stop

May 8, 2009

I will be busy over at Scam Stop for the next few weeks, why not catch me there:


Sleeping with the "enemy"……

May 6, 2009

Would YOU consider “sleeping with the enemy”?

The question of a company dealing with a convicted fraudster, particularly in the banking and financial services field, will always present challenges as some people will view this as being ethically wrong and will fear that their reputation will be negatively impacted because they deal with me.

Companies, organisations and individuals may feel that they are running a reputational risk by dealing with a former fraudster and that this could result in negative perceptions arising in the market about their company or organisation.

Some organisations, companies or individuals have ethical reservations in dealing with a former fraudster.

These factors are obviously of concern to potential clients and I would like to address them by sharing my point of view.

First clients are not “dealing” with me in a traditional business sense, they are learning from my experiences, insights and expertise in order to better protect their company, shareholders, employees and all other stakeholders.

I have expertise, insights and experiences that are unique and surely a responsible organisation would be doing themselves and their stakeholders a disservice by NOT learning from me.

The point in could, in fact, be made that an organisation would be acting in an irresponsible, perhaps even negligent fashion, by not leveraging every tool and resource available in the fight against fraud and economic crime.

To be perfectly blunt they don’t have to respect me, like me or enjoy dealing with me even in an educational capacity but they should realize that there are some things that they can only learn from me.

By accessing my experience, expertise and insights an organisation will enhance its reputation because they are leveraging the very best knowledge available for the benefit of their organisation and its various stakeholders.

I have a powerful contribution to make that will change their entire mindset on risk and how they manage risk and the people in the organisation that will add huge value.

I provide perspectives and insights that they must have to protect themselves and they cannot get these perspectives anywhere else.

My contributions and input changes the client’s paradigm regarding fraud prevention and risk management; these contributions change their world view and approach to risk and expose them to a whole new perspective on fraud and fraud risk.

The only real question that arises is the question of what value I add to their fraud prevention efforts and I don’t have any doubt that my contributions add huge value.

So, “sleep with the enemy” you owe it to yourself and your organisation….

Risk Mitigation Services

May 2, 2009

The most effective protection against fraud, social engineering and economic or financial crime is to get the input and perspective of a reformed fraudster.

It makes sense to speak to someone with experience when designing your prevention strategies.

I provide that essential perspective in the risk mitigation services I provide in the fraud, social engineering and economic crime fields.

I conduct a comprehensive risk assessment and evaluate the risk policies and procedures of clients identifying weaknesses and vulnerabilities in systems, procedures, policies, governance and structures that are only apparent from my unique insider perspective.

A report is produced detailing the vulnerabilities that I would exploit if I was intent on defrauding the company, subjecting it to a social engineering attack or obtaining confidential information.

This assessment is conducted from my perspective as a reformed fraudster with expert knowledge of the techniques, tools and strategies employed by fraudsters.

This service enables companies to design and implement counter measures, systems and procedures to prevent potential attacks.

This assessment is a critically important tool in the fight against fraud and crime.

It is essential that companies are fully informed of the strategies and tactics that will be used against them in order for them to design appropriate prevention systems and strategies.

This service is not available from traditional advisors who lack the insider perspective required to pinpoint weaknesses to be addressed by an appropriate prevention strategy.

Full details of my services are available at http://davidalexander.co.cc

Consultation via Skype (David.Alexander2856) is available for service delivery wherever you may be located.

Please contact me at davidalexander649@gmail.com if I can be of assistance to you or your organisation.

ForensicAuditing Hub

May 2, 2009

I am the the Resident Practical Expert at Forensic Auditing where I provide practical advice and assistance to members.

Please visit this great site, it has loads of excellent information and resources for anyone in the fraud, auditing or accounting fields.

I have written an article on the site, What Auditors need to know, please have a read while you are there.

Swine Flu Spam

May 2, 2009

The spammers are very proactive in their efforts to trap and defraud us.

This article from

PC World outlines the dangers that face us from Swine Flu Spam:

Beware Swine Flu Spam

Swine flu spam is spreading like a virus of its own and recently turned malicious.

Spam campaigns often start with harmless e-mail messages and slowly build into more serious threats, according to Stephan Chenette, manager of security research at Websense Inc.






Conditional trust

April 21, 2009

Do you think that there can or should be “conditional” trust in any relationship?

Conditional trust is given to an employee, partner, child or whoever else provided that certain preconditions are met.

“I trust you enough to employ you to work with my data but don’t touch the petty cash and make sure that you don’t work unsupervised”

Dumb concept.

Trust is not something that can be given conditionally, either you trust somebody or you don’t, end of the story.

The truth is that both conditional trust and mistrust are the same animal, conditional trust IS mistrust in another guise.

You know what?

That person KNOWS that you don’t trust them, it is clear from your words, body language and actions.

People who have been given the poison pill of conditional trust tend to fulfil your expectations of them by striking back at you at the first opportunity.

The second most common reason for employee fraud and theft?

The employee didn’t feel valued by the company and struck back.

Would conditional trust make you feel valued?

Off course not.

Bottom line?

Don’t employ ANYBODY ANYWHERE who you don’t trust 100%

Or run the risk of creating your own worst nightmare.

My people ARE my security! (YOU say)

April 20, 2009

The equation is very simple, right (good?) people equals good security. They (your people) would NEVER do anything to harm your company!


Like all things, this is not as simple as it seems.

What is your definition of a “good” person? Good at his or her job? Honest? Trustworthy? Good moral fibre? Loyal?

Good when you hired them? Good now? Good in the future?

Is obedient and malleable “good”? Or is a rebel, a non-conformist “good”?

Problem is that “good people”, whatever your definition may be, are as vulnerable to temptations, greed, desperation, coercion and other pressures and emotions, as the rest of us.

And “good” people are normally not able to deal very well with threats, blackmail, abuse, emotional pressures or coercion BECAUSE they are “good” people.

Perhaps more so when family or close friends are involved.

How many times have you seen in the news that “good” people go wrong and commit crime?

So when I hear a company say that they are not concerned about internal security threats, fraud or abuse because they have “good” people it sets off a warning bell in my head.

Having “good” people alone is NO PROTECTION against fraud, security threats and abuse.

No doubt having good people IS critical to the security of your company.


Make sure that you back your “good” people up with a comprehensive fraud risk assessment, have a proper fraud management plan in place.

Institute appropriate fraud prevention policies, procedures and systems and ensure that your corporate governance and ethics policy is conducive to creating a fraud free environment.

Most important of all make sure that your policies create an environment where an employee feels safe, where they are nurtured, where they know that somebody cares about them and their problems.

An environment where reporting of fraud and abuse is encouraged and accepted, where “good” people are protected, and where they can get help if something happens that may force a “good” person to go wrong.

Then the “good” people will be empowered to take their proper place in your security policy.