The European Union Agency for Cybersecurity (ENISA) shared some top tips on what we can do in order to prevent ourselves and CEMEX from becoming the next victim of a scam.
Stay calm if you receive an ‘urgent’ email from a senior member of staff (especially if they request a payment).
Fraudsters and cybercriminals will often pretend to be a trusted member of staff, such as a senior manager or CEO, and ask for a confidential payment for a seemingly legitimate reason. Always check the email address of the sender and call the individual to verify the request is legitimate. Do not call any number that was sent with the email, check and use the details you already have or are otherwise available via CEMEX resources.
Always double check a supplier’s request to change payment details.
A call, email or letter from a supplier requesting to change payment terms and/or accounts, could be a scam. It is good practice to call the suppler independently to confirm the request. Again, do not use contact details contained within the suspicious email.
Watch out for fake ‘security alerts.’
Fraudsters will often use fake security alerts to trick employees into thinking there has been a security breach on the company’s system or an internet banking system. Often these scammers will claim to need your financial information in order to ‘fix’ the breach. To help ensure the source is who they are claiming to be hang up and call them back using a number from our own records and not the number you received the call from. REMEMBER….’scammers’ can make their call appear from any number!
Think before you click
If something about an email seems suspicious do not open any links, attachments or download any files. This is one of the many ways that fraudsters can trick individuals into downloading malware. Change your log on credentials regularly, use hard to guess passwords, activate Multi Factor Authentication and report any such emails to Security and/or the IT department. CEMEX Cybersecurity capabilities can ensure the email sender is blocked and any damage limited and repaired in timely fashion.
Think before you share
Never share any sensitive information about CEMEX or your role on social media as this can increase the risk of becoming a target. Check company policies regarding what can be shared on social media and if in doubt, don’t post.
Each of these pointers relate to issues we have experienced; be savvy and play your part in keeping us all safe online……Cyber enabled crime remains the #1 Security Risk to CEMEX business.