Dear Colleagues,
We all rely on email to conduct business every day. Cyber criminals take advantage of this by sending legitimate-looking emails in an attempt to gather passwords, personal and financial information from us. This is known as phishing. Phishing emails often appear to come from well-known and reputable organisations such as banks, social media, online services and even our own company.
In recent months financial institutions have suffered a series of high-profile data breaches caused by employees clicking inadvertently on malicious links or attachments in phishing emails. These actions allow cyber criminals to compromise companies’ information security measures and gain access to corporate systems and data.
To make AIA employees alert to this risk, this week Group Technology Risk sent a phishing email to all staff announcing a “New AIA Employee Portal” in an attempt to gather your AIA email address and phone number. This email was an information security exercise, and was not harmful to your computer system or email account.
For those of you who suspected this was a phishing email and deleted it, we thank you for your vigilance. Please continue to be alert when handling suspicious-looking emails in your work and personal life.
For those who clicked on the link and/or entered data to the web portal, we hope this exercise has raised your awareness of the very real threat we all face from phishing.
You should always assume that unknown incoming email is untrustworthy unless you are expecting it. If in doubt, throw it out. Thank you for your participation in this exercise, and for playing your role in our Group-wide defence against cybercrime.