Message Sent On Behalf Of CEMEX Security And Process & IT

The threat from a cyber perspective continues to present challenges and staff must remain vigilant and aware of the potential dangers.

On 12th February 2019 several UK based staff received emails purporting to be from colleagues with credible subject matter titles. When opened, the email was either blank or in some cases presented the recipient with the following image:

Some followed the link which caused significant disruption to some CEMEX accounts, resulting in the automated sending of several hundreds of malicious emails and in one case, the disablement of a user account.

If you believe you have been affected by this malicious email campaign please change your password with immediate effect and advise the GSC Helpdesk.  Whilst measures are in place to prevent such intrusions, some malicious emails may get through.

Please follow the consistent advice circulated by the CEMEX Security Culture account and the Enterprise Information Security Management team.

  • Always check the accuracy of the sender credentials
  • Never click on a link contained within a suspicious email
  • Never forward or reply to an email you suspect to be malicious
  • If in doubt contact the sender by telephone and confirm that the message is genuine
  • Never enter your username and / or password if prompted after clicking on a link contained in an email
  • Assume that CEMEX does not send out emails with links requesting your Username and Password. If you receive one check with the sender first
  • Try to read the link by copying it to start a new browser session and review if the details relate to CEMEX
  • Report all malicious emails to the GSC Helpdesk