Important Notice: Email and Messaging Impersonation Alert

Dear All,

Thank you to everyone who has brought this issue to our attention. We have observed instances of fraudulent emails being sent to either our corporate or personal email addresses. These emails appear to originate from one of our high-ranking executives but are, in fact, fake and illegitimate.

Please be advised:

• Do not act on any instructions, click on any links, or reply to these emails.
• These emails do not come from the executive they claim to represent.
• If you receive such an email, report it immediately to AC ICT Support.

Additionally, similar impersonation attempts are being made through chat applications such as WhatsApp or Viber. These messages may use the executive’s name and photo but are equally fraudulent. If you encounter such messages:

• Block the sender.
• Report the impersonation using the app’s reporting feature.

We encourage everyone to remain vigilant and to treat unexpected messages—whether via email or chat apps—with caution. This situation underscores the importance of staying cybersecurity aware and proactive in protecting both personal and company information.

How to Spot Fraudulent Emails or Impersonations and Verify Sender Details

To help you identify and protect yourself from fraudulent emails or impersonations, here are some key points to consider:

1. Look for Red Flags in the Email Content

• Urgency or Threats: Fraudulent emails often create a sense of urgency (e.g., “Immediate action required” or “Your account will be suspended”).
• Unusual Requests: Be cautious if the email asks for sensitive information, payment, or unusual actions.
• Grammar and Spelling Errors: Legitimate communications are usually well-written. Be wary of emails with obvious errors.

2. Verify the Sender’s Email Address

• Hover over the sender’s name to reveal the full email address. Ensure the domain matches the company’s official domain. Our legitimate email addresses in AC is @ayala.com, while a fake one might use @ayaala.com or similar variations.
• Be cautious of addresses from free email providers like Gmail, Yahoo, or Outlook, especially if they claim to represent your organization.

3. Check Links and Attachments Before Clicking

• Hover over any links to preview the URL. Fraudulent links may look similar to legitimate ones but will often have subtle differences (e.g., https://ayaala.com instead of https://ayala.com).
• Avoid downloading unexpected attachments, especially if they are in uncommon file formats like .exe, .zip, or .scr.

4. Watch for Spoofed Display Names

• Fraudsters may use a display name that mimics an executive or colleague. Always verify the actual email address behind the display name.

5. Analyze Tone and Context

• Consider whether the tone of the email matches the sender’s usual communication style. Impersonation emails often lack personal touches or specific details.

6. For Chat Apps (WhatsApp, Viber, etc.):

• Check the Number: Confirm the sender’s phone number matches the one you have on file.
• Profile Details: Fraudsters may use the name and photo of an executive, but their phone number is likely unknown.
• Unusual Requests: Be skeptical of unexpected messages asking for personal information, urgent action, or money transfers.

7. When in Doubt, Verify

• Contact the alleged sender using a known phone number or email address (not the one in the suspicious message).
• Report suspicious emails or messages to AC ICT Support (helpdesk@ayala.com) immediately.

By following these steps, you can better protect yourself and our organization from cyber threats. Stay vigilant!

Thank you for your attention and cooperation.

Best regards,

Your AC IT and Information Security Team