Phishing is a cybercrime in which a target or targets are contacted by email, telephone or text message by someone posing as a legitimate institution to lure individuals into providing sensitive data such as personally identifiable information, banking and credit card details, and passwords.
Employees to Complete New Security Training Initiative
Given the recent proliferation of phishing messages being sent to Mohawk Industries employees, the company is launching a new security training initiative focused on phishing emails and safe browsing. Everyone with company e-mail accounts will be assigned training courses that can assess and improve cyber security intelligence and offer protection against phishing attempts both at work and at home.
All active employees who have an e-mail account will be required to take the training this year. The training initiative will consist of short interactive training modules presented by Wombat (2018 – Cyber Defense Magazine Award for Best Product in Security Training), accessible through the LMS via our Employee Central portal.
All communications and reminders will be from a trusted source of communications (HR, Employee Central, Corporate Communications) to provide a regional point of contact for training and subsequent notifications.
You will receive an additional email when your training has been assigned and available, and you can then access the courses in the LMS. These courses are brief but informative, and most importantly, will add another layer of security that will protect your interests as well as those of the business.
Outlook Add-in to Enable Employees to Forward Suspicious Emails
Another tool Mohawk will be providing is called "PhishAlarm®," a Microsoft Outlook add-in that allows users to easily report suspicious email by clicking on a button in the Outlook tool to forward the e-mail messages to Mohawk's incident response and e-mail teams.
Plus: Multi-factor Authentication Coming Soon
In addition, Mohawk Industries employees will soon be able to utilize another tool to ensure company systems recognize only their logins as legitimate.
Multi-factor Authentication (MFA) will utilize a second piece of information known only to or only possessed by the employee to authenticate to our systems, such as a text message or callback to a mobile phone. MFA is only necessary when accessing our network remotely; if the log on attempt occurs from a trusted network, e.g., Mohawk private or guest networks, MFA is not required.
Implementation will require all users to perform a one-time online registration process of their Azure/AD account to access Mohawk systems. Watch for more details on MFA soon.