​The closing of the transaction between HELLA and Faurecia is getting closer. Fraudsters often use such events to launch targeted cyberattacks.

Tuesday 2022-01-11

​We have already drawn attention to the rising cyber threat from phishing attacks in this section in the past. Information Security (ISO) would now like to draw attention to this topic once again in a very targeted manner, especially against the background of the upcoming closing of the transaction with Faurecia.

Targeted attacks around events such as a closing

"It is quite possible that attackers will deliberately use special events such as the upcoming closing with Faurecia at the end of January to launch a cyberattack against HELLA," explains Christopher Herzog, Head of Information Security (ISO) at HELLA. "For this reason, we would like to make employees aware once again that they could increasingly become victims of very professional phishing attacks in the coming weeks and months. These attacks can take place via e-mail, but there can also be direct contact with the fraudsters through a phone call." With phishing, fraudsters pretend to be trustworthy communication partners in order to obtain certain data. As a result, company internal data is spied on, identities are stolen or malware is installed. The Information Security (ISO) department at HELLA already raised awareness to this type of threat in the past with targeted campaigns. HELLA employees received e-mails that resembled genuine phishing e-mails. In this way, the ISO team tries to increase user awareness at HELLA.
"When we launch internal phishing campaigns such as the one from last week, we're definitely not looking to trick or name and shame employees who may click on the links. The point is to prepare very specifically for the fact that such or similar e-mails can also originate from people with fraudulent intent," continues Christopher Herzog. "Attackers also already have knowledge of the transaction with Faurecia and will be able to estimate approximately when the closing and surrounding actions will take place at our company. This represents a particularly vulnerable period at HELLA. Other companies have already faced such attacks and we want to learn from them to keep HELLA from harm."

Reporting phishing attempts

HELLA employees can report suspicious activities in several ways. For suspicious emails the button in Microsoft Outlook is recommended.
By clicking on the icon with the protective shield and lock, employees can forward suspicious emails directly to Information Security. The advantage of this automated solution is that the experts receive the suspicious e-mail as a mail attachment with the associated required metadata. On the employee's side, the email is placed directly in the junk email folder. If you don't see the button in Outlook, follow these installation instructions. In addition, employees can also send an e-mail to the Information Security Office (Contact information) or call it directly if the matter is urgent.