Cybersecurity Alert

On Tuesday, November 1, Wespath experienced an attempted cyberattack in which a Wespath employee's email was used to send phishing emails marked "high importance" and indicating urgency. Unfortunately, some external recipients including benefits officers and a small number of participants also received this phishing email. The email appears to come from Margaret Sanders, a member of Wespath's Meetings and Events team.

As a benefits officer, if you received such an email, please do not open it and do not click on the links.

• Delete the email.
• If you've already opened the email, please alert your IT department ASAP.

Below is an example of the phishing email you may have received. If you receive a suspicious or urgent email from Wespath, please don't open it.

We apologize for this inconvenience. Please be reassured that Wespath's data security procedures identified and addressed this cyber issue as designed. No participant, plan sponsor or institutional client data was compromised because of this attempted cyberattack.

We will be sending a separate communication to all who received this phishing email to inform them of this issue as well as steps they can take to remediate negative impacts. Some of you may receive that email as well.

If you or your participants have questions, please contact Bryan Mjaanes, Wespath's chief information and technology officer, at bmjaanes@wespath.org.

Copyright © Wespath Benefits and Investments,
a general agency of The United Methodist Church
Share your suggestions and comments about On Board Express