Define the reporting processes and channels

  • Establish processes for employees to report incidents. Make sure that they know who to inform if they receive suspicious messages; this can be a specific role at the company or a general inbox set up to this end.
  • Make sure you know the external resources available to this end, for example: local and national government bodies and organisations for reporting cybersecurity incidents. Remember that you can contact INCIBE free of charge and confidentially by dialling 017.
  • If you are not sure about a message that appears to have been sent by Santander or you don't recognise a transaction in your account, contact phishing@gruposantander.es immediately

Promote a culture of cybersecurity

All employees should be aware of how to react in the event of a cyberattack:

It is important that they feel comfortable and communicate these types of incident, as this will help to create a security culture.
Encourage the third parties you work with to apply a similar approach. The higher the number of organisations implementing online security practices, the more difficult it will be for cybercriminals to achieve their goals.

Think of your customers

It may be the case that your business has its identity stolen. Set out a process (an email address and/or telephone number) for your customers to report any suspicious message in which somebody claims to be from your company. This will serve as an alert and allow you to take action.


More tips for keeping your business safe

Protect your data and update your equipment

Online security starts with your digital devices.

Icon / Plus Created with Sketch.

Be discreet: only disclose when necessary

Everybody should know what can be made public and what cannot.

Icon / Plus Created with Sketch.

Detect malicious communications

Icon / Plus Created with Sketch.

Protect and update your passwords

To safekeep your information and systems.

Icon / Plus Created with Sketch.