A new addition to the “Heirloom” collection, this one-of-a-kind piece features 32 custom-cut gemstones.
Socially Engineered Shipping Scheme Hits Jewelry Industry
The perpetrators are mining information from company websites and Facebook in order to appear legitimate when placing fraudulent orders for high-end items, the JSA warns.
New York--A group of perpetrators are calling jewelry companies and faking their identities in order to trick them into shipping out high-end items, the Jewelers Security Alliance said in a special alert issued late last week.
JSA President John J. Kennedy said that while the exact number of perpetrators is unknown, the shipping scam is the work one of one fairly large singular group believed to be operating in the United States and targeting jewelry firms in the Northeast and Southeast.
He said that both suppliers and retailers are potential victims, with the perpetrators using what’s called social engineering to try to fool their victims into shipping out high-end merchandise.
Social engineering is defined as the use of deception to manipulate individuals to divulge confidential or personal information that may be used for fraudulent purposes. In May of this year, the FBI released a public service announcement about social engineering being used in business email compromise attacks, which cost businesses globally more than $5 billion between October 2013 and December 2016.
But, electronic contact is not part of the current scam that’s impacting jewelers and suppliers, Kennedy said.
Instead, the perpetrators are using the phone, calling suppliers pretending to be jewelers, or targeting multi-store retail chains posing as a store manager or employee of another branch.
They will contact the retail store or supplier with a great deal of knowledge about the company, like names of employees, shipping procedures, inventory in stock and SKU numbers.
While some of the information is obtained via phone calls made prior, much is mined from the internet, including the store’s website and the social media profiles of the business owner and his or her employees.
Then the perpetrator will ask for the supplier or store to ship certain high-end items--Kennedy said mainly large diamonds and high-value watches--overnight, with the goal of diverting the package en route by changing the shipping address to an address of their choice.
Sometimes when the fraud is being committed at a multi-store retail chain, the perpetrator will give an address that he or she claims belongs to a customer or salesperson and asks for the item to be sent there instead of the store.
Kennedy said while he has seen this type of fraud before, he has never seen it happening at the level it is right now.
There have been about a dozen attempts in the last two weeks
“We are putting this out now because we see it as rampant,” Kennedy said of the alert the JSA issued Friday.
He said that the amount of information now available on the internet is a “very large” contributor to criminals’ ability to socially engineer scams today.
And while Kennedy acknowledges that businesses need to be present on the internet to market themselves today, he says jewelers should carefully consider each piece of information that goes online.
“I feel jewelers are putting far too much information out online,” he said. “The more you put out there, the more you are at risk.”
The JSA has five additional recommendations for jewelers and suppliers to help them avoid becoming a victim of this shipping scheme.
1) Employees need to confirm to whom they are speaking. If someone is on the line whom the employee does not know, he or she should excuse themselves immediately and say they will have to call them back. Employees also can call back after the order or request is made to confirm that it’s legitimate.
Either way, the employee should not use the number given to them by the caller and, instead, call the actual phone number of the business, obtained via Google or elsewhere.
2) Be wary of calls that come from blocked or “unknown” numbers.
3) Alert employees that they should not be fooled into giving out inappropriate information to callers asking questions about personnel or procedures. The perpetrators want to find out as much as they can about a supplier or retailer in order to sound legitimate.
4) Strictly limit the procedures that allow for a change of address on shipments. For example, some firms have only one person who can authorize a change of address or have told the shipping company that all packages on which an address change is attempted should be returned to them.
5) Kennedy also recommended Monday that jewelers or suppliers never give out tracking numbers for packages they are shipping.
The Latest
The move will allow the manufacturing company to offer a more “diverse and comprehensive” range of products.
From now through mid-May, GIA will be offering the reports at a 50 percent discount.
With Ho Brothers, you can unlock your brand's true potential and offer customers the personalized jewelry experiences they desire.
De Beers’ rough diamond sales were down 18 percent year-over-year in its latest round of sales.
Sponsored by the Las Vegas Antique Jewelry & Watch Show
The Patek Philippe expert will serve as personal curator for the brand-focused company.
For over 30 years, JA has advocated for the industry, fought against harmful legislation and backed measures that help jewelry businesses.
The 553-square-foot shop is aboard the Carnival Jubilee cruise ship.
NDC filed a complaint against Skydiamond for use of phrases like “diamonds made entirely from the sky.”
John Carter received the AGS’s highest honor Tuesday afternoon at Conclave in Austin, Texas.
LVMH said the company performed well despite an uncertain geopolitical and economic environment.
B&D Sales and Service held a ribbon-cutting event for its new location in Cranston, Rhode Island.
It’s ultra-feminine and filled with gold, pearls, and soft pastels.
Emily Highet Morgan and Emily Bennett have joined the agency’s team.
Its updated book for mountings is also now available.
She has been with the organization since 2010, most recently serving as its chief officer of PR and industry relations.
Joyce’s Jewelry sued the bank after cybercriminals drained its accounts of nearly $1.6 million through a series of wire transfers.
He is remembered by loved ones for his loyalty, integrity, and kindness.
Hosted by Freeman’s | Hindman, the sale will take place May 7-8.
The auction house said all 24 timepieces offered in its underground sale of rare and avant-garde watches quickly found buyers.
From lab-grown diamonds and AI to the inevitable Taylor Swift mention, here are some of Conclave’s most intriguing educational offerings.
From cybersecurity liability to trade show coverage, insurance experts share tips on how to build the right policy.
The charm is a modern rendition of the evil eye amulet that has been worn for thousands of years.
Ahead of its trade show next month, TJS awarded free registration and accommodations to one jewelry professional and three students.
By the end of this year, SRK’s diamond manufacturing complexes will achieve net zero emissions, one of an impressive array of achievements.
Members can still sell lab-grown stones, it said, but only natural gems are allowed on the show floor.