Recorded WebinarsMar 31, 2023
Watch: How Is the Industry Doing When It Comes to Diversity?Annie Doresca and Michelle Graff welcome Reggie Johnson and Sheryl Jones for a frank conversation on the state of DEI in fine jewelry.
CrimeDec 09, 2020
In the Wake of the Cyberattack on Stuller, 5 Tips on Cybersecurity
From password security to tracking-number safety, here are five cybersecurity tips to keep in mind.
The Jewelers’ Security Alliance shared tips on how to safely connect with customers online.
New York—Stuller was hit by a cyberattack over Thanksgiving weekend that delayed shipments, shut down the phone lines, and created other operational issues amid the holiday rush.
It took a few days for the massive manufacturer and supplier to get same-day shipping services on in-stock items and the phone lines back up and running.
While Stuller said there was no indication that sensitive business information was compromised—noting that customer credit cards on file are tokenized, encrypted, and not housed at Stuller—the stressful disruption came at the most critical time of the year for the supplier, underscoring the need for businesses today to invest in cybersecurity.
Stuller did not provide additional details on the specifics of the cyberattack.
In a COVID-19 world, and even before then, the ability to connect with customers online is crucial, whether one is running a consumer-facing retail store or a business-to-business operation.
Here are five expert tips on how to navigate the online world safely.
Ensure employees are adequately protected as they work from home.
Law enforcement officials have seen an uptick in fraud and hacking now that more people are working from home on computers or smartphones less secure than those in their office, the Jewelers’ Security Alliance said in a recent memo.
Be sure all employees’ devices have updated protections in place, including firewall, malware, and spam protection.
Stop using the same password for everything.
JSA advises having “strong, unique” passwords.
When the password for everything is the same, it may be easy to remember, but it’s also easy for hackers to gain access to several accounts in one swoop.
Users may also want to set up two-factor or multi-factor authentication.
“If a cybercriminal were to gain access to your log-in credentials, they wouldn’t be able to compromise your account if they didn’t have access to a passcode that would be sent to your phone,” explained Ryan Ruddock, senior research assistant at JSA, during an October webinar on online scams.
If you’re unsure about an email, just don’t open it.
Be wary of email phishing scams, which are attempts to trick users into giving criminals access to personal information.
“The intention behind phishing is to acquire personally identifiable information. So that’s going to include credit card information, social security numbers, account log-in credentials, and, in some cases, intellectual property,” said Ruddock.
It’s the most common type of cybercrime, said Ruddock, noting that it doesn’t target specific individuals.
Criminals will send a mass email in the
hopes that some percentage will respond.
Misspellings and poor grammar are red flags to look for in phishing emails, he said, but also be wary of any email sent with a sense of urgency, pressuring users to act now, think later.
If an email doesn’t look trustworthy, don’t open it or click on any links. Delete it.
If a link in what is believed to be a phishing email is clicked, Ruddock recommended disconnecting from the WiFi, which could prevent malware from being installed on your computer, running an anti-virus scan, and changing passwords.
Also, be on the lookout for email spoofing, which involves an email sent from an address that’s almost, but not quite, identical to a genuine email address for a contact.
An email might look like it’s coming from longtime vendor, such as JohnSmith@jewelry.com, but upon closer inspection, it may actually read JohnSmith@jewellry.com.
If anything about the email seems off, it’s best to contact the vendor or customer by phone and be sure the request is genuine, JSA said.
Be careful with tracking numbers.
For any questions about a transaction, it’s best to reach out to the customer by phone via the number given at the time of purchase.
“You do not want to use the number given to you by the caller,” advised Ruddock.
JSA does not advise giving out the tracking number on a shipment. If a tracking number of a package is given to someone other than the customer, it may be possible for that person to redirect the merchandise.
JSA has also seen cases where a caller, pretending to be from a retail store, contacts a supplier and requests that a high-end item be sent to the store. The caller later diverts the shipment to a different address.
Set a limit on the number of times an address can be changed on a shipment, said Ruddock, and be clear with the shipper about how change of address requests should be handled.
Some companies, he said, have specified to their shipping company that if there are any attempts to change the address, the package should instead be returned to the company.
Make sure employees know the company’s cybersecurity policy.
Every company should have a written cybersecurity policy that is read and signed by employees, said JSA.
Be sure to regularly review the cyber-protocols with employees so everyone is on the same page.
Select cyber security firms also offer tests that allow employers to determine their employees’ ability to avoid phishing attacks and other scams.
Provide additional training to those employees who need it, advised Ruddock.
For more information about cybersecurity, visit the JSA website.
Misspellings and poor grammar are red flags to look for in phishing emails, he said, but also be wary of any email sent with a sense of urgency, pressuring users to act now, think later.
If an email doesn’t look trustworthy, don’t open it or click on any links. Delete it.
If a link in what is believed to be a phishing email is clicked, Ruddock recommended disconnecting from the WiFi, which could prevent malware from being installed on your computer, running an anti-virus scan, and changing passwords.
Also, be on the lookout for email spoofing, which involves an email sent from an address that’s almost, but not quite, identical to a genuine email address for a contact.
An email might look like it’s coming from longtime vendor, such as JohnSmith@jewelry.com, but upon closer inspection, it may actually read JohnSmith@jewellry.com.
If anything about the email seems off, it’s best to contact the vendor or customer by phone and be sure the request is genuine, JSA said.
Be careful with tracking numbers.
For any questions about a transaction, it’s best to reach out to the customer by phone via the number given at the time of purchase.
“You do not want to use the number given to you by the caller,” advised Ruddock.
JSA does not advise giving out the tracking number on a shipment. If a tracking number of a package is given to someone other than the customer, it may be possible for that person to redirect the merchandise.
JSA has also seen cases where a caller, pretending to be from a retail store, contacts a supplier and requests that a high-end item be sent to the store. The caller later diverts the shipment to a different address.
Set a limit on the number of times an address can be changed on a shipment, said Ruddock, and be clear with the shipper about how change of address requests should be handled.
Some companies, he said, have specified to their shipping company that if there are any attempts to change the address, the package should instead be returned to the company.
Make sure employees know the company’s cybersecurity policy.
Every company should have a written cybersecurity policy that is read and signed by employees, said JSA.
Be sure to regularly review the cyber-protocols with employees so everyone is on the same page.
Select cyber security firms also offer tests that allow employers to determine their employees’ ability to avoid phishing attacks and other scams.
Provide additional training to those employees who need it, advised Ruddock.
For more information about cybersecurity, visit the JSA website.
More on Crime
The Latest
MajorsMar 31, 2023
Macy’s Longtime CEO to Retire Next YearJeff Gennette will step down in February 2024, passing the torch to the CEO of another notable retailer.
AuctionsMar 31, 2023
Piece of the Week: The Extraterrestrial Lunar NecklaceArtisan Martin Roberts fashioned lunar meteorites into 48 beads to create this out-of-this-world necklace.
Brought to you by
Full Disclosure at Your FingertipsDistinguishing natural diamonds from laboratory-grown stones – now more available than ever – has been difficult for jewelers. Until now.
MajorsMar 31, 2023
JBT Re-Elects Richard Katz as Board ChairmanAs for new members, the organization welcomed Jewelers of America’s Annie Doresca and Parag Jain of Parag Diamonds.
Weekly QuizMar 31, 2023
This Week’s QuizTest your jewelry news knowledge with this short test.
WatchesMar 30, 2023
At Watches & Wonders, a $20M Watch Makes Its DebutJacob & Co.’s new “Billionaire” timepiece features more than 200 carats of yellow diamonds.
AuctionsMar 30, 2023
See the Jewelry Collection Expected to Top Elizabeth Taylor’s at AuctionHeidi Horten, wife of department store magnate Helmut Horten, collected jewelry from Bulgari, Cartier, Harry Winston and Van Cleef & Arpels.
Brought to you by
Bringing Over 130 Years of Diamond Expertise to Modern GradingDe Beers Institute of Diamonds provides the very best in diamond verification, education and diamond services.
MajorsMar 30, 2023
Jewelers Mutual Marks a Major MilestoneThe jewelry industry insurer and solutions provider is celebrating 110 years in business this month.
SurveysMar 30, 2023
NRF Says Brick-and-Mortar Stores Remain ‘Primary Point of Purchase’The statement came as the National Retail Federation released its retail sales forecast for 2023.
AuctionsMar 29, 2023
10.57-Carat Purplish Pink Diamond Expected to Sell for $35M+Sotheby’s will auction the diamond, which it says is “arguably the most significant pink diamond to ever appear at auction,” in June.
MajorsMar 29, 2023
Blue Nile to Close Fulfillment Center, Lay Off WorkersThe retailer, recently acquired by Signet Jewelers, will lay off 119 employees in July.
WatchesMar 29, 2023
See All the New Patek Philippe Watches for 2023The Swiss watchmaker introduced 17 new models at Watches & Wonders Geneva.
MajorsMar 29, 2023
Mark Henry Jewelry Offering Complimentary ‘Masterclass’ on Sales from Peter SmithAs part of the promotion, Smith will share his sales expertise during a 90-minute training session.
EditorsMar 28, 2023
I’m Enchanted With Parmigiani Fleurier’s Perfect Travel WatchAt Watches & Wonders, the Swiss brand unveiled a follow-up to last year’s Tonda PF GMT Rattrapante.
CollectionsMar 28, 2023
Helzberg’s New Lab-Grown Diamond Collection Earns SCS CertificationThe “rêve” collection’s engagement rings and wedding bands are geared toward “sustainability minded customers.”
EditorsMar 28, 2023
This New Rolex Day-Date Tells Time … and AffirmationsA new word appears on the dial each day of the week.
IndependentsMar 28, 2023
D.C. Jeweler That Honored 50-Year-Old Gift Certificate Closes Bensons Jewelers closed for good Feb. 24, impacted in part by the decline in foot traffic downtown since the onset of the pandemic.
MajorsMar 28, 2023
Swarovski Names New GM of North AmericaKolja Kiofsky has been with the crystal and jewelry company since 2010.
AuctionsMar 27, 2023
Jewels to Shine in Upcoming ‘Golden Age’ of Hollywood AuctionThe Kruse GWS Auctions sale will include the replica “Taj Mahal” necklace Elizabeth Taylor made with Avon as well as a costume piece Marilyn Monroe wore.
MajorsMar 27, 2023
Pandora Promotes GM to Chief of Retail OperationsMassimo Basei is moving up, while Chief Commercial Officer Martino Pessina is stepping down.
Events & AwardsMar 27, 2023
Registration Is Open for the HardRock SummitAGTA GemFair and the Denver Gem & Mineral Show also will have a presence on the show floor.
AuctionsMar 24, 2023
Piece of the Week: The $5.8M Patek Philippe ‘Sky Moon Tourbillon’Sold by Christie’s Hong Kong, this masterwork of complications now holds the record for most expensive watch ever auctioned online.
FinancialsMar 24, 2023
Movado Predicts Declining Sales Amid ‘Volatile’ Retail EnvironmentThe watch company expects first-quarter sales to fall as much as 15 percent due to inflation and tough comps.
Lab-GrownMar 24, 2023
Lightbox Promotes General Manager to COOAdam O’Grady, general manager of the Lightbox Lab, has taken on the new role and will report directly to Lightbox CEO Antoine Borde.
WatchesMar 23, 2023
Which Brands Do Watch Enthusiasts Love Most? Chrono24 Takes a LookThe watch marketplace gathered data from 1.3 million collectors, highlighting the most popular timepieces and exploring value appreciation.
SourcingMar 23, 2023
Burgundy Diamond Backing Out of Ellendale Mine Deal Burgundy has opted not to exercise its option to buy the mining claims Gibb River Diamonds currently owns.
