Crime

In the Wake of the Cyberattack on Stuller, 5 Tips on Cybersecurity

CrimeDec 09, 2020

In the Wake of the Cyberattack on Stuller, 5 Tips on Cybersecurity

From password security to tracking-number safety, here are five cybersecurity tips to keep in mind.

20201209_Laptop.jpg
The Jewelers’ Security Alliance shared tips on how to safely connect with customers online.

New York—Stuller was hit by a cyberattack over Thanksgiving weekend that delayed shipments, shut down the phone lines, and created other operational issues amid the holiday rush.

It took a few days for the massive manufacturer and supplier to get same-day shipping services on in-stock items and the phone lines back up and running.

While Stuller said there was no indication that sensitive business information was compromised—noting that customer credit cards on file are tokenized, encrypted, and not housed at Stuller—the stressful disruption came at the most critical time of the year for the supplier, underscoring the need for businesses today to invest in cybersecurity.

Stuller did not provide additional details on the specifics of the cyberattack.

In a COVID-19 world, and even before then, the ability to connect with customers online is crucial, whether one is running a consumer-facing retail store or a business-to-business operation.

Here are five expert tips on how to navigate the online world safely.

Ensure employees are adequately protected as they work from home.

Law enforcement officials have seen an uptick in fraud and hacking now that more people are working from home on computers or smartphones less secure than those in their office, the Jewelers’ Security Alliance said in a recent memo.

Be sure all employees’ devices have updated protections in place, including firewall, malware, and spam protection.

Stop using the same password for everything.

JSA advises having “strong, unique” passwords.

When the password for everything is the same, it may be easy to remember, but it’s also easy for hackers to gain access to several accounts in one swoop.

Users may also want to set up two-factor or multi-factor authentication.

“If a cybercriminal were to gain access to your log-in credentials, they wouldn’t be able to compromise your account if they didn’t have access to a passcode that would be sent to your phone,” explained Ryan Ruddock, senior research assistant at JSA, during an October webinar on online scams.

If you’re unsure about an email, just don’t open it.

Be wary of email phishing scams, which are attempts to trick users into giving criminals access to personal information.

“The intention behind phishing is to acquire personally identifiable information. So that’s going to include credit card information, social security numbers, account log-in credentials, and, in some cases, intellectual property,” said Ruddock.

It’s the most common type of cybercrime, said Ruddock, noting that it doesn’t target specific individuals.

Criminals will send a mass email in the

hopes that some percentage will respond.

Misspellings and poor grammar are red flags to look for in phishing emails, he said, but also be wary of any email sent with a sense of urgency, pressuring users to act now, think later.

If an email doesn’t look trustworthy, don’t open it or click on any links. Delete it.

If a link in what is believed to be a phishing email is clicked, Ruddock recommended disconnecting from the WiFi, which could prevent malware from being installed on your computer, running an anti-virus scan, and changing passwords.

Also, be on the lookout for email spoofing, which involves an email sent from an address that’s almost, but not quite, identical to a genuine email address for a contact.

An email might look like it’s coming from longtime vendor, such as JohnSmith@jewelry.com, but upon closer inspection, it may actually read JohnSmith@jewellry.com.

If anything about the email seems off, it’s best to contact the vendor or customer by phone and be sure the request is genuine, JSA said.

Be careful with tracking numbers.

For any questions about a transaction, it’s best to reach out to the customer by phone via the number given at the time of purchase.

“You do not want to use the number given to you by the caller,” advised Ruddock.

JSA does not advise giving out the tracking number on a shipment. If a tracking number of a package is given to someone other than the customer, it may be possible for that person to redirect the merchandise.

JSA has also seen cases where a caller, pretending to be from a retail store, contacts a supplier and requests that a high-end item be sent to the store. The caller later diverts the shipment to a different address.

Set a limit on the number of times an address can be changed on a shipment, said Ruddock, and be clear with the shipper about how change of address requests should be handled.

Some companies, he said, have specified to their shipping company that if there are any attempts to change the address, the package should instead be returned to the company.

Make sure employees know the company’s cybersecurity policy.

Every company should have a written cybersecurity policy that is read and signed by employees, said JSA.

Be sure to regularly review the cyber-protocols with employees so everyone is on the same page.

Select cyber security firms also offer tests that allow employers to determine their employees’ ability to avoid phishing attacks and other scams.

Provide additional training to those employees who need it, advised Ruddock.

For more information about cybersecurity, visit the JSA website.
Lenore Fedowis the associate editor, news at National Jeweler, covering the retail beat and the business side of jewelry.
tags:

The Latest

Adam Levine and Behati Prinsloo modeling Jacquie Aiche’s Rebel Heart collection
CollectionsApr 22, 2024
Jacquie Aiche’s New Campaign Stars Adam Levine, Behati Prinsloo

The “Rebel Heart” campaign embodies rebellion, romance, and sensuality, the brand said.

American Gem Society Conclave logo 2024
EditorsApr 22, 2024
The 22 Best Quotes from AGS Conclave 2024

Editor-in-Chief Michelle Graff shares the standout moments from the education sessions she attended in Austin last week.

Virtual Diamond Boutique
SourcingApr 22, 2024
Virtual Diamond Boutique Rebrands as ‘VDB’

The overhaul includes a new logo and enhanced digital marketplace.

1-(3.18).JPG
Brought to you by
The Blueprint for Success in Scalable, Personalized Jewelry Retail

With Ho Brothers, you can unlock your brand's true potential and offer customers the personalized jewelry experiences they desire.

Signet Jewelers employees and St. Jude Children’s Research Hospital
MajorsApr 22, 2024
Signet Raises Nearly $9M for St. Jude Children’s Research Hospital

The money will go toward supporting ongoing research and aftercare programs for childhood cancer survivors.

Weekly QuizApr 19, 2024
This Week’s Quiz
Test your jewelry news knowledge by answering these seven questions.
Take the Quiz
Retrouvaí’s Treasure Necklace
CollectionsApr 19, 2024
Piece of the Week: Retrouvaí’s Treasure Necklace

A new addition to the “Heirloom” collection, this one-of-a-kind piece features 32 custom-cut gemstones.

China Pearl collage
MajorsApr 19, 2024
Unique Designs Acquires China Pearl

The move will allow the manufacturing company to offer a more “diverse and comprehensive” range of products.

Jewelers of America Fly In Washington, D.C.
Brought to you by
How Jewelers of America Represents Your Business

For over 30 years, JA has advocated for the industry, fought against harmful legislation and backed measures that help jewelry businesses.

Printed and digital AGS Ideal grading reports
GradingApr 19, 2024
AGS Ideal Report Now Available in Printed Form

From now through mid-May, GIA will be offering the reports at a 50 percent discount.

Stock image of a polished diamond in tweezers
SourcingApr 18, 2024
Diamond Trade Remains Cautious Amid Economic Uncertainty

De Beers’ rough diamond sales were down 18 percent year-over-year in its latest round of sales.

LVAJWS24_carousel_images_1872x1052_1.jpg
Supplier BulletinApr 18, 2024
Discover History’s Hidden Gems at the Las Vegas Antique Jewelry & Watch Show

Sponsored by the Las Vegas Antique Jewelry & Watch Show

Kelly Yoch
WatchesApr 18, 2024
Watch E-tailer Collectability Hires Kelly Yoch

The Patek Philippe expert will serve as personal curator for the brand-focused company.

Interior of TAG Heuer Boutique on Carnival Cruise Ship
WatchesApr 18, 2024
TAG Heuer Opens Its Largest Standalone Boutique at Sea

The 553-square-foot shop is aboard the Carnival Jubilee cruise ship.

 Stock image of a gavel
Policies & IssuesApr 17, 2024
NDC Prevails in U.K. Case Over Lab-Grown Diamond Advertising

NDC filed a complaint against Skydiamond for use of phrases like “diamonds made entirely from the sky.”

John Carter, 2024 Shipley Award winner
Events & AwardsApr 17, 2024
And the 2024 Winner of the Shipley Award Is …

John Carter received the AGS’s highest honor Tuesday afternoon at Conclave in Austin, Texas.

Visual from Tiffany & Co.’s With Love Since 1837 campaign
FinancialsApr 17, 2024
LVMH’s Q1 Jewelry Sales Fall 5%

LVMH said the company performed well despite an uncertain geopolitical and economic environment.

 B&D ribbon cutting in RI
MajorsApr 17, 2024
Stuller’s B&D Opens New Headquarters

B&D Sales and Service held a ribbon-cutting event for its new location in Cranston, Rhode Island.

Model Wearing Eat Cake Collection
CollectionsApr 16, 2024
Akaila Reid Launches ‘Eat Cake’ Collection

It’s ultra-feminine and filled with gold, pearls, and soft pastels.

Emily Highet Morgan, Emily Bennett
MajorsApr 16, 2024
Loudr Adds 2 Directors

Emily Highet Morgan and Emily Bennett have joined the agency’s team.

Stuller catalogs
MajorsApr 16, 2024
Stuller Releases First Lab-Grown Diamond Jewelry Catalog

Its updated book for mountings is also now available.

Headshot of Karen Rentmeesters
SourcingApr 16, 2024
Karen Rentmeesters Takes Over as Interim CEO of AWDC

She has been with the organization since 2010, most recently serving as its chief officer of PR and industry relations.

Joyce’s Jewelry
TechnologyApr 15, 2024
Judge Rules Jeweler’s Lawsuit Against PNC Bank Can Move Forward

Joyce’s Jewelry sued the bank after cybercriminals drained its accounts of nearly $1.6 million through a series of wire transfers.

Alfred W. DeScenza
IndependentsApr 15, 2024
Alfred W. DeScenza of DeScenza Diamonds Dies at 95

He is remembered by loved ones for his loyalty, integrity, and kindness.

Madeleine K. Albright
AuctionsApr 15, 2024
Madeleine K. Albright Jewelry, Pins Coming to Auction

Hosted by Freeman’s | Hindman, the sale will take place May 7-8.

Audemars Piguet circa 1985 emerald car watch
AuctionsApr 15, 2024
All of Sotheby’s ‘Rough Diamonds’ Sold in Less Than an Hour

The auction house said all 24 timepieces offered in its underground sale of rare and avant-garde watches quickly found buyers.

AGS Conclave 2024 logo Austin
Events & AwardsApr 15, 2024
10 Can’t-Miss Sessions at AGS Conclave 2024

From lab-grown diamonds and AI to the inevitable Taylor Swift mention, here are some of Conclave’s most intriguing educational offerings.

My Next Question webinar
Recorded WebinarsApr 12, 2024
Watch: What Jewelers Need to Know About Insurance

From cybersecurity liability to trade show coverage, insurance experts share tips on how to build the right policy.

×

This site uses cookies to give you the best online experience. By continuing to use & browse this site, we assume you agree to our Privacy Policy