Previous News:
November 2018
October 2018
September 2018
August 2018
July 2018
June 2018
May 2018
April 2018
March 2018
February 2018
January 2018
December 2017
November 2017
October 2017
September 2017
August 2017
July 2017
June 2017
May 2017
April 2017
March 2017
February 2017
January 2017
December 2016
November 2016
October 2016
May 2016
April 2016
December 2015
March 2015
January 2015
September 2014
August 2014
July 2014
May 2014
April 2014
March 2014
February 2014
January 2014
December 2013
November 2013
October 2013
September 2013
August 2013
July 2013
June 2013
May 2013
January 2013
June 2012
May 2012
April 2012
March 2012
February 2012
January 2012
December 2011
November 2011
October 2011
September 2011

Jewelers' Security Alliance Crime Alert April 2018

“Hacked Fifth Avenue: Data Stolen from Saks, Lord & Taylor.” JCK, April 4, 2018.

“Saks, Lord & Taylor the Latest Hit by Hackers” National Jeweler, April 4, 2018.


“In 2017 JSA recorded a large dollar increase in cyber-enabled thefts by deception and impersonation.” JSA 2017 Annual Crime Report, page 2.
According to the FBI and other law enforcement sources, more and more crime is becoming cyber-enabled. Just as jewelers must take proper security steps to be prepared for the robber or sneak thief, jewelers must also take proper security measures in the digital world.

BASIC RECOMMENDATIONS FOR PREVENTING CYBER-ENABLED CRIME:
1. Have proper firewalls, anti-virus and anti-malware for all systems, and keep them up-to-date.
2. Don’t permit employees to use company internet-connected devices at work for personal use, or to download software without permission, or to introduce personal memory sticks into a company system.
3. Have strong, unique passwords.
4. Phishing - One of the main pathways for cyber criminals is to lead someone to open and click into a link in an email which will unleash malware to penetrate the system.
A. Don't open or click into unknown or suspicious emails.
B. Even emails from persons and customers or vendors that seem familiar can be spoof emails or someone who has obtained an email address which has a slight change to a real email address, like adding or changing an extra letter, or changing to .net, .org or some other extension.
C. Look for unfamiliar foreign domains, misspellings, and other anomalies.
5. Social engineering - “obtaining confidential information by manipulating and/or deceiving people.” Through impersonation, or through email correspondence, research on social media, or other means, cyber criminals obtain information on company personnel, customers, ordering and shipping procedures, payment methods, and other information, in order to facilitate a fraudulent transaction.
A. Be careful of the information you provide the public by email, website, social media
or phone.
B. Confirm the identify of the person you are talking to. If a transaction is involved, call
the known customer on the telephone to confirm that there has not been fraudulent
impersonation.
C. Never give out the tracking number of a Fedex or other merchandise shipment since this would permit a criminal to re-direct the shipment.
6. Avoid visiting questionable and risky sites, such as in the dark web.
7. Don’t download questionable apps from obscure or unknown companies.
8. Each firm should have a written cyber security policy which employees must read and sign.
9. Each firm should have regular staff meetings and periodic reviews of cyber protocols for the firm.

Visit JSA’s website, www.jewelerssecurity.org,, for more information on crime against jewelers or to post your own crime information.
AT: 04/09/2018 01:30:45 PM   LINK TO THIS NEWSLETTER
0 Comments:

Post a Comment
 
Comments are closed.
Copyright © 2009 - 2018 The Retail Jeweler.

Sitemap | Privacy Policy