1. Have proper firewalls, anti-virus and anti-malware for all systems, and keep them up-to-date.

2. Don’t permit employees to use company internet-connected devices at work for personal use, or to download software without permission, or to introduce personal memory sticks into a company system.

3. Have strong, unique passwords.

4. Phishing – One of the main pathways for cyber criminals is to lead someone to open and click into a link in an email which will unleash malware to penetrate the system.

A. Don’t open or click into unknown or suspicious emails.

B. Even emails from persons and customers or vendors that seem familiar can be spoof emails or someone who has obtained an email address which has a slight change to a real email address, like adding or changing an extra letter, or changing,.org or some other extension.

C. Look for unfamiliar foreign domains, misspellings, and other anomalies.

5. Social engineering – “obtaining confidential information by manipulating and/or deceiving people.” Through impersonation, or through email correspondence, research on social media, or other means, cyber criminals obtain information on company personnel, customers, ordering and shipping procedures, payment methods, and other information, in order to facilitate a fraudulent transaction.

A. Be careful of the information you provide the public by email, website, social media
or phone.

B. Confirm the identity of the person you are talking to. If a transaction is involved, call
the known customer on the telephone to confirm that there has not been fraudulent

C. Never give out the tracking number of a Fedex or other merchandise shipment since this would permit a criminal to re-direct the shipment.

6. Avoid visiting questionable and risky sites, such as in the dark web.

7. Don’t download questionable apps from obscure or unknown companies.

8. Each firm should have a written cyber security policy which employees must read and sign.

9. Each firm should have regular staff meetings and periodic reviews of cyber protocols for the firm.

Learn More About Jewelers Security Alliance

JSA fulfills its mission of informing and alerting jewelers about crime through frequent E-Mail Crime Alerts and print publications, a website, seminars and consulting activities.

Learn More about JSA