Not a recreational sport: Eight tips to heighten your cyber security against phishing

by jacquie_dealmeida | July 29, 2016 9:00 am

By David J. Sexton

safety-and-securityCrimes in the jewellery industry don’t always have to be violent or forceful. Some savvy criminals have taken to cyberspace; instead of stealing your physical inventory, they’re opting to target your bank account or hard drive directly.

The scariest part of all is they don’t have to be forceful by hacking in cyberspace, either. Through lies and manipulation, these criminals—known as phishers—use e-mails appearing to come from legitimate sources (e.g. your bank) and ask you for sensitive information. Many people unknowingly comply and hand over this information without thinking twice.

Crime-StoppersCrime-Stoppers_mobile

To help avoid falling victim to a phishing attack, consider following these tips:

1) Never click on unsolicited e-mail links, especially when they ask for sensitive information. Be mindful anytime an e-mail communication requests bank
or personal information, or asks you to confirm your password.

2) Be wary of messages imposing threats if you fail
to respond.

3) Hover over the links to view the URL’s destination before clicking, as it may be directing you to a phony website. If you’re ever directed to go to your bank’s website, do not click on the e-mail link, but instead open a new browser window and type in the appropriate web address on your own.

4) When a website requests sensitive information, check to see it uses encryption. You can tell it does when ‘https’ is in the URL or you notice a padlock icon in your browser. If you question the legitimacy of an e-mail, research the company’s number and call it to verify the request. Do not use the contact number provided in the e-mail, as it may be part of the scam.

5) Never download the files or open any attachments when you suspect the e-mail is phishing. These documents could be programmed to access your hard drive.

6) Be cautious on all devices, not just your physical computer. Phishing isn’t limited to just e-mails, but may also target you on your phone with phony text messages and automated calls.

You May Also Like  On the offensive: Don't let a data breach put a damper on your holiday sales

What if it appears a trusted friend or colleague is asking for sensitive information via e-mail? Some criminals engage in the highly targeted practice of spear phishing, which makes these type of e-mails appear nearly authentic.

Although it is more difficult to defend against, the following tips can help thwart spear phishers:

7) Be mindful of publicly facing information on your website—or even social media—which can give criminals additional details to make their attacks seem more realistic. Be watchful of what you post on social media, including pictures of your premises or information about upcoming trips.

8) When a subject line from a ‘friend’ appears suspicious, call them or send a separate e-mail to ask if it is indeed a legitimate message.

Due to the nature of phishing attacks, it is not something a business insurance policy typically covers. In fact, most contain a ‘false pretense’ exclusion, meaning you will not receive coverage when covered property has been voluntarily parted with through any fraudulent scheme, trick, or device. This makes it increasingly important for you to stay vigilant when handling your sensitive information online.

Learn more safety and security tips at jewelersmutual.ca or by contacting your local authorized agent. Next time, we’ll look at how much a data breach could cost your business.

Additional resources

David J. Sexton, CPCU, is vice-president of loss prevention consulting at Jewelers Mutual Insurance Co., in the United States. A graduate of the University of Wisconsin, Sexton serves on the Underwriters’ Laboratories’ (UL) Security Systems Council, where he is a corporate member of the insurance category. He also sits on the board of directors for Jewellers Vigilance Canada (JVC), and worked on the Central Station Alarm Association’s (CSAA’s) Insurance Liaison Committee that assisted in the development of the UL burglar alarm modular certificate program and revised UL standard. Comments and questions can be sent to lossprevention@jminsure.com.

Source URL: https://www.jewellerybusiness.com/features/not-a-recreational-sport-eight-tips-to-heighten-your-cyber-security-against-phishing/

Copyright ©2025 Jewellery Business unless otherwise noted.