InsideSources

As e-commerce sales continue to skyrocket, more and more consumers are turning to the internet to get through the bulk of their Christmas shopping.

But the more popular e-commerce has become, the more susceptible online shoppers are to cyberattacks, fakes and frauds.

In fact, according to the 2018 Holiday Threat Report from Carbon Black, a cybersecurity company, cyberattacks are expected to spike 60 percent through the holiday shopping season this year.

“During the holiday season, there is often a ton of noise in the online world and attackers do everything they can to take advantage of that,” said Tom Kellermann, Carbon Black’s Chief Cybersecurity Officer, according to the report.

Based on past data, online shoppers should be on guard until New Year’s. There are two big spikes in online shopping around the holidays: the first starts on Black Friday and continues until Christmas Day, and the second begins shortly after Christmas Day until right before New Year’s Day as online shoppers race to nab the post-Christmas sale deals.

Cybersecurity experts say to expect a spike in cybercrime at the same time.

Furthermore, fakes and frauds are infiltrating e-commerce sites like Amazon and eBay at an alarmingly rapid rate, and no one wants to buy Dad fake leather gloves advertised as “real leather Made in Italy” for Christmas.

So how to stay safe? Here’s a few reliable tips and tricks recommended by cybersecurity companies and blogs:

1. Be wary of seemingly amazing email deals — and don’t click on the links.

According to Carbon Black and Sothis, an information technology (IT) and research company, the holiday shopping season is primetime for phishing campaigns. That eBay item you’re thinking of buying for your mom? The seller probably didn’t just drop the price by 50 percent — so double check who the sender is, and check the listing before you click the email link.

Bottom line: if the “sale” or “bargain” seems too good to be true, then it probably is.

2. Speaking of email links, be careful with tracking updates.

With so much online shopping, you’re probably trying to make sure all your packages arrive safely and on time. You’ve probably signed up for email alerts with tracking information — and maybe text messages too, if you’re really paranoid. But hackers know you’re paranoid, too, and they might send you fake emails with false tracking info and steal your personal data.

Again, double check the sender, and if you see any weird typos in the email address, subject line, etc., then just don’t open the email or click on any links in the email.

3. Shop from tried-and-true sellers.

If you like to hunt for deals on Amazon, eBay or Etsy, make sure you’re buying from a real seller. Christmas is when hackers pose as sellers to steal your data and banking or credit card info or send you fakes, so check and double check who you’re buying from.

Does the seller have good reviews? Is it the right brand? Check the comments too — usually other scammed shoppers will alert future shoppers from buying from a certain seller.

6. Prioritize shopping from websites with “https” in the domain.

Believe it or not, “https” is more secure than “http.” That doesn’t mean you’re guaranteed to be scammed at a website with an “http” domain, but it does mean it’s more likely.

4. Check your bank account periodically.

If you’re buying a lot of items online, it’s wise to check your bank account periodically just to make sure you’re being charged the right amounts for items and haven’t opened the door to a cyber thief.

5. Don’t shop over public Wi-Fi networks.

For many, this is already a no-brainer, but many people use public Wi-Fi networks, so it’s worth a warning. Your computer isn’t secure when it is logged onto a public Wi-Fi network with a WPA2 encryption standard, so completing financial transactions on such a public network is extremely unsafe.

This is because, as CSO Online explains, hackers are able to intercept you and your connection point — in this case, an e-commerce website — and so instead of sending your credit card info to a perfectly reputable Amazon seller, you’re actually sending it straight to the hacker.

So, don’t do it. Shop at home.

Follow Kate on Twitter

One of Silicon Valley’s concerns in the re-negotiation of NAFTA was in the area of free speech and content regulation, and the final draft turned out to be good news for Big Tech — mostly.

According to the new United States-Mexico-Canada-Agreement (USMCA), tech companies like Facebook and Google will not be liable or prosecutable for any content they host on their sites, even if that content is false or illegal.  There is, however, one exception: the new agreement says the U.S., Mexico and Canada can enact “measures necessary to protect public morals” and hold tech companies liable for content that facilitates sex trafficking, child trafficking and prostitution.

The agreement mimics Section 230 of the Communications Decency Act of 1996, which several libertarian experts have praised for protecting tech companies from liabilities and lawsuits related to the content curated on their sites. The Electronic Frontier Foundation calls the CDA’s Section 230 the “most important law protecting internet speech.”

That protection ends when it comes to sex trafficking. The new USMCA specifically references the U.S.’ amendment to the Communications Act of 1934, passed earlier this year, the Allow States and Victims to Fight Online Sex Trafficking Act of 2017 (commonly referred to as FOSTA), which Silicon Valley lobbied against.

FOSTA was the result of an 18-month Senate investigation into Backpage.com, a website notorious for facilitating online sex trafficking and sexual exploitation of children. Thanks to FOSTA, tech companies can be held liable for knowingly running ads for sex trafficking and child sex.

Lisa Thompson, vice president of research and education at the National Center on Sexual Exploitation, said neglecting to hold tech companies liable for this in the new NAFTA agreement would encourage cross-border sex trafficking, which has increased rapidly over the past 10 years, especially at the U.S.-Mexico border.

Simply copy-and-pasting Section 230 language into the new NAFTA agreement, she wrote in an op-ed for The Hill, would “be nothing short of a sex-trafficking apocalypse.”

Silicon Valley — including many tech publications and libertarian voices — decried FOSTA for restricting internet freedom, and Google lobbied earnestly against its passage. The tech industry also lobbied for the new NAFTA agreement to include Section 230 language without caveats. According to a Quartz report, internet and tech companies and associations spent $38 million on lobbying through August this year.

According to two lawyers in an analysis published by Bloomberg, “The safe harbor [of Section 230] has always been a double-edged sword. For platforms, the task of monitoring user content and responding to demands to remove defamatory or otherwise unlawful third-party content could easily become so onerous as to be infeasible. On the other hand, for parties aggrieved by unlawful postings, it can be immensely difficult to cause an unresponsive platform to remove even obviously wrongful — even demonstrably illegal — content or speech.”

In an August 2017 letter to congressional staffers, Google lobbyist Stewart Jeffries wrote that FOSTA “has the potential to seriously jeopardize the internet ecosystem” and “undercut[s] one of the foundational statutes for the Internet: Section 230 of the Communications Decency Act.”

During Google’s Q2 2018, Jeffries lobbied the United States Trade Representative (USTR) on behalf of Google on a number of issues related to the NAFTA (now USMCA) renegotiation, like “freedom of expression and free flow of information,” as well as lobbying Congress over “anti-human trafficking” and FOSTA.

Aware of the tech industry’s push, rescued victims of sex trafficking sent a letter to Congress in September asking for the “Section 230-like language” in the new NAFTA agreement to be modified to hold internet and tech companies liable for “knowingly facilitating” sex trafficking.

Beyond Borders ECPAT Canada, a national advocacy organization seeking to end exploitation of children, said Canadian representatives in the NAFTA renegotiation responded to concerns “that the agreement might include a blanket prohibition which would prevent Canada from imposing liability on internet providers for content. We are pleased to see that the agreement would allow Canada to hold internet providers liable for online sexual exploitation of children.”

Beyond Borders ECPAT Canada also applauded FOSTA earlier this year.

While the USMCA is still a huge win for Silicon Valley, the tech industry’s resistance to anti-sex trafficking efforts may only strengthen anti-Big Tech sentiments in Washington as scrutiny of some of the major players — like Google, Facebook and Twitter — intensifies.

Follow Kate on Twitter