Watch out for these red flags while holiday shopping

“While you’re in the hustle and bustle of the season, you might be opening more new accounts with stores [or] more likely to open emails that offer the hottest deals,” she says. “That’s the perfect environment for an attacker to launch a phishing scam or encourage you to download a malicious app while you’re distracted.”

To protect myself, I need a multi-pronged approach for 1) sites I visit, and 2) for communications I get.

If I’m navigating to a retailer’s website, Hoyt says I should look for clues that indicate whether it’s safe or malicious. Google has some of these built in, like its on-page Top Quality badge — which means the merchant provides solid customer service — and the little lock icon in the Chrome URL bar — which means my connection is secure.

The Better Business Bureau, or BBB, recommends I scrutinize the URL for typos to make sure I’m on the actual site for a store. It can’t hurt to run a mini background check, either, by searching the website name plus the words “scam” or “reviews” and seeing what sorts of results come up.

Once I’m on the webpage, I’ll want to look closely for bad grammar, shoddy design and a lack of contact information. And I shouldn’t get caught up in flashy ads for low low prices: If a deal seems too good to be true, it’s… probably too good to be true.

“These are red flags that could save you from falling victim to a scam,” Hoyt says.

When checking out, the BBB urges people to “use secure and traceable transactions and payment methods.” The bureau has done research that shows customers who pay with credit cards or PayPal are less likely to be scammed out of their money than those who opted for Zelle or prepaid debit cards.

(Using a credit card also means I’ll have built-in protection under the Fair Credit Billing Act, which limits my liability for unauthorized charges and allows me to dispute transactions where I feel I didn’t get the goods or services I paid for.)

Off-site, I’ve got to be careful with inbound messages, as well.

Amazon discourages interacting with any phone numbers I don’t recognize and avoiding suspicious links, even if they’re in emails claiming there’s something wrong with one of my orders. Just because it got through my spam filter doesn't mean it's real.

It’s brutal out here. To protect my data while shopping online, I should do my due diligence when visiting websites, check for red flags, pay with a credit card and avoid falling prey to random texts/emails.

“Cybercriminals are aware of how much we rely on the internet during the holidays and leverage that time to try and catch consumers when they’re most vulnerable,” Hoyt says. “During the holiday season, be on the lookout.”

Cincinnati Bengals quarterback Joe Burrow recently dropped a whopping $2.99 million on a Batmobile. Sold by Wayne Enterprises Experiences, the vehicle is one of 10 fully functional Batmobile replicas that exist in the world — but Burrow isn't even finished splurging. "I think I gotta go all-in and go for like the expensive batsuit," he said in a clip of the HBO show Hard Knocks: In Season with the AFC North. His spending habits are no Joke(r).

See you next week.

P.S. Are you finished buying presents yet? Do you prefer "A Bar Song (Tipsy)" or "Old Town Road"? Would you purchase a Batmobile? Send comments, questions, concerns and Christmas cards to julia@money.com.