This holiday season alone, retail industry professionals expect Americans to spend more than $1 trillion. Criminals see this increased spending as an opportunity to rip off consumers, steal their money, and obtain their personal data to commit fraud and identity theft.

It pays to be vigilant. Here are four types of scams to watch out for this holiday season:

1. Fake Charities

The holiday season is the biggest time of year for charitable donations. This seasonal spike in generosity can attract scammers attempting to fleece honest donors out of their hard-earned cash.

Charity scams come in many forms. Scammers may try to impersonate legitimate charities by email or over the phone, looking to pocket your donations. They might even set up fake organizations with websites and social media pages, scouring social media profiles to find potential victims who will be sympathetic to the “cause”.

Doing a little research can help ensure you’re donating to a legitimate charity. When you want to donate to a legitimate charity, give directly through their secure website or reach out to their hotline. Don’t respond to donor solicitations by email, phone call, or social media – these are harder to verify.

You can check if a charity is legitimate with the IRS list of tax-exempt organizations.

2. Email Phishing Scams

Email phishing scams come in many forms. Generally, they attempt to impersonate a legitimate organization to trick you into providing your personal information, clicking a link that takes you to a fake website, or downloading an attachment that contains malware.

Be wary of emails that ask you to perform an action such as supply personal data, follow links to websites, or download attachments. Common email phishing scams include:

  • Emails that ask you to download and print invoices or receipts.
  • Holiday e-cards that ask you to follow a link or download an attachment to “open” your card.
  • Promotional emails offering links to great deals, which may take you to a fake landing page or website.
  • Package delivery emails that impersonate legitimate delivery companies like UPS or FedEx, asking you to provide information or print a voucher to claim your shipment.
  • Travel emails that warn of itinerary changes to upcoming trips.

Always do your homework to ensure an email came from a legitimate source before you respond. When in doubt, reach out to the business directly without clicking any links or downloading attachments. Learn how to spot email phishing scams.

3. Fake Ads

Fake ads on social media and website popups may offer huge discounts on merchandise, low airline fares, and other deals that are too good to be true. The goal is to get you to click the ad, follow the link to a fake website, and harvest your personal information and credit card info.

If a deal sounds too good to be true, it most likely is. Proceed with caution, and only shop on websites that are legitimate. You can contact the company directly to verify if an offer is legitimate and look for a padlock image in the browser’s address bar to indicate you’re visiting a secure website.

4. Package Scams

Some package scams even target your physical address. You may arrive home to notice a seemingly official note on your front door, stating that a package delivery was attempted. When you call the number provided on the notice, you’ll be asked to provide a credit card number, Social Security number, or other information to get the package delivered. That information could be used to run up purchases on your credit card or open accounts in your name.