The holiday season is quickly approaching and many will turn to the internet to purchase gifts. According to data released by Adobe last year, $4.45 billion was spent online on Black Friday and Thanksgiving Day in 2015. While most online shops go to great lengths to protect their customers’ data, there are cybercriminals out there who are looking to steal your data. It is therefore important for online shoppers to be vigilant, to protect their data.

While keeping an eye out for fake offers and web pages is a good first step, cybercriminals design them to look like the real deal, making it extremely difficult to recognize them.

Here are some tips from Avast web threat lead Jan Zika that you can follow to stay safe while shopping online this holiday season:

We see cybercriminals emailing “special offers” or “deals you can’t miss,” phishing campaigns designed to trick people by leading them to fraudulent shopping sites in order to steal their information and money. It is important shoppers use security tools and pay close attention to detail while shopping online.

Install antivirus on all your devices. Antivirus software, like Avast, will detect and block phishing attacks and malicious websites on your PC and mobile devices before they can cause any damage.

Use a safe browser, like Avast SafeZone browser. Avast SafeZone browser, which comes with Avast Antivirus, includes a bank mode that isolates banking and payment sites in a protected space.

Protect your data when using a free Wi-Fi hotspot. Connecting to a free Wi-Fi hotspot at airports, hotels, and cafes gives cybercrooks the opportunity to spy on you and steal information when you are shopping online or checking your bank account. Avast SecureLine VPN, encrypts your communications and stops eavesdroppers from listening into voice and video calls. How does a VPN protect me when I travel?

Use a credit card. Credit cards will not only help you keep track of your purchases, but more importantly, you have the option of contacting your credit card company if you notice any suspicious charges. Most credit card companies will contact the merchant on your behalf and reverse the charges.

Activate two-factor authentication wherever possible. Two-factor authentication requires you to enter a second code along with your username and password when you sign into one of your accounts. This code is typically sent to your phone or email address associated with your account or can be generated on a mobile device via an app, like Google’s Authenticator app. If you’re not the one trying to log in to your account, two-factor authentication can also serve as a warning system when someone else tries to access one of your accounts and fails to enter the correct code.

Look for the green padlock. Look for the green HTTPS padlock next to the website’s address in your address bar. HTTPS is a protocol that encrypts your data when it is being sent over the web. If you are on a checkout page and don’t see the HTTPS padlock, do not enter your personal data and financial information!

Update your software. Make sure all of the software on your devices is up-to-date. Attackers often exploit vulnerabilities, which can be found in outdated software and by exploiting outdated software they can infect your device to then steal your financial information while you shop online.

Stick to trusted and known sites. Try to stick to well-known shops when shopping online. There are many ways criminals try to lure customers into shopping on fake sites. Some try to take the conversation away from e-commerce sites like Amazon, for example, so that Amazon is no longer responsible and they can rip you off without any real consequences. Some fake shops attempt to attract shoppers by offering products at ridiculously cheap prices and have overly positive reviews on their site. If an offer or unknown site seems too good to be true, you may want to think twice before filling up your shopping cart and emptying your wallet.

Type out URLs yourself. Many phishing emails include links to malicious sites that look like the real deal and are hard to recognize as fake. It's always safer to enter URLs directly into your browser and you should, in general, avoid clicking on links and attachments that are included in promotional emails.

Shopping online is convenient, as you can shop from the safety of your home and avoid crowds, but you need to be at least as careful as you would be in store to protect yourself from thieves.