Just hear those sleigh bells jingling, pocketbook ring-ting-tingling… Yes, it’s that time of year when we take to the malls and online shopping venues with reckless abandon, swiping, tapping, and entering our payment methods without a second thought. At the same time, hackers and thieves are rubbing their mittens together with holiday cheer at the prospect of stealing your most sensitive information.

According to a new CNET survey, 71% of American adults engaged in risky online activities this past year while another 47% said they were victims of cyberattacks. While some of these attacks were breaches—over which consumers have little control—many were the result of successful phishing campaigns or other human error, putting both financial data and identities at risk.

CNET identified three of the biggest no-nos that could result in compromises:

1. Using the same password on multiple accounts. (71% of surveyed adults admitted to this.)
2. Saving passwords on their phone or computer (rather than through a password manager).
3. Opting out of two-factor authentication. (1 in 5 of us did this last year.)

While many people take positive steps after they learn their information has been compromised, why not take these steps NOW and avoid the hassle and damage? Get on Santa’s Nice List with these simple steps (we know them, but they are especially important during this shopping season).

1. Change your password often and choose a unique password for every site you visit or app you use.
2. Monitor your credit report regularly and if you even suspect fraud or an attack, freeze your credit immediately.
3. Never opt out of two-factor authentication.
4. Use digital wallets like ApplePay or GoogleWallet so even if a retailer is hacked, your credit card information is safe.
5. When shopping online, confirm the website has “https” in the address to ensure your financial data and purchasing information is encrypted.

Now you can enjoy your holiday shopping and celebrating safely!