Credit cards and technology–what a convenient combination for streamlining holiday shopping!  Just hop online to your favorite shopping sites, click those boxes, enter credit card info and DONE.

If you like to shop online, you’ve got company.    Nearly half of all shoppers–47 percent–told Experian they expect to do most of their holiday shopping online, either using their computers or their mobile phones.

But there are a lot of Grinches lurking in the form of online identity theft. I have some ideas for keeping your credit cards safe from fraudsters during the holidays and beyond:

  • Use just one or two cards for your online purchases.  This makes it easier to keep tabs not only on how much you’ve spent but also on signs of fraud.  If  you use your most lucrative rewards cards, you can amass more rewards, a nice holiday bonus.
  • Download apps that will enable you to set up text alerts or push notifications whenever your card is charged.  If you see something you did not do, notify the card company ASAP.  And be sure your card has an EMV chip–the technology has reduced counterfeit credit card fraud by 58 percent, Visa says.  Be sure to keep all paper or digital credit card receipts so you can compare them with your monthly statements and have them handy in case you want to dispute a charge.

For paper receipts, use a file folder to toss them in until needed.  With digital receipts, it’s not quite so easy.  You can keep emailed ones in a digital folder; for others, snap a photo with your smartphone and file them in your digital folder.

  • Use an online bookkeeping system to keep track of all your cards and your spending activity. One of my favorite ways to do this is to link all of my credit cards to a program such as Intuit’s Quickbooks online. You could also keep a excel spreadsheet to keep track of your monthly expenses.   It should go without saying that all financial account statements should be stored in a secure place at home and shredded once they are no longer needed.
  • Constantly look for charges you don’t recognize and notify your credit card company if anything looks suspicious.  You can have your card frozen until you’re able to determine the validity of a charge.
  • Sign up for automatic transaction alerts available through most major credit card issuers. Email or text  alerts can tell you within minutes if your card is used, even in another country.  The alerts are also helpful in letting you know when a payment is due or when you’ve neared your credit limit.  I also recommend signing up for alerts whenever a prospective  lender checks credit.   In addition to email and text messages, you can also get “push notifications”  that pop up on your mobile phone.
  • Be sure to update your passwords regularly.  There’s new wisdom about what makes strong passwords. They no longer need to be overly complicated with a series of numbers, letters and symbols. Use long, personal and easy-to-remember phrases  instead.  As previously, don’t use  your child’s name or birthdate and stay away from answers to popular account security questions. And don’t use the same password for separate accounts — if one is hacked, all with the same password are vulnerable. 
  • Don’t post your date of birth, mother’s maiden name, first pet’s name, or other personal information on websites like Facebook, LinkedIn, or Twitter. They’re often used to verify your identity and could allow an imposter electronic access to your accounts.    
  • Try mobile payments. They can actually add more layers of security when shopping in stores. Some credit card companies are even offering extra credit card earnings points when users use these payment methods so it makes sense to look at Apple Pay, Chase Pay, Samsung Pay, and others.
  • Check your credit regularly. You can check your report on all three major credit reporting bureaus for free once a year by going to https://www.annualcreditreport.com/index.action.  Be sure to look for credit inquiries that you did not authorize. You can also set up alerts from credit bureaus such as Experian, which will email you when your credit score changes.

You can consider filing a free initial fraud alert on your credit file that remains active for one year through the Experian fraud center. The fraud alert notifies lenders pulling your credit report to take extra steps to verify your identity. If you are a victim of identity theft, the first defense is freezing your credit. You must place a credit freeze on all three credit bureaus.

  • Set up two-factor authentication. It adds an extra layer of protection by requiring not only a passwords but also a second element, such as a code texted to your smartphone.  This is available on all your existing mobile banking, savings, credit card, home equity line of credit, and other financial accounts that offer it.
  • Many credit card companies such as Amex and Discover even give you your credit score right on the credit card company’s app, which makes it really easy to keep track of activity.
  • Shop only on secure  websites. How do you know if a site is secure? Look for that all-important little s in the URL.  The address should start with  https:// instead of just http://. You can also look for a small padlock icon in the address bar.
  • Use Credit cards rather than debit cards because credit cards offer stronger protection against fraud. Be sure to report any fraudulent activity as soon as you spot it so you can stop the fraud and protect your finances.  Most card issuers will not hold you liable for fraudulent charges if you report them within one to two months, but the sooner the better.  It can take months to get reimbursements, if any, from debit card fraud
  • Don’t do any shopping on a Public WiFi Network! That computer in the public library may seem convenient but you never know what thieves are lurking or what kind of malware may have been surreptitiously installed  on the public computer.  Save your shopping for at home on a secure WiFi network.
  • Ask your credit card issuer for a virtual card number.  These are temporary numbers that can be used while shopping online.  If there is a data breach, the fraudster will be stuck with the useless temporary number instead of your real one.
  • Update Your Computer’s and Mobile Device’s Software. Those alerts are often sent out in the face of new attacks, so pay attention and update.
  • Keep abreast of online scams.  Phishing scams try to trap you into providing personal information that criminals can use to create synthetic identities or open up new credit accounts in your name. Know the various forms of such scams—including spear phishing, angler phishing, and smishing.

Hi! I’m Winnie

Winnie Sun is among the highest followed financial advisors on social media. Follow her on Twitter @WinnieSun.

There are no shortcuts for building meaningful relationships. 💙

Receive the weekly tweet chat topics

Be part of the biggest financial conversation on Twitter.