CLEVELAND — "Ho Ho Ho!"

When you hear those three little words, you know it's shopping season.  But "Ho Ho Ho" can turn into "Oh no!" for those buying online in just one click.

That's why you need to be wary of any emails or texts with links or attachments --Even the ones from retailers offering sales or from companies offering hard-to-find toys. They're usually fakes, those deals won't be hid in attachments. 

The same holds true for notices from UPS or FedEx asking you to click a link to track your package. Instead, go directly to the shipper site and plug in your tracking number.

Adam Levin, the founder of the data defense firm CyberScout, says those links lead you down a terrible path. 

"They're created by hackers for the purpose of either putting ransomware on your computer, getting you to open an attachment which would put malware on your computer to turn it into a keystroke logger, which means every time you log in, you're providing the information to a hacker," says Levin.

You also want to watch out for pop-ups and other ads that take you to shopping websites that look real but are actually fakes.

Go to the genuine retailer site directly, and stick to stores you know.

"If you find yourself making a purchase on a site you've never heard of in the past, you can always check www.bbb.org to make sure you're not getting scammed," Levin says.

And, when you make that purchase, use a credit card, not a debit card. Debit Cards don't offer as many protections if you have a dispute with a merchant or are defrauded.

Tips for Safe Online Shopping:

https://usa.kaspersky.com/resource-center/preemptive-safety/online-shopping

https://usa.kaspersky.com/resource-center/preemptive-safety/online-shopping-tips