Big sales, must-have items and a list that just seems to get longer: Holiday shopping can drain your wallet and your sanity.

Don’t let the stress erode your guard against identity theft, though. All that holiday shopping can leave you more vulnerable to scams.

“It’s the fact that we’re not paying attention that makes the holidays so risky for ID theft,” says Eva Velasquez, CEO of Identity Theft Resource Center, a nonprofit dedicated to helping consumers safeguard their identity.

Save yourself from falling victim by recognizing these sources of scams.

1. Unsecure networks and devices

Shopping over public Wi-Fi, such as an airport network, or leaving your devices without passcodes can make it easier for scammers to access your information, including your bank account and login credentials.

Tip: Secure your devices with passcodes and don’t enter sensitive information, such as your credit card number or Social Security number, onto websites while using public Wi-Fi.

2. Gift card scams

Rather than going after your credit or debit card information, some scammers want your gift cards. One red flag to watch out for: When you’re making a purchase on a website or over the phone and the seller takes only gift cards from other retailers — like an iTunes or Google Play gift card — for payment, that’s a sign of trouble.

Paying with a gift card can leave you vulnerable because there’s little protection if a vendor doesn’t hold up its end of the deal. “People should use their credit cards for purchases, because they have the most protections,” says Lisa Weintraub Schifferle, staff attorney at the Federal Trade Commission.

Tip: Avoid retailers that require payment via gift cards from another company.

3. Phishing websites and emails

You get an email from a relative with a dancing Santa, or enter your information on a website that promises the lowest price on big-ticket electronics — if you create an account. But when you click on that Santa’s tummy or make an account to get that coupon, your info could be in the hands of scammers.

“Thieves are designing their nefarious activity to capture info about you that you may think is not that big of a deal,” Velasquez says.

Exposing your information to a sketchy website can leave you vulnerable to identity theft down the road, Velasquez says. If you use the same login credentials for multiple accounts, for example, a scammer could use that information to get into your email or bank account.

Tip: Be careful where you click, and use different login credentials for different websites. Shop only on sites that have an “https” at the beginning of the url, which means the website is secure.

Sean Pyles is a personal finance writer at NerdWallet. His work has appeared in The New York Times, USA Today and more. © Copyright 2018 NerdWallet, Inc. All Rights Reserved