As shoppers whip out the plastic for online deals, the holiday angst only heightens when it comes to threats to your credit card accounts and other personal information.
Even consumers who shop online through a major retailer, like Macy's, can fall victim to some of these incredible hacking incidents.
During a one-week period in early October, for example, sophisticated intruders targeted online shoppers at Macys.com to secretly collect addresses, emails, names, credit card numbers and other personal information.
As a shopper, you would have had no idea there was any sort of trouble when you used your card to buy merchandise. Later down the line, though, you likely received a letter from Macy's explaining that you were a victim of this limited data breach.
The Macy's breach mirrors a proliferation of specific e-skimming attacks outlined earlier by the Federal Bureau of Investigation.
The FBI said in October, before news of the Macy's breach broke in November, that the bureau was seeing a number of e-skimming cases open up.
The danger of this latest cyber attack: Cyber criminals are getting our data in real time, which can make that information more valuable in the underground market.
Such theft can happen whether you're buying something online through a legitimate website or mobile app.
"We are aware of a highly sophisticated and targeted data security incident related to Macys.com that affected a small number of customers during a one-week period in October," according to an emailed response from a Macy's spokesperson.
"Our security teams quickly engaged a leading forensic firm to remove the threat," according to Macy's.