GOLDEN VALLEY - Despite the warnings it continues to happen. People are victims of online phishing attacks.

A recent survey published in USA TODAY by DomainTools found two in five U.S. consumers have been victims. And with the holiday shopping season near, local cyber security experts say there are ways to avoid getting scammed.

Bryce Austin, author of “Secure Enough,” wants to help consumers rest easier this holiday season. He recommends paying attention to the gift cards you purchase. Austin says criminals are removing the stickers from gift cards hanging on store shelves, snapping pictures and covering the gift cards with fake stickers.

“They stick the (fake sticker) on there and they wait for you to purchase it. They use that gift card to make an online purchase. The reason it works is because they are buying the gift card now and stealing the number,” he said. “This is the busiest shopping season of the year. Cyber criminals want to take advantage of the fact they have more credit cards and more gift cards and more ways they can steal our hard-earned money.”

Stealing the number. Put it back on the shelf with a fake sticker.

How do you avoid this scam? Austin says the answer is simple.

“If you have to buy one in person, I recommend you get one from the back of the card (stand) or ask one of the associates to get you one from the back room that hasn't been sitting in the retail space for a length of time,” he said.

Austin also says purchase gift cards from a retailer's website.

“I emphasize from their website because if you get an email that says, ‘Please buy our gift card, here is a promo,’ that could be a fake site,” he said.

Austin says make these practices shopping habits. Beyond gift card purchases, he says, watch how you spend in line.

“I am a big fan of not pulling out your credit card when you make a purchase. If someone is nearby they can take a picture of that card. Your smartphone is your friend. If you use Apple Pay or Samsung pay, that uses a code off your phone. Your phone never displays what the credit card is,” he said. “Most people just can't use the phone to make a purchase. You have to put your thumb on it or type a code on it.”

Austin, a former group manager at Target during the data breach, says these simple steps can help you avoid a cybersecurity crisis this holiday season.

“If we don't buy gift cards from an email that someone sends us but goes to (retailers) website, if we are careful to make sure nobody is looking over our shoulder,” he said. “People will be secure enough. Some of it is about common sense.”