TORONTO -- With rates of cybercrime targeting Canadians on the rise, experts warn that the upcoming holiday season could be the most dangerous and costly yet for consumers.

According to new research from cybersecurity firm McAfee, 33 per cent of Canadians have lost $500 or more in online scams so far this year, with an additional 40 per cent having been exposed to online phishing scams.

But McAfee’s experts warn that cyber criminals are becoming more sophisticated in their tactics, targeting apps that store nearly all of our personal information, including credit card data, billing information, and account passwords.

“This adds a layer of complexity to cybersecurity that consumers didn’t face years ago and adding to the potential of that information being used for malicious activity sometime in the future,” warns the report.

Another new trend impacting Canadians are phony gift cards -- an issue one-third of consumers admitted to being unaware of.

Worse yet, 36 per cent of those surveyed admitted to not checking an email sender or retailer’s website for authenticity before making an online purchase.

“While most consumers believe that cyber-scams become more prevalent during the holiday season, a third don’t actually take any steps to change their online behavior,” Gary Davis, Chief Consumer Security Evangelist at McAfee, said in a press release.

“It is crucial that we are mindful of potential risks and take the proper steps to protect ourselves this holiday season.”

Stop using the same passwords for every online account

One of the easiest ways to fall victim to a data breach is to re-use your passwords. One hack can gift criminals with thousands of passwords, which they can use to try to access multiple accounts.

While you’re at it, make sure your passwords are secure.

Experts say passwords that use eight to 10 upper- and lower-case letters mixed with numbers are proven to be more secure. When choosing numbers to add to your password, be sure not to use anything that is easily identifiable, such as your address or date of birth.

Make sure the website you are ordering from is legitimate

A common trick cybercriminals use to trick people into handing over their credit card information is to set up a fake website that mimics a real retailer.

Before entering any personal information, make sure to double check the URL in your web browser. Often times, these websites will look nearly identical to popular shopping sites, but might misspell the retailer name in the web address.

Also be sure to check for a secure connection before checking out.

Sites with a secure connection will display a lock symbol in the left hand side of the URL bar in your web browser. Secure sites will also start with “https” (the “s” stands for secure).

Check links before clicking

As the McAfee report notes, scammers will often send phishing emails targeting consumers. Before you click on any links in a suspicious email -- especially those with offers that seem too good to be true -- hover your mouse over the link to check the URL using the steps above.