Identity theft affects more than 15 million US citizens every year, with financial losses exceeding $15 billion. In 2017 alone, there were more than 1,500 data breaches, which exposed nearly 180 million records. While there is not a lot you can do personally about corporate or government data breaches, large breaches are not the only ways in which hackers and scammers can steal either your personal information or your identity. Recovering from identity theft can be a long, agonizing process that can cost everything from lost job opportunities to even broken relationships. Here are 5 ways to protect yourself from identity theft.

1. Protect Your Devices

Today’s devices act as a gateway to your most sensitive financial data. If a thief or hacker can gain access to your laptop or mobile device, it can give them almost unlimited access to all of your most sensitive personal data – as well as direct access to your finances. Here are some ways to protect your devices

Use security software and update it regularly.

Do updates on operating systems as soon as they are available. Many of the updates involve patches for security breaches.

Install or use a firewall to provide additional protection against breaches.

Install and use an anti-spyware program.

Never download or upload files from unknown sources or from unknown websites.

2. Manage Your Passwords Responsibly

While gaining access to your laptop or mobile device can help scalpers or thieves bypass your passwords entirely, they can still gain access to a number of different types of accounts – and the information contained therein – if they can just steal your password. Many people use the same login and password on a variety of sites for ease of use. This is a mistake. While your e-mail account may not contain a lot of sensitive personal data, if you use your same password for your e-mail account and bank account, then all a thief has to do is get your e-mail account login and password and they have access to your banking information as well. Here are some ways to keep your data safe by managing your password well.

Never use the same password on more than one account.

Use a strong password manager that can generate random passwords and fill them in for you at login.

Make sure your passwords always contain a good mix of letters, numbers and symbols and are more than 10 characters.

Enable multi-factor authentication whenever possible. This will alert you if anyone is trying to access your account.

3. Learn to RecognizeThe Sigs of a Phishing Scam

Be careful of clicking any links that are sent to you in e-mails, even if they appear to come from a reputable source. Many phishing scams will set up fake accounts using a well known brand. If you receive any e-mails asking for you to enter any kind of personal data or log into your account, always use a browser to go directly to the business website rather than using a link to click through. Reputable businesses will never ask you for personal information, with the possible exception of the last 4 digits of your social security number or to verify your name and address. Phishing scams will also sometimes offer you money or a job or claim you have been awarded some kind of prize or an inheritance of some kind. Be wary of any e-mails which contain poor grammar or seem a little too eager to have you contact them. Legitimate businesses generally have more contact information for you than just your e-mail address, so if they really need to contact you, they have other ways of doing it.

4. Use a VPN

Using public unsecured Wi-Fi is dangerous and can make you incredibly vulnerable to attack, but even your own paid service provider can sell your browsing history. If you do have to use public Wi-Fi always make sure to you use a reliable and reputable service that can create a virtual private network for you and your data. A good VPN service will not only encrypt your data before sending it, but also create a secure “tunnel” for your data to travel through so not even your own service provider can see it. Keep in mind, however, that even VPN services themselves can sometimes be scams. Always do your research before signing up for or accessing a VPN service to make sure they are truly a reputable service.

5. Be Careful What You Share on Social Media

Social media can be a virtual treasure trove of personal details and information that can be used to access your data. Many websites use personal questions to help secure your data, but if you make this kind of information readily available on social media it completely defeats the purpose. In addition, you should regularly do a search for yourself on social media sites to see if anyone has set up a duplicate account in your name. This is one of many ways in which identity thieves can gather personal information about you.

While identity theft and data breaches continue to be an ongoing problem, the good news is that laws are rapidly changing to protect the victims of identity theft and make it easier for them to repair the damage caused by thieves. This does not mean, however, the it’s not just as important as ever to protect your own information and your privacy. While no one can ever make themselves 100% secure from compromise, there are certainly a great number of things you can do to decrease your vulnerability.