It seems like every week there’s a new report of a big company (or a smaller one) that has been hacked, with consumer data and/or credit card numbers now out in the wild. In many cases, the hackers who breach databases don’t use the data themselves. Often it is sold to others, possibly several times over. Risks abound with retailers and service providers, and of course, online. Big companies are frequent targets because of the sheer number of accounts that are available in their databases.

A common ruse targeting individuals is to send an email that looks like it is from a well-known company, encouraging you to log on and perhaps update your billing information. If well-made, the page where you arrive after clicking the email link will look exactly as you would expect, complete with a familiar logo and brand colors. Just that quickly, someone could have your name, address, password, and credit card information.

Computers can also be compromised through viruses, “free” software, and malicious software embedded on flash drives or phones.

To prevent access to your bank account due to breaches at retailers or service providers, some recommend utilizing a reloadable debit card for these transactions that limit the amount of money at risk. Consider the difference if a bad guy had access to your debit card that only had $100 available versus gaining access to the debit card tied to your bank account – the day before the mortgage and car payment are due. In many cases, there are ways to reverse the unauthorized charges – but expect some inconvenience while it all gets sorted out.

Online (and sometimes in person), consider carefully which companies really need your personal information. If there isn’t enough value in what is offered, maybe you don’t need to interact with some of those companies and put the security of your data into their hands.

Especially be aware of email attachments. On some operating systems, the default user is the administrator and software opened by the administrator, like a hidden virus, is automatically granted permission to make changes to the system. Most large businesses don’t send attachments to customers by email. Regard attachments with suspicion. If an email asks you to click a link to “update your account details”, you are safer going directly to the corporate website and checking the status of your account there instead of clicking the email link.