Cybersecurity is an issue all year round, but you can do more than despair when you read about another major breach. According to Angela Orebaugh, assistant professor and director of cybersecurity and IT programs at the University of Virginia’s School of Continuing and Professional Studies, there are steps each of us can take to protect ourselves.

Here are five easy ones.

Change Settings on Your Smart Devices

Unsecured smart devices may be compromised by an attacker and used to launch other attacks, as shown in the 2016 Miria virus attack against DYN - a company that manages internet domain names, email and other web applications for other companies - that disrupted sites such as Twitter, Amazon and Netflix. The Miria virus created a botnet (a collection of compromised devices - computers, webcams and other smart devices - controlled by an attacker to perform malicious acts) installed with default usernames and passwords. Hackers control the botnets, which are frequently used for denial of service attacks that overwhelm the receiving server with a flood of connections, preventing new, legitimate connections from being made. Simply changing the default settings and enabling the security features of the devices can protect against these types of attacks.

Passwords Are Still a Problem. Make Them Strong

We’ve been talking about strong passwords for decades, but unfortunately many attacks are still the result of weak passwords. Many people use simple passwords and reuse the same passwords across multiple accounts. Complex passwords are great, but long passwords are even better. Counterintuitively, long passwords can be easier for the user to remember, but take longer for attacks to break. It is easier to remember “TwasthenightbeforeChristmas” than “Tgh12Rb!x.”

Password managers are great for people who have a lot of passwords to remember, which is most of us. Users only need to remember one strong password. The password manager can also automatically generated passwords for the user. Lastpass, 1Password and Dashlane are all good examples.

Suspect Everything!

Phishing attacks account for the majority of cyberattacks. Users continue to be the weakest link and are still very susceptible to fake emails with malicious links. Users should double-check the “From” email address, hover the mouse over the link to see the real URL, and when in doubt, call the sender to verify the email before clicking on anything.

Protect Your Bank Accounts by Using Credit Cards

Card skimming attacks have occurred on point-of-sale terminals in many places from gas stations to restaurants to hotels. Using credit cards instead of debit cards won’t stop the attack, but it can make the cleanup more manageable. If your debit card is compromised, empty bank accounts, bouncing checks and automatic bill payment can make cleanup a nightmare. Credit card companies are often easier to work with than banks in cases of fraud. For some people with a large number of automatic bill payments, it may be a good idea to set up a card just for bill payment and use a separate card for regular everyday use.

Backup, Several Places

Ransomware attacks, where a hacker prevents a user access to, or control of, his or her data, are one of the worst attacks for people who haven’t backed up their data. They are forced into paying a ransom for the key to be able to access their own data (with the hopes that the attackers will follow through). Users who have a backup can just restore from the most recent backup. Many online services do backup automatically. There are also options to backup locally on an external hard drive, then store the drive in a fireproof safe or safe deposit box.