Artificial IntelligenceCryptocurrencyMetaverseCybersecurityTech Forward

Five things to know to avoid getting hacked

September 25, 2015, 11:57 PM UTC
Silhouette of male hand typing on laptop keyboard at night
Photograph by Rafe Swan — Getty Images/Cultura RF

Cyber attacks are now so common that many people are desensitized about the danger of their personal data falling in the hands of criminals.

That’s one of the takeaways from a report this week by security firm Trend Micro (TYO), which analyzed a decade’s worth of data breaches. The researchers found that businesses are at greater risk of hackings as they grow their online presence while hackers can more easily profit from stolen data.

The company examined over 4,600 data breaches logged by the nonprofit Privacy Rights Clearinghouse since 2005. These intrusions include the high profile hacks on Target (TGT), Kim Kardashian’s website, and on the adultery website Ashley Madison.

Here are five of the most interesting findings from the report:

1. Hackers love to attack the healthcare industry

The healthcare industry leads the way as a hacking target, followed by government and retailers. Healthcare records include a trove of personal data that criminals can use to commit fraud. With Social Security numbers, addresses, and birth dates, criminals can easily access financial records, apply for loans, and collect tax refunds. Over the summer, for example, criminals hacked the Internal Revenue Service and filed for bogus tax refunds using the data they stole.

2. Credit card data breaches have skyrocketed 169% over the past five years

Since 2010, criminals have increasingly stolen credit and debit card information by rigging ATM machines and gas pumps with small electronic devices known as skimmers, and by tampering with point-of-sale terminals in retail stores. For example, Hackers infiltrated Target in late 2013 by installing malware on the retail giant’s digital cash registers.

3. Malware is the most commonly used tool by hackers

If you get a suspicious looking email in your inbox claiming to come from your bank, don’t click on any links in it. You could get malware on your computer. Once it is installed on a machine, a hacker can then easily break into files and steal data. This so-called phishing scheme is an example of how hackers try to access their victims’ computers without having physical access. Malicious software like worms is still the top way hackers steal data over the Internet.

4. Stolen online account information can now be found all over the web

Criminals often sell stolen data like healthcare records or tax information to third parties on the so-called deep web, those parts of the Internet that can’t be found in popular search engines. Trend Micro discovered, however, that people’s PayPal, eBay, Facebook, FedEx, Netflix, and Amazon accounts are also being traded there. A stolen online account may not seem as big of a deal as a stolen health file, but it’s enough for a criminal to do some damage. For example, a criminal can use a stolen Facebook account to access other sites that require Facebook logins. From there, a criminal can steal sensitive data that may be found on another website. In the case of the ride-sharing app Uber, criminals can order a cab using a stolen account and bill the real account holder for the ride.

5. Losing your computer or phone puts you at a higher risk of a data breach

Although criminals love tricking people to install malicious software on their computers, they are much more likely to steal sensitive information if they can get their hands on an actual device. Stolen or lost computers, mobile phones, USB drives, and other hardware leads the list for how criminals steal data. Hacking attacks like phishing schemes are second on the list.

Subscribe to Data Sheet, Fortune’s daily newsletter on the business of technology.

For more on cyber security, check out the following Fortune video: