To err is human, but to ignore the slip-ups others make could cost you your business. Nearly 60% of small businesses who suffer a cyberattack fold within six months. If you want to avoid becoming part of that statistic, it’s important to learn from the missteps other businesses made. Take a look at these common cybersecurity mistakes to see if your business is in danger of making the same errors.  

Mistake #1: Thinking you’re too small to get hacked.

Nearly half of all cyberattacks target small businesses. It’s because they can be an easy mark. Smaller shops often have assets like customer data and financial records that attract hackers. Plus they may not have the sophisticated cyber protection systems larger businesses use.

Take the first step by increasing your awareness of cyberthreats. Start with this quick, 30-minute online course offered by the Small Business Administration. It’s free.

Mistake #2: Relying only on antivirus software.

Antivirus software is a great way to prevent cybercrime, assuming you keep it updated. But it shouldn’t be your only line of defense. You want to build in several layers of protection.

For example, are you using the firewall that comes with your operating system? Doing so adds another roadblock to would-be attackers. Another option is to encrypt the information going in and out of your business using a Virtual Private Network (VPN). This is especially important if you or your staff connect to your system remotely.

Mistake #3: Clicking on an email link from a “familiar” sender.

One of the newest ways hackers can breach your system is disguising themselves as someone you know and trust. It’s called phishing and here’s how it works. You get an email from a supplier saying they’re experiencing problems with your last order and need you to reenter your password. The problem is, the email looks like it’s from your supplier—but it’s not. When you click on the fake link, the hacker will learn your password and breach your account.

How can you spot a phishing attempt? It might be as simple as double-checking the email address. It might be [email protected] instead of the real one, [email protected]. Here are some more tips from the Federal Trade Commission.

Mistake #4: Connecting to an unsecured Wi-Fi network.

Say you stop for coffee and get a phone call from a customer asking about their order. So you log into your system using the shop’s public Wi-Fi. The problem is, someone may be on the same network watching you. Not only will they see your login information but they get access to your customer’s information too. Some criminals even set up look-alike Wi-Fi networks. It looks like the place you’re at but it’s really the hacker’s network.

There are alternatives to public Wi-Fi. Some internet providers have a network of secure hotspots you can access as part of their service. Another option is to use your cellular connection. Or you might be able to use your cellphone as a hotspot so you can connect on your laptop.

Mistake #5: Ignoring threats from inside your business.

Cybersecurity isn’t just about preventing outsiders from getting in. It’s also about preventing abuse from the inside. Nearly half of data breaches were caused by a negligent employee or contractor.

Training can create a human firewall to address this issue. Entrepreneur suggests you focus on: identifying and reporting threats, password security, internet/email/social media policies. Here’s a list of 10, free cybersecurity courses you could make available to your staff. Or sign-up to receive a daily email with a new security tip, then share it with employees.

Avoid costly cybersecurity mistakes made by other small businesses. Use them as an opportunity to proactively tackle common threats—before they sack your business.