Selling identity theft protection has become a big business. Consumers are constantly being offered different forms of identity theft protection online or through their banks or credit cards.  However, many of the most effective online identity theft prevention measures are free or cheap and do not require you to sign up for any special service. The following are five of the most effective.

Keep your operating system, browser and anti-virus software up-to-date
One avenue fraudsters can use to access your personal information is through malware that might infect your computer. To prevent such infections, it’s important to keep your operating system and web browser up-to-date. Similarly, it’s important to update and run your anti-virus software on a regular basis. If you don’t have anti-virus software, there are several good free programs (e.g., AVGMalwareBytes) as well as the standards (e.g., NortonMcAfee, etc.).

Check your credit report
All Americans are entitled to an annual free copy of their credit report. The FTC offers a good resource on this, and you can get your free report through Be sure to check your report at least once a year for suspicious items, and remember you shouldn’t have to pay for this.

Freeze your credit report
One of the dangers of identity theft is having new lines of credit taken out in your name. For the most part, this can be prevented by putting a freeze on your credit report. Freezing your credit report prevents potential creditors or other third parties from accessing your credit history and therefore issuing new lines of credit. Depending on your state, freezing your credit report is free for identity theft victims and around $10 for everyone else. The Consumers Union offers an excellent resource on this.

Use secure passwords
When choosing passwords for your bank account, email, and other sensitive information, be sure to use an intricate password that is not publicly available or easy for a fraudster to guess. Weak passwords include birthdays, common words, your mother’s maiden name, and the last four digits of your social security number. Strong passwords contain a mixture of letters, numbers and special characters (e.g., “?”, “!”, “#”, etc.). For critical accounts, it’s also a good idea to use a unique password, different from the passwords used for less important purposes.

Do your research before disclosing personal information
In general, it’s best to share as little personal information as possible online. However, if you do need to give out sensitive information like your credit card number or home address, it’s always best to verify that the recipient of the information is trustworthy. This can be done by checking reviews of unfamiliar websites before entering personal information and allows you to see if others have reported issues such as phishing. Other red flags to watch out for are personal information requests over email (generally not secure) and personal information request on pages without encryption or HTTPS. If you’re ever in doubt, it’s usually best to error on the side of caution.

And of course if you ever come across any suspicious sites, be sure to report fraud and scams on SiteJabber.

This post originally appeared on the National Cyber Security Alliance Blog.