It’s called personal information for a reason.

Two-thirds of Americans who shop online have stored their credit or debit card information online, typically on an online shopping site so they don’t have to pull out their card later on when they shop on that site, according to a survey released Thursday by credit card comparison site CreditCards.com. And 1 in 10 say they store their card information online on a website any chance they can.

That’s not smart, says CreditCards.com senior industry analyst Matt Schulz: It can make it easier for fraudsters — who hack into websites to steal credit card numbers that they then use to purchase other merchandise — to steal the information.

Indeed, so-called card-not-present fraud — which is when thieves get your card number and use it, versus them stealing your physical card — hit roughly $4 billion in 2016, and will rise to $7.2 billion by 2020, according to consulting firm Aite Group. Nearly half (46%) of Americans have been the victim of card fraud in the past five years.

Of course, you often don’t have to pay out-of-pocket if your credit card is breached, most banks have a zero liability policy for card fraud victims. But you will have to deal with the hassle of reporting the incident. And there are other potential headaches as well. If the fraudster takes money from your debit card linked to your bank account, you may not have the money to pay bills until the bank figures this out.

Another big reason you should avoid storing your information online? It can make it more likely for you to make impulse purchases. Indeed, frugal blogger Liz Frugalwoods notes that having to enter your card information manually into a site give you time to question whether you really need the item, which can help you spend less.

While you can’t stop yourself from becoming a victim of card fraud simply by not saving your card information online, that’s a step in the right direction, experts say. Here are a few others tips:

  1. Be smart about where you shop. “Try to shop only reputable, well established online sites,” says cybersecurity expert Andrew Newman, the the CEO and founder of Reason Core Security, who notes that he does almost all his shopping on Amazon. And “when in doubt don’t give it out,” says Schulz. That means if a website seems like it might be shady — read this Moneyish story to figure out how to tell  — shop somewhere else.
  2. Review your credit card statements regularly, says Newman. This can alert you to a fraud you might not have even realized occurred.
  3. Get automated alerts. “Arrange for your financial institutions to send you alerts (e-mail, text, phone call) when anomalous activity occurs, such as a purchase made in two countries only a few hours apart, or any purchase over a certain amount,” says Robert Siciliano, CEO of IDTheftSecurity.com.