The worst is yet to come.

So say computer security experts as the global tide of infections from WannaCry ransomware appears to have ebbed. Hundreds of thousands of computer users, ranging from the National Health Service in Britain to gas stations in China, have been attacked by the software which forcibly encrypts victims’ data until a ransom is paid.

“It wasn’t unexpected at all,” says Ryan Kalember, senior vice president of cybersecurity strategy at Proofpoint, a Silicon Valley information security outfit. The security exploit that WannaCry fed off was detected months ago and Microsoft has had a patch out for some time. “Everybody in the information security world has predicted for some time that this would be turned into a worm,” he says.

Damage appears to have been relatively limited because the hackers behind WannaCry seem primarily interested in money. “There are attacks that could have been much worse,” says Kalember, who thinks hackers could have opted to brick—or render completely useless— computers, as has happened in Saudi Arabia and South Korea. WannaCry also didn’t hit critical infrastructure like a power grid, which many consider to be the worst possible outcome.

Of course, malicious software isn’t the only way users can be harmed. As the virus proliferated on Friday, the Federal Trade Commission announced an operation targeting tech support scams that trick users into thinking their computer has been infected by malware. Popups telling individuals that they’ve downloaded a virus— even though they haven’t— are common across the internet, leading some unsuspecting users to pay for unnecessary fixes.

Americans are especially lucrative targets for these schemes. According to Symantec’s 2017 Internet Security Threat Report, 64% of Americans indicated willingness to pay off ransomware hackers, the highest proportion in any country. Disney chief exec Bob Iger said Monday that hackers claimed to have stolen an upcoming movie from the studio and were asking for ransom in order for the film not to be released— a demand the media giant will not accede to. Netflix recently had episodes of a new “Orange Is the New Black” season leaked by hackers because it refused to pay ransom. Such attacks grew by between 5.5% to 10.5% in the second half of 2016, data from Check Point Software Technologies show.

Though further attacks are probably inevitable, there are some basic steps users can take to mitigate their effects.

  1. Use the most updated version of software available. “Try not to run out-of-date technology,” Kalember says. “The organizations that were hit by WannaCry had two solid months to apply the patches.”
  2. Be wary when opening attachments. Many attacks are now based off “social engineering” that tricks users into opening dangerous files. “Even if an attachment is from someone you know, be careful,” says Engin Kirda, a tech professor at Northeastern University. The net security specialist advises users to initially open PDFs in Google Docs instead of downloading it to your hard drive.
  3. Backup your data, because it reduces the chance you’ll have to ever pay a ransom. “Don’t just have your backup on a drive mounted to your computer because the software can attack that too,” warns Kirda. “Store it on a cloud or even offline so you’ll still have copies left.”
  4. Don’t panic if you’ve fallen victim to WannaCry. “In many cases, there are publicly available decryption tools that can help you,” says Kalember. For instance, Kaspersky Lab has announced that it is working on a decrypter to help victims of the attack. The premium version of Malwarebytes also protects against WannaCry.