If you're like many computer users, you don't jump to update your software when it's time. And that's a big mistake.

Your computer runs all kinds of software, from Microsoft Office to Adobe products to anti-virus programs. Having outdated versions of this software could leave security holes hackers can use to get into your computer and steal your sensitive information or even take over your machine.

Unfortunately, you can’t trust all the messages you see about updating your software. Here's how to avoid getting played by malicious "update" notices.

Related: 5 Ways to Avoid Computer Viruses

Ignore online updates

If you come across a website that purports to have a security update for your application and it’s not the developer’s homepage, run. Savvy hackers design fake download pages, ask you to update your applications and trick you into installing fake updates that allow them to infect your computer or steal your data.

Take, for example, the infamous Flashback Trojan horse that masqueraded as an update to Adobe’s Flash. According to reports, more than 600,000 Mac users mistakenly installed the fake update in 2011, providing a digital superhighway for hackers to send to infected computers any kind of malware they wanted.

As a rule, developers don’t share their update downloads on a third-party site. They tend to push them directly to their apps as automatic updates within the software. When in doubt, head to the developer’s site and see if the update was released. If so, you can have some peace of mind knowing you’re downloading a legitimate security patch.

Trust, but verify, pop-ups

One of the nice things about security updates is that in most cases, they’re automatically offered to you as a pop-up in the software. You’ve undoubtedly been deluged by pop-ups from a slew of applications, including Adobe’s Flash or anti-virus software, to update immediately to protect yourself. And in many cases, you have nothing to fear by doing so.

Trusting pop-ups isn’t necessarily a bad thing, as long as you verify by going to the developer’s website that they are real.

Related: Your Email Got Hacked — Now What?

Be wary of software updates via email

No reputable developer would send a software update via email. That email you received is called a phishing attack and it has one goal: To get you to download dangerous software that will wreak havoc on your machine.

Hackers attempt to mimic the design of developer’s emails, but they add a wrinkle: As soon as you click on a link, you’ll be brought to a fake site that will download malware to take over your computer.

The easy way to update everything

There is a simple way to check which updates your computer needs. On a Mac, go to the Mac App Store and click on the "Updates" tab. (Or choose the "Software Update drop-down under the Apple icon.) Apple will check to see if new versions are available of the software you've downloaded from the App Store. If so, you can quickly (and safely) update them. On a PC, follow a similar process in the Windows 10 software store to see if there are new versions of your programs.

Why update software if there are risks?

You’re only as safe as the least-secure application running on your computer. If you’re militant about updating your operating system but don’t want to bother updating Microsoft Office, Adobe Flash or other third-party applications, you can easily fall victim to a malware attack.

Hackers are counting on you to leave a software program unpatched, and they’re ready to jump through that hole with something evil. In most cases, their attacks attempt to gain administrator privileges to your computer, allowing them to do whatever they want.

Be vigilant against threats to your cybersecurity. A single misstep may mean the difference between protecting your sensitive information and having it stolen by hackers.

Related: How to Save Your Data When Your Hard Drive Crashes

Don Reisinger is a longtime technology journalist and product reviewer.