" We expose our most sensitive personal information any time we
Pick up a phone, respond to a text, click on a link, or carelessly provide personal information to someone we don’t know;
Fail to properly secure computers or devices;
Create easy-to-crack passwords;
Discard, rather than shred, documents that contain PII;
Respond to an email that directs us to call a number we can’t independently confirm, or complete an attachment that asks for our PII in an insecure environment;
Save our user ID or password on a website or in an app as a shortcut for future logins;
Use the same user ID or password throughout our financial, social networking, and email universes;
Take [online] quizzes that subtly ask for information we’ve provided as the answers to security questions on various websites.
Snap pictures with our smartphone or digital camera without disabling the geotagging function;
Use our email address as a user name/ID, if we have the option to change it;
Use PINS like 1234 or a birthday;
Go twenty-four hours without reviewing our bank and credit card accounts to make absolutely sure that every transaction we see is familiar;
Fail to enroll in free transactional monitoring programs offered by banks, credit unions, and credit card providers that notify us every time there is any activity in our accounts;
Use a free Wi-Fi network [i.e. cafés or even airports] without confirming it is correctly identified and secure, to check email or access financial services websites that contain our sensitive data. "
― Adam Levin , Swiped: How to Protect Yourself in a World Full of Scammers, Phishers, and Identity Thieves