5. Be wary of "phishing" attacks: "Any time you see a link in an email, be wary," Rasch said. "The problem is these are all games of abuse of trust. They want you to trust the email so you'll click the link. If they've compromised your best friend's email, you're going to get an email from your best friend."
A good rule is: When in doubt, type it out. Although the URL may look trustworthy, con men hide bad links in hyperlinks. "If you type in the thing yourself, you'll be able to see if that email was real or not," Hilbert said.
In general, read the URL and use a common sense approach. If it says ".ru" instead of ".com," ask yourself, "Does it make sense that my bank site is being hosted in Russia?"
6. Pay attention to misspellings: If the site doesn't look right, check your spelling. If you spell Google or Disney wrong, you might not be in the right place. "People buy those domains and monetize off of those. They make money if you click on a link and it takes you someplace else," Hilbert said.
7. Understand how your data is shared: Although you might have provided your contact information to your local supermarket, they might not be the ones storing that information. Many companies outsource that kind of storage to a third party. "The answer is not to say, 'I will never use the Internet'. The answer is to say, 'I'm going to hold the companies I do business with, both online and offline, accountable for their actions," Hilbert told ABC News.
8. Try to use one credit card for online purchases: This way, if your information is compromised, you know exactly which card is breached. If you are notified of a breach, get a new card. Although your credit card company might offer monitoring services, you will be safer getting a new card, especially if you only have one credit card.
9. If breached, change the password and security questions: Many people simply change their passwords if they believe there accounts have been compromised. Make sure you also change the security question that many sites ask in conjunction with a password. Use common sense, if you talk about your current pet on social networks, it might not be best to use its name as the answer to your security questions.