Whether you check social media, read email, or do most anything online, your internet behavior can put you at risk. Hackers and scammers take advantage of your online movements to get your financial data and other sensitive information to use for their gain, at your pain. To stay safe and protect your identity, make sure you avoid these everyday habits that leave you vulnerable online.

  1. You use the same password for multiple accounts

You already know that your passwords should be strong, duh. But besides using long combinations of random numbers, letters, and symbols, you should also make each password you use unique to that account. If you use the same password for multiple accounts, a hacker who gains access to one account also has access to your other accounts. So keep separate passwords and change them every few months. Sound like too much to remember? Some great options include LastPass or Dashlane.

  1. You overshare on social media

It’s easier than ever to share details of your life, but all that social media sharing can leave you vulnerable to identity thieves, who can piece together information you share to crack your passwords and answers to security questions. Disable location sharing, don’t reveal your birthday or the first concert you attended, and give a second thought to telling the world you’re on vacation. It’s always better to post after you’ve returned! There’s nothing worse than advertising that your home is unattended from this date to that date.

  1. You regularly connect to public Wi-Fi

Although you may enjoy setting up a makeshift office in a coffee shop equipped with Wi-Fi, tread very carefully. Public Wi-Fi networks make it easy for hackers to see everything you do while you use the connection. If you must use public Wi-Fi, never log into banks or social media accounts, and consider using a virtual private network (VPN) to protect your sensitive data. VPNs act like a tunnel around your information so potential thieves cannot see all your data.

  1. You immediately open unfamiliar email

If you don’t think twice before opening an email (or attachment) from an unfamiliar sender, you put yourself at serious risk of phishing. Phishers are scammers who send emails containing links or attachments that, once you click on them, can trick you into revealing your login information or infect your computer with malware or ransomware.

Be mindful before opening any unusual emails, and pause before clicking on links or attachments that seem suspect. Before you click on a link that appears to be from your bank, for example, go directly to your bank’s website or call your bank to determine if the email is legitimate.

Or, if you’re using a desktop computer, hover your pointer over the link and see where it really redirects to.

  1. You accept invitations to connect from strangers

Although online platforms offer legitimate professional networking opportunities, be wary of impulsively accepting invitations and requests from strangers. Cyberstalkers can use social networks to gain information on potential victims and send unwanted messages. Before you add a stranger to your social networks, take a good look at his or her profile and consider the risk. It can be easy to assume you’ve simply forgotten that person from a brief interaction at a networking event, but that’s why looking closely at their profile will help you weed out the scammers from the real people.

  1. You rely on autofill

When you’re logging in to an account or doing online shopping, autofill and autocomplete features can save a ton of time. But storing your data makes it seriously vulnerable to cybercriminals. Make sure you disable autofill on your browser, and take the extra time to manually type in your credit card number each time you buy something. It may seem like a hassle now, but it’s a breeze compared to dealing with identity theft. Trust us.

  1. You overlook your old accounts

Whether you have to create a username and password to read a random article or try a yoga class at a new studio, it’s easy to rack up a large number of online accounts. But having your personal information stored on multiple unused accounts can put your data at risk. Keep track of every new online account you open, and delete any accounts you no longer use. Doing so will ensure that only the companies and platforms that you’re active on will have access to your data.

  1. You leave your computer unattended

Some criminals are more low-tech. If you regularly leave your computer, phone, or tablet unattended, you put your information at risk. Even leaving your devices unattended while you go to the restroom or get coffee can leave you vulnerable. The United States Computer Emergency Readiness Team (US-CERT) recommends you lock your computer any time you’re away from it. Protect your devices with a password that you must enter each time, and close your laptop’s lid (or put it to sleep) when you step away from it.