1. Not Updating the OS and Browser
One of the easiest ways to stay protected when surfing the web is to make sure the operating system and browser are up to date, says Robert Siciliano, identity theft expert for bestIDtheftcompanys.com.
"When you don't update your operating system, critical security patches are outdated which makes devices vulnerable to fraud."
Having the latest web browser, whether it's Internet Explorer, FireFox or Safari, also extends protection.
Siciliano also recommends users make sure all their anti-virus, anti-malware and firewall software is current.
2. Not Being Picky
Everyone wants a deal, but compromising your identity won't be worth saving a few extra dollars by using an unsafe website.
"A big worry for consumers should be the threat of watering holes," says Neal O'Farrell, executive director of The Identity Theft Council. "These are websites that have been infected with malware because of unpatched vulnerabilities."
He says an easy way to stay safe when shopping online is to use a free browser security tools that check the security of a website before you click on it. He pointed to McAfee Site Advisor as a tool available to consumers. "These tools should be standard for all surfers, yet most are not aware of them even though many antivirus companies offer them free."
3. Always Using the Same Password
It's hard to remember every username and password, but resist the temptation to make one general log in for all your frequented websites.
"The real problem occurs when people use the same user name and password on their banking site as they do on some small shopping site," says Schwartz.
Social networks have become online brag books, and that's risky business since we often share information that is commonly used in security questions.
"What makes people vulnerable is they plug in information that can be used to crack a password reset," says Siciliano. Many websites ask for answers to knowledge-based questions such as your mother's maiden name, where you went to high school or your best friend's last name in case of an account lockout or password reset. Those answers are supposed to be personal, but are increasingly being revealed online.
"When you explain to the world your life, recognize that those explanations and those status updates can be used against you," warns Siciliano. "You might want to consider being more businesslike as opposed to being more personal on social networks."
5. Using Public Wi-Fi
Public Wi-Fi hot spots make it easier to check your email, surf the web and even transfer money from wherever you are, but they often aren't secure and tend to be easy for scammers to hack and steal your information.
Schwartz recommends never using public hot spots to conduct business or do any personal online. "Use your carrier cell signal or wait until you get home. It's way too easy for criminals to sniff out what's going on on a public Wi-Fi and capture information coming through."