Stephanie Carruthers, who is known on Twitter as @_sn0ww, is a professional hacker who helps clients find weaknesses before an actual attacker comes after them.
She sees mistakes people make all the time without even knowing it. The biggest one is posting pictures online without realizing what information they're giving away.
"Some new homeowners, post picture of their keys," Carruthers said. "What they don't realize is that an experienced attacker could make a physical duplicate of that key just based off the picture alone."
Paying attention to what's in the background and foreground of pictures is key.
"I've seen passwords written on Post-It notes stuck to laptops, WiFi passwords on whiteboards," she added.
In her experience, she finds that Facebook is the most vulnerable place for people's information.
"They show you who your friends are, who your family is, your co-workers, your employers, and your kids," Carruthers explained. "All kinds of information that can actually be answers to security reset questions."
Those little pieces of information can add up to a lot for hackers who are constantly looking for anything that will help them with their campaign, Carruthers said.
So what is the best thing you can do to minimize your risk? Lie.
"Lie on your security questions. When you're filling out a form to open a new account, you may get asked questions like what's your mother's maiden name or what street did you grow up on? You don't have to tell the truth," Carruthers explained.
The other big advice from Carruthers is to have good passwords habits — change your passwords often and don't use the same one for multiple places.
If you do find yourself to have been hacked, change your passwords immediately and start monitoring your credit to see how big of an impact the breach has on your information.