'I'm a data expert: here are 6 things I'd never do with my personal information'

Clicking a button, logging into a website and placing an online order are all examples of when you share your data online.

While sharing data isn’t inherently bad, it can leave you vulnerable to scams and identity theft (as well as leading to a bombardment of adverts) if you're not careful.

Limiting how much data you give away can be a sensible way of ensuring your personal and financial information remains private.

As a data and scams expert, here are six things I avoid doing, to protect my personal information online.

1. Use default browser settings

When you search online, your browser, such as Google Chrome or Safari, collects information about you.

This information is collected through cookies, which are files about your browsing history and behaviour, such as login details and items you’ve clicked on. 

Cookies can sometimes be useful (remembering your preferences for websites you revisit regularly, for example). However, this data can also be viewed by advertisers (third parties) or hackers if they manage to infiltrate systems.

Browsers do offer the option of blocking third-party cookies via their settings, where you can also delete your browsing history. Changing these settings will ensure your information remains private.

Alternatively, you can use a virtual private network (VPN), which can hide your online activity from third parties such as websites and cybercriminals. Some of these may generate profit by selling your data to advertisers, so check the VPN's privacy policy to ensure it's one that doesn’t sell your data.

• Read more: how to boost your browser privacy

2. Recycle old devices without wiping my data

When upgrading your phone, laptop or tablet, it's important to delete the data on your old device before recycling it.

But recent research from the Information Commissioner’s Office (ICO) found that three in 10 UK adults don’t know how to wipe their personal information from an old device or tech product.

The fastest way to wipe any data on devices such as phones and laptops is to 'restore to factory settings' (first making sure you move across any data you don't want to lose).

This reset will return the device to the state in which you bought it.

• Find out more: my personal data has been lost after a breach, what are my rights?

3. Ignore software updates

Don't ignore software or operating system updates on your personal devices.

These updates help to mitigate against malicious threats to your data. Without the security patches, hackers can exploit vulnerabilities in your device's software.

It's worth running these updates promptly too - the security risks increase the longer your device is out of the update cycle.

• Read more: check for how long your phone will receive security updates

4. Overshare on social media

Oversharing on social media accounts - particularly if they aren’t private - can provide a goldmine of data for scammers.

Cybercriminals can use this personal information to create more convincing scams specifically targeted at you. This is known as spear-phishing.

To better protect your information, it's worth making your social media profiles private. Be wary of sharing personal details, such as where you live or details about your family members, on your account too.

You should also be suspicious of anyone you don’t know messaging you or trying to become your friend, as scammers have been known to use these tactics to target victims.

5. Click on random links

If you receive an out-of-the-blue email or text message, think twice before clicking on any links within it.

Scam messages often include links to malicious websites that will phish for your personal data or download malware to your device.

When you enter your personal data - such as your name, email address, home address and phone number - into insecure sites, fraudsters can steal that information and sell it on the dark web. You’ll then be vulnerable to identity fraud.

• Read more: how to spot a scam email and scam text

6. Reuse the same passwords

Reusing the same password for multiple online accounts might make it easier to remember your login details, but it also makes you vulnerable.

Hackers use a method called credential stuffing, which is where they gain access (typically through a data breach) to a username and password combination.

They then use this combination to try to log in to other websites and accounts using automated software.

To avoid this happening, it's important to use a different password for every online account you have.

Don't use any personal information in your passwords and always opt for two-factor authentication where it's available.

You can also use a password manager to help you keep track of your different login details.

• Read more: how to create secure passwords