You've got to stay safe online (and off, really). Please link this list to any loved ones who might fall prone to any scams, phising attacks, or bad actors.
Do not send anything via email that you wouldn't want a hacker to see, including:
Social Security Number
Credit Card Number
Drivers' License Number
Username/Password combination to ANY account
Photographs of IDs
PDFs or files containing any of the above information
If someone sends you something with sensitive information, if you reply, be sure to delete that information (usually below your response)
Avoid clicking links in emails.
If you receive an email from ANYONE asking you to click a link to log in, DO NOT CLICK IT. Open a new browser window and manually type the URL for the company and login yourself.
Any email can be forwarded; do not send emails you wouldn't want attributed to yourself.
Do not open attachments from anyone, even people you know, unless you were expecting it.
If an email feels even remotely fishy, trust your gut.
If you have a service that has it, turn on "dual factor authentication, "two factor authentication" (2FA), or "multi-factor authentication". This allows you to use your phone as an additional security measure to log-in to accounts.
Never, ever ever ever, use the same password for different services. EVER. Instead...
Use a "password manager" to securely store your passwords.
Ensure any passwords you use regularly are easy for you to remember, but hard to guess. Some hints:
Use a 4-5 word phrase you'd never read in a book or hear as a lyric
For example: pennies-water-speaker-lantern
Do not share your passwords with anyone.
Just because a website has the icon or starts with "https://" does not mean that it is who it says it is. Double check the actual domain name (eg, chase.com and not chose.com).
If your browser tells you you have a virus, you don't. Ever.
Unless you need it, and you know it's from a trusted source, do not install browser extentions.