• Use secure Wi-Fi connections.
• Check your privacy settings on social media.
• Be cautious about personal information you post online.
• Be suspicious of unusual emails, especially from people you don't know.
While the above tips will definitely help, they're not enough to be safe on the internet as you're at the mercy of providers and tech vendors that you interact with doing the right thing too.
Even if you take all the above precautions, and you should, you could still be unprotected because:
Unless you're a coder, you rely on the device or software vendor to provide updates. Device vendors especially tend to provide updates for a limited time only, if at all (cheaper hardware is often never updated); there's no guarantee either that the updates are any good. You also don't know if the provider you connect to has updated their software. Sometimes they don't, because updates can break stuff, or the providers are clueless.
When even companies such as Yahoo who have been around since the inception of the internet get hacked and user data is stolen, strong passwords will only go so far. Is the site you connect to protected with strong, updated HTTPS encryption technology to stop user credentials from being leaked? Further protection with two-factor authentication for instance is a must.
Not many people know what "secure Wi-Fi" means, or even care about it. Apple has started to warn about open, insecure Wi-Fi in iPhones and iPad, and pay attention to that. Use one of those networks, and everyone on it will see your device and the traffic it generates. It might not be a super hacker listening in, but it could be malware automatically intercepting your data. Don't trust unknown Wi-Fi networks.
The business model of social media depends on you giving up your privacy, so that you the user can be on-sold to advertisers and other companies. The only "privacy setting" that works is to delete your social media accounts.
Email went wrong decades ago with spam, the ability to send any old binary malware attachment and "rich messages", or HTML that can hide malicious code that runs automatically. Worse, email addresses do double duty as login IDs for various important online services. You shouldn't really reveal your email address to anyone for that reason. There's no fix for this situation. Using email will remain dangerous no matter how careful you are.
Don't get me wrong, you should definitely do your bit to be safer on the internet and follow NetSafe's advice, and anything else that your provider might offer.
There's only so much end-users can do though. Service providers and device vendors need to step up too, and take security and privacy seriously. While we're at it, there are bits like email that need to be reengineered with security built in.
There's just no other we'll enjoy a safe day on the internet otherwise.