Tricking people into sharing personal details and logins by pretending to be someone else — known as phishing — is surprisingly effective. Some of the smartest people I know have been taken in by it and it only takes a moment’s lapse in concentration or uncertainty to fall for it. The maths is simple: it barely costs anything to send an email to 100,000s of people and it only needs a few people to get caught in the net for it to pay off.
Also, look out for targeted spear-phishing attacks where scammers may seem to know specific details about yourself to make the attack more credible. Or what’s known as whaling — the targeting of high-profile figures such has heads of companies or celebrities with elaborately planned and sometimes very convincing schemes.
Stay vigilant people.
You can also check if you’ve been caught in a data breach at: Have I been Pwned.
Also see 2-factor authentication.