It is impossible to fully protect yourself from leakage: otherwise you will have to abandon the mobile bank, public services and most of the documents. But it is possible to minimize the amount of data that can fall into the hands of fraudsters:
Do not post photos of documents online, including e-tickets and visas;
Do not publicly publish your geolocation, or at least do it in a closed profile;
Do not enter personal and payment data on suspicious sites;
Do not follow the links in emails and messages if you are not sure about the sender;
Use a variety of complex passwords in different accounts. To do this, you can use a special password selection service.
Change passwords at least once every three months;
Use two-factor authentication wherever possible;
Do not specify the main phone number and e-mail when registering on ad sites or filling out questionnaires for receiving loyalty cards and credits, participating in promotions. Instead, use an additional or virtual number (many operators have such a service);
Pay attention to applications that require permissions that are not mandatory for their operation (in the case of Android OS), warnings from antivirus software, and messages about suspicious activity or account logins from unknown devices.
You can check whether your e-mail and phone number are not in the merged database, for example, in the Sberbank Online application in the sections “Security” or “Insurance and Protection”. You can also view it on the website Haveibeenpwned.com .