In the survey, which compared the security practices of hundreds of security professionals and non-expert web users, the security industry said their top tip was to "patch, patch, patch." Users might worry about updates being safe, but if you ignore legitimate update prompts, you are leaving your system open to known exploits and vulnerabilities.

Tip: Always keep your software up-to-date and patched.

Web users often use passwords they believe to be strong, but security professionals say this isn't enough -- you need to use unique passwords for online accounts. If you do not and one account is compromised, you are leaving the door wide open for cyberattackers to infiltrate every account you own and potentially steal valuable data or disrupt your online identity.

Tip: Use unique, not just strong, passwords for your online accounts.

The third top tip security experts give to web users is to use two-factor authentication. A password simply isn't enough this days; but using a second layer of security -- such as a code sent to your mobile device when you attempt to login -- can keep your accounts safe even if your password is exposed in a cyberattack or through brute-force cracking. Google, PayPal and Facebook are among companies which offer these features. It might be an inconvenience, but can save you the potential heartache of losing your account to a hacker altogether.

Tip: Enable two-factor authentication on your accounts whenever possible.

Remembering your strong, unique passwords can be difficult. While one researcher told Google that they try to do this as "no-one can hack the mind," if you have trouble, consider using services such as LastPass. The company offers a lock-box where you can effectively store sensitive password data, and can also be used to autofill your account access forms for you if you wish. As a result, you have difficult to crack passwords protecting your account without the need to remember each one individually -- instead, you remember one password to access your password cache.

Tip: If you have trouble remembering passwords, use a password manager.

Finally, if something looks too good to be true, it likely is. That means the bargain-basement designer sale on Facebook or the email you received from the Spanish lottery congratulating you on your win is likely to be a way to lure you into handing over valuable data. These lures, called phishing campaigns, can entice users into downloading malicious software, clicking on bad links and entering account information into legitimate-looking websites -- only for you to find out later your bank account has been rinsed or details are on sale in the underground. Simply put, use your common sense and be wary of unexpected emails which seem to be giving you a stroke of good fortune.

Interested? Read on: 15 tips for preventing identity theft