NEW YORK (MainStreet) — Identity theft is no joke. The Bureau of Justice Statistics reports that in 2012, 7% of Americans over the age of 16 were victims of identity theft. The overwhelming majority (85%) of identity theft took place against already existing accounts. Over a quarter of the victims spent more than a month getting their finances back together.

Sure, identity theft is scary, but that's something that happens to other people, right? Wrong. In fact, you'd be surprised just how many behaviors you're already engaged in that are opening you up to identity theft.

Keeping Too Much Personal Information on Your Phone

Steven Weisman is a professor at Bentley University and runs the website Scamicide, which tracks the latest and greatest trends in Internet fraud. He's always shocked by how much people store on their phones without password protections or encryption. "People have their credit card numbers, their Social Security Numbers, their family details and everything else on there," he says. The solution, he says, is to put as little personal information as possible on your smartphone and to protect it with a password, encryption and security software.

Using Your Debit Card Online

"I never use my debit card for anything," says Jack Tomarchio of Buchanan, Ingersoll & Rooney, where he chairs the company's cybersecurity and data protection wing. He has also been a principal deputy undersecretary of intelligence with the Department of Homeland Security. "Credit cards don't have the best protection," he explains, "but they still have better protection under federal law than debit cards." In fact, most of the people who had their identities stolen during the massive Target breach were victimized because they used credit cards rather than debit cards.

Clicking Dubious Links

One thing that Tomarchio and Weisman agree on: you can never be too careful when it comes to clicking on links you get in your email. "If I get emails from people I don't know, I just delete them," says Tomarchio.

TheStreet Recommends

Weisman won't even open links in emails from friends. "My friends laugh at me," he says, "I don't even open the e-cards that I get for my birthday." Any time he gets a link in an email, he calls or texts the person who sent it to him to make sure that it's legit.

Giving Away Your Social Security Number

"They asked me for my Social Security Number at the optometrist recently," says Weisman. "I asked if they would accept my driver's license number instead." He cites people thoughtlessly giving their SSN away as one of the biggest ways that people are compromising their own security. "Too many companies are using it as an identifier," he says. Before you give your SSN away, make sure that it's absolutely necessary that the company has it. If not, try and give them something else, like the driver's license example.

(Still) Using Bad Passwords

"The most common password is currently 'qwerty,'" says Tomarchio, who also lists "letmein," "12345," a person's birthday, and yes, "password" as some of the most commonly cracked passwords out there.

Another way that your password can be bad is if you're using it too many places. "You don't have to make your passwords so different that they're difficult to remember," says Weisman, "but they should be different." One thing he suggests: have a "base" password that you alter for different places that you use it.

Doing Too Much Business Online

"I know I sound like a dinosaur," says Tomarchio, "but I'm very wary of making any purchases online." The reason being, in doing so, you're giving personal information out to companies that might not have the best security practices. "People sacrifice security for convenience. When they do that, they open themselves up to exposure."

--Written by Nicholas Pell for MainStreet