1. KEEP YOUR PHONE UPDATED.

Now a lot of people will say Samsung dont even deliver updates for flagships how the people using mid range phones update their phone? You are right Samsung's recent approach regarding delivering updates is hurting the end users. But user should (Must) update their devices as soon as the update is available. And not only stay updated with security patches but also the app updates available at Playstore.

2. Never use third party app stores.

There are a lot of people who download apks directly from some websites other than official Play Store. By doing this you are risking your privacy and data safety because you will never know who coded the application you just download and if that contains a malicious code within itself or not. So the best thing you can do is if you need to download apps go directly to Play Store or Samsung App store I repeat no where else and if you do that you will have higher risk to get hacked or loose your files or stuff like that.

3. Differentiation of Official Apps.

Now this is the most interesting part because there are thousands of malicious apps are available even on the official Play Store. So the first thing to check while downloading any app is check the developer and check if that app is an Editor Choice or not. Mostly the famous apps are already listed as Editors Choice and you can consider them official and safe. The next thing to consider is Never download **bleep** clients like there are a lot of clients like GB WhatsApp and etc available for downloading instead of WhatsApp itself. Those apps are **bleep** and not even you will risk your privacy and you can even loose your account. (for example sometimes ago WHATSAPP disabled all the phone numbers who were using clients to impersonate WhatsApp)

4. Permissions manager. So if you follow those steps and I consider now that you got the official and safe app. So now here the thing is hackers can even get through your phone with some coding errors using even official apps. + There are a lots of cases filed against the famous companies like Facebook (Whatsapp is also a product of Facebook so its included as well as Instagram) are proven guilty of selling users data. Now dont say what will happen even if they get my data (Meri saari mehnat pe paani fer doge agar kisi ne ye comment kiya to). So lemme answer this question too In last Presidential Elections in America Trump is an accused as some agencies say that the party that Trump was representing altered and misguided user with advertising and sending them stuff which made them Vote for him. In one word To MISLEAD USERS TO VOTE FOR HIM. And that was done with the help of the data they received from Facebook for examples Facebook knows everything about you about your likes, Dislikes, Your phone usage patterns, your hobbies and afyer knowing you that much they can alter the way of your thinking pretty easily. So what to do to stop companies spying on you. The harsh truth is we can't stop that because we are using a Google product so how can we stop google to know what we have on our phone or what we do on our phone? But we can atleast reduce the information they have about us by keeping an eye on the permissions that apps ask us. So keep in mind only Grant those permissions that are MANDATORY for the app to function and if they ask you any other permissions that are not supposed to be there reject it or simply remove the app.

As one of my friend @Shinchan mentioned that we should be aware while using wifi, He is right to some extent. There is no lie that most of the Hacking is done by accessing your wifi router.

But the second thing is we are never safe till we are connected to Internet either its wifi or Cellular network. We can't do anything about Cellular on our end so lets talk about WIFI. So the very first thing to do is use a password that complies with WPA2 atleast. Now as he mentioned there are some router companies that use Two Step Verification you can use that too if your router supports that. And one more thing that you should  do to extend the security more is, There is a option to BLACKLIST AND WHITELIST. So add your all the devices (you will need MAC addresses of all your devices) to whitelist. And rest of others will be blacklisted automatically. So i think you already got to know that this way only your devices can get connected to internet using your router. And DONT USE PUBLIC WIFI as far as you can.

6. SAFETY WHILE ACCESSING ATTACHMENTS.