First of f all to be extremely attentive before clicking some websites or services, do not keep your data, seeds and keys via email, online messenger or something like that. Do not hold all your assets in one and the only place, do not keep all assets on exchanges even in case they are trustworthy and so on and so on. Everything is really very simple.
The simplest hackers usually attack on the site they disguise as if it were a real site that we want or visit often, then they ask us to give us the key access to our wallet, and they will hack our wallet easily, this is a very simple technique but if not thoroughly very dangerous, I think this can be handled by booting the sites we visit frequently and important sites.