One in three people in Northern Ireland have had a social media or email account hacked, the highest number in the UK.
That's according to research from the Cybersecurity firm ESET.
The study also said people here were most likely to use bank PINs or birthday dates as the code to unlock phones.
The firm’s research into online security habits also suggests that more than half of UK internet users (51%) have clicked on a link in a spam email.
Jake Moore,cyber security expert at ESET UK, said internet users still needed to be more aware of how they interacted with emails and the information they share online.
"Email scams are only growing in frequency and it is becoming much harder to spot the good from the bad as criminals become more sophisticated in their art of deception," he said.
"My advice? Never click on or download anything from someone who you aren't expecting something from and always look at the sender's email address. If a company emails to say they have locked you out of your account, ask yourself why they would before clicking through in a fit of panic."
The research also suggests other internet security bad habits remain prominent among UK internet users, with 36% of those asked saying they had never changed their default privacy settings on social media.
The security expert also warned against over-sharing on social media, particularly given the number of online friends who have never met in real life.
"We share so much information about our personal lives online - our birthdays, photos of our children, where we go on holiday - but do we ever stop and think who we might be sharing it with and consider how well we actually know our 'friends'?,"Mr Moore said.