Here are some things you can do in order of ease of implementation.
1. Use good random passwords. I highly recommend a password manager. 1password is considered the best by many, but it does require a subscription. If you want free, and are willing to keep your vault local than bitwarden is also very good.
2. Most credit cards and banks now have a way to text or
email you when a transaction exceeds a certain amount. I get an
email any time my card is used, and I was able to stop someone who cloned my card the same day last year.
3. Get two factor authentication for all of your accounts. The best is something like a yubikey. Second best is time based one time password (TOTP) which is supported by 1password, bitwarden, and
google authenticator. Third best is where they text or email you a code. Most banks only support the third, unfortunately.
4. This is only for the paranoid, those who need to protect significant funds, or with a high threat model. It does take some IT chops. Establish a VPN exit node that you control. DO NOT pay for a VPN
service. Most are highly suspect, and they can see all of your exit traffic. Tailscale is currently the most versatile, and easy to set-up. Algo by trail of bits is probably second. Both require you establish an exit node. I use tailscale and Digital Ocean at $5/month. All banks use TLS now so this is just protection against a sophisticated threat actor.
You have fraud protection on your credit card purchases. Some banks also cover debit cards now as well, but you should check with your bank.
Feel free to ask any specific questions. I'll try and help.