Chances are if your email or social media account has ever been compromised, you accidentally gave your credentials to the scammers yourself. The most common way to infiltrate an account is called phishing, in which people trick you into handing over your login info to false websites that look legitimate.
Phishing attacks aren't new, of course, and there's likely a deluge of such emails in your spam folder, but it's still the leading cause of compromised accounts. This graphic from Digital Guardian highlights how you can spot phishing attempts in your inbox and how to avoid them. Whether it's weird attachments that prey on your curiosity or spoofed links that take you to a false login page that imitates a familiar brand, there are a variety of techniques that scammers use to engineer their way into your account (often just to proliferate more spam). And it's not just email; beware of shady text messages from unknown numbers or people posing as IRS agents requesting your private info.
Have a look at the graphic below for a thorough look at common phishing methods.
Don't Get Hooked: How to Recognise and Avoid Phishing Attacks (Infographic) [Digital Guardian]