Be very wary of open public WiFi networks - the kind that do not require a password, for example in coffee shops or hotels. It is very easy for an attacker on the same network to collect anything sent in plain text. It is also easy to eavesdrop HTTPS connections (a “man-in-the-middle” attack).
WiFi networks that require a WEP key (you’ll see this when you connect) are also not very secure, and should be avoided.
Smartphones with always-on Internet connectivity and GPS make you easier to track accurately.
Apps can easily have malicious code hidden within them that collect and transmit your personal information without your knowledge.
Don’t do anything sensitive on an open WiFi network, and be wary on WEP or WPA (not WPA2) networks as well. Check on your WiFi connection on the phone what kind of a network it is.
At all times when you don’t need WiFi connection, turn it off! In particular, make sure your phone is not set to connect automatically to open networks.
Turn off location tracking unless you really need it.
Don’t install uneccesary apps on a phone that you want to use for secure communication.