In 99.999999999% cases I prefer prevent instead of defend tactic. I block adds, 3rd part content (including cookies) and usually access sites I already known. I use Gentoo Linux and I decide what’s inside my environment setup part by part. Maybe it’s a bit too manual, but in exchange I don’t have support for everything like cups without a printer and so on. 
Most of apps and services is open source alternative for BigTech products. I rarely use Google, Twitter/X account only for giveaways, Discord only for a contact with family and Slack also for Elixir contacts. I had a LinkedIn account, but for some reason just checking inbox was a “suspicious activity” and because of that they require my ID scan (which in many countries is illegal btw.), so I showed middle finger and stopped using it.
I do not pay by card online. I prefer cash or “old, good” bank transfer. Simply most type of attacks that require “rush without thinking” does not work on me. On a single key I access a terminal with lots of useful information and actions.
