Top tip: avoid D-Link routers.

FTC Charges D-Link Put Consumers’ Privacy at Risk Due to the Inadequate Security of Its Computer Routers and Cameras

FTC says lax device security features put users at risk of malware and privacy issues: FTC sues D-Link [ftc.gov]
Guest accounts accessible by anyone were hard coded into devices and allowed remote access.

There are two basic paths of compromize: through WiFi and through your ISP downstream. Most users will lock their WiFi with passwords, but many forget to protect their router hardware.

•  Only install verified apps on your phone, tablet & notebook that use your WiFi. Infected apps can infect your router.

•  Never share WiFi password

•  Don't let others use your WiFi. They may have infected hardware/apps.

•  Encrypt/obscure your broadcast name if possible.

•  Set LogIn credentials at the hardware config page and never use defaults (example: 000000 or 111111)

•  Remove older routers and upgrade to current, safer hardware.

I used an old Windows machine as a preliminary MAC address (firewall) for a long time, but my new router has Qualcomm's new MASK that has layered protection. Also has the new WiFi Standard w/ 5 GHz band support which will be great as soon as they make a 5k phone :)