For cold callers, I say I'm from "Fraud investigations department" or ask them their details so I can put them through to the telephone preference service.
Unless I'm bored. I've kept injury claims people on the phone for 25 min talking rubbish...
I no longer tell anyone my landline and few cold callers phone mobiles. Only my parents ever phone the landline, so I know its either them or rubbish.
I have a different password for every website (I use a detail of that website within the password so I just need to remember variations). I use throw away or different email addresses (I can add extra bits to googlemail addresses and they still come to me) for non important things. My primary email address isn't posted anywhere public.
I don't put real details into clearly insecure portals (surveys / wifi sign in) or pretty much anything that isn't https. If a company wants me to do something using a non-https website - I refuse.
I don't put on social media when I'm going on holiday, or post when I'm away from home. I use a credit card when out and about when possible.
I have had that credit card number fraudulently used twice - both times the bank caught it before the transaction completed.
However if they really want to impersonate me - I'm sure they'd find a way. I just want to be awkward, so they target others who are easier to impersonate before me