It seems like barely a week goes by without a story about computers being hacked, a virus being spread or another critical flaw being found in Windows means you need to download a patch. I've been running my main machine for the better part of two years and spend a lot more time online than most, even going back before broadband I was online a lot using flat-rate access, but I have never had any spyware and in last five years I'd guess that I've had perhaps two viruses, none of which have done any damage. That may not sound so surprising, I'm a computer literate chap, I obviously know what I'm doing. True, but I've also managed all that without running anti-virus, spyware agents or, on this machine, a firewall (I do sit behind a firewall which is built into my modem/router). You may be thinking that I run Linux, or maybe even have a Apple, but I run an ordinary Windows PC like 90% of users.
So, I thought I'd pass on what I think are my reasons for successfully avoiding infection:
1. Use More Secure Software
This is going to sound like a rant against Microsoft products, and perhaps it is, but it's fairly obvious that Internet Explorer, Outlook and Outlook Express are a gateway for invasion. I'm not fussed about the reasons, but they're supposed to be very insecure. So, don't use them. For email, I use Mozilla's Thunderbird and for surfing I generally use Mozilla's Firefox, these are both completely free, but they're far from the only options. For example, Opera have just launched a new version their browser, which has a built-in email client, and Eudora is an email client that has been around for some time. Of course, to avoid infection completely, you could switch to an Apple computer running MacOS X or install Linux on your computer, both of which are far less vulnerable to attack.
2. Don't Open Dodgy Emails
By dodgy, what I mean is emails from people you don't know or emails from people with attachments you weren't expecting. When in doubt, delete it. The preview pane shouldn't pose a problem, just don't open attachments unless you're sure what's in them. One of the obvious things to look out for is files with double document types (e.g. filename.exe.doc) and I'm always wary of zip files. Likewise, be careful of links in emails from people you don't know.
3. Watch What You Download
This is especially true if you use Peer-to-Peer networks, but be aware of what your downloading from websites too, if it looks off, don't download it. Virus writers and spyware makers have been known to hide their wares in otherwise legitimate programs. When in doubt, don't download it.
4. Keep Your Software Up-to-Date
I don' just mean getting the latest updates for windows, a lot of software has the ability to check for updates online and many companies offer security patches completely free. If possible, always try and run the latest version of any software you have as it will, generally, be the most secure version.
5. Use Good Password Management
I would say change your passwords often too, but I don't change mine hardly at all, I have a few different passwords, with varying levels of difficulty, which I use depending on how important the account is. So, don't use the same password (or variations) for everything and make sure you keep them safe. Don't write them on pieces of paper, don't store them in a word or excel file. There are a number of free apps out there that will keep them secure and save you remembering them all.
That's it, easy isn't it? Just be aware of what you're doing and why you're doing it.