Beyond practicing basic computer security steps such as not clicking on email attachments and such, I think the smartest thing a person can do is not let JavaScript run by default on any site you visit. NoScript for Firefox is a great extension.2byte wrote:
# Disable javascript and flashplayer in the browser. Only enable it as needed.
#5 Run your browser and email client as a limited user. Not spot.
BSD doesn't run as root by default so it limits to some extent what damage can be done.
Other than a few passwords to throwaway email boxes I never keep anything important on my machines.