Having been recently admonished for advising people to take the 'normal' security precautions without detailing what I mean, I produce the following list which will be appropriate to many readers. Depending on your time, enthusiasm and depth of pocket some items could be added or removed.
- Ensure that Windows and MS Office are kept updated with security patches as soon as they are published.
- Maintain a full, updated and paid for copy of a reputable Internet security suite (not simply anti-virus).
- Do not use an administratively privileged account for day-to-day activities.
- Be cautious e.g. remember that even your most trusted correspondent could have their e-mail address faked
- Maintain a sandbox in which to do potentially risky things e.g. Sandboxie, Acronis, BitDefender, virtualisation
- Password protect Windows accounts and encrypt sensitive files. Passwords must be robust, unique and private.
- Do not open e-mails from questionable sources in HTML compatible readers.
- Scan all removable disks, downloaded files and e-mail attachments for viruses before opening them.
- Rather than click a hyperlink type or copy/paste the address into a browser
- Keep your browsers and associated add-ons (e.g. Java, Flash) updated
Remember that viruses do not only attack Windows PCs - Macs and smart phones are also vulnerable.