The phishers, fraudsters, hackers, identity thieves, bot netters and their ilk out there are getting more and more clever all the time.
Here's a summary of what one can do to prevent 95% of the attacks:
1. Use strong passwords. Make sure your passwords are different for different accounts, especially for your primary email account.
2. Run Firefox. If you must run IE, turn off ActiveX. It makes low level OS calls that can be exploited.
3. Run your virus scanner daily.
4. Lock your router down.
5. Check your social networking accounts regularly. If you see that you've made a post you didn't make, take action.
6. Same for your credit cards that you pay on-line. Diligence is critical.
7. If you use an iPhone or Droid, make sure that you have it screen locked. Most folks bind their email accounts and such to their smart phones; lose the phone, lose your identity.
9. If you are unsure about a site, leave it. Contact the organization by phone.
10. Make sure you have your browser set up to clean out ALL data when you close the browser - cookies, history, all of it.