You've cleared away most of the web of myth. You know that today's evil viruses and other malware exist to make money, that antivirus alone is no guarantee of safety, and that neither is your own good sense (as important as that is). And you know that some of the best protection comes from keeping your software and your operating system up-to-date.
Now it's time to make sure you don't fall for the final and potentially worst myth: That the crooks own the Internet, and that the only good option is to use it as little as possible. Denying yourself the cornucopia of benefits the Internet can bring out of fear of its dark side.
Yes, you can get nailed. But that shouldn't stop you from venturing online, any more than the potential for getting the flu should prevent you from ever leaving your house. If you know the risks and prepare for them adequately, you can weight the odds heavily in your favor and confidently enjoy what the Web has to offer.
You can't ever eliminate all risk, no more than you can guarantee complete safety in the real world. But with these simple steps you can give yourself very good odds.
1. Know the score. Know that the crooks are out for money, and that they can make money stealing anything from files to credit card numbers to Webmail passwords.
2. To combat drive-by-downloads and other attacks that take advantage of hidden software flaws, keep your software up-to-date. Use Automatic updates wherever possible, and for finding and patching the rest I'm a big fan of the free Secunia PSI.
3. To guard against con jobs (aka social engineering), double-check any e-mail attachment or download you're not 100 percent sure about. Heck, even double-check those. Virustotal.com offers a terrific free service that will scan any file you send (up to 10MB in size) with 37 different antivirus engines. There's still the potential for a very carefully crafted targeted attack to slip by all those engines, but the odds on that - and on your being the target of such a labor-intensive attack - are pretty slim.
4. Protect your passwords. If you have to type one on a risky PC - especially at an Internet cafe or other public PC - change it as soon as you get home. That goes for Webmail, online games, and pretty much anything else - crooks can and will abuse any of them for profit.
5. Use a good antivirus product. Their ability to detect and block malware varies greatly, so make sure yours is in the top tier for detection results. Check reviews from PC World and other sites and publications to make sure you're well covered.
You don't have to be a tech guru to cover any of these steps, and none of them will take much time either. But following them will go a long way towards denying the crooks without denying yourself.