Passwords - many sites tell users that a different password should be used for each site that they connect to. This is ludicrous, as no-one will remember the password for each site, and the passwords will be written down and often kept by the computer. If you are unfortunate enough to be burgled, this could mean you lose more than your computer!
If you use the computer for Internet banking, or for access to any web site that could be used to get money from your bank or credit cards, you should use a single, very secure password that you can remember. It should be a combination of numbers and letters, and special characters as well, provided that you can remember the password without writing it down. It can be useful to use both capital and small letters, although some banks, stupidly, do not differentiate the two. For the numbers, do not use dates that relate to you or your family (birth years, etc) - but something like your first car registration or an old telephone number can be a good choice. Sometimes using the first letters from a phrase or title (eg "We all live in a yellow submarine" = "Waliays") followed by a memorable number can make a good password, particularly if you change "a" to "@" and "I" to "!" (eg "W@l!@ys").
Remember - this password should be very difficult for anyone else to deduce, but easy for you to remember without writing down! It should only be used for sites where you keep financial details - it must never be used for forums (such as this one) or for any site that is unimportant as far as money matters are concerned!
For all unimportant web sites, forums, etc, where it does not matter if someone, even someone with malicious intent, finds your password, use another password entirely. It can be made up in the same manner as the secure password, but must not give any clue as to how the secure password was arrived at.
Almost certainly if you are a member of many forums or web sites your password and username will be hijacked at some time, but it will not matter if you keep your secure password only for use with banks, credit card companies, etc.
Phishing - this refers to the criminal use of emails pretending to come from a bank or other financial institution asking you to go to their web site to confirm your account information. If you click on the web site address in the email you will be taken to a fake site that looks exactly like the real one and any information you enter will be used to extract money from your account. (You can see which web site the email link will take you to by hovering your mouse over the link - the address that you will be directed to will show at the bottom of your screen.)
Never click on a link in an email! If you think there might be a genuine reason to go to your bank's web site, select the web site from your favourites or by keying the web address into your browser. No financial institution will ever ask you to confirm all your passwords and usernames on-line.
AntiVirus - if you are using a Windows computer, use AntiVirus software and keep it up to date. There are many free versions available - you do not need to pay for Norton or similar heavily advertised systems. Avast, AVG and Avira all offer free versions of their antivirus software for home use. Enter the company into your search engine and you will be taken to the relevant company site.
In summary, normal common sense will keep you out of trouble on the internet. Remember that the site you are viewing may be a fake, especially so if you arrived on the site by clicking on an email, so before entering any information about yourself, check carefully.