Here are some points to consider:

Please be aware that if you install any Windows Service Packs, that some instances of the installation have been know to fail, resulting in loss of data on the hard drive.  DO NOT take installing any service pack lightly.  Make sure that you have backup(s) of all important data.  Also, if you have installed Windows XP or Vista with a published (pirated) Key Code, Service Packs will not install. This was done intentionally by Microsoft to thwart piracy.  If you have an illegal copy of Windows, please do not ask us to circumvent Microsoft's anti-piracy policy.  We reserve the right to refuse to work any system with illegally installed copy-protected content.

If you have dial-up internet service or broadband service without a NAT router, you must use a firewall to prevent internet intrusion.   Windows XP and Vista have a built-in firewall.  Click this link to see Microsoft Knowledge Base article 283673 on how to enable this feature.  Unlike the initial release and SP1, Windows XP SP2 and Vista activate this firewall by default. Remember that when a firewall is enabled  on your computer, file and printer sharing may no longer be available from your computer.  Many anti-virus software products also include a basic firewall, such as Trend Micro's Internet Security.

Install an effective anti-virus program and make sure it is updated every day.  If you have dial-up service, do not check your e-mail before updating.  If you do, you take the very real risk of infecting your system since the anti-virus program will not get the updates in time.  You should take this approach on any computer that is turned off for more than 3 hours, no matter if you have broadband or dial-up service.  Computers that use broadband and are always on, will usually get updates every 1-3 hours.  Your anti-virus program may be set differently, so it important to check these settings.   If in doubt, do an update before checking your e-mail.

   The selection of your brand of anti-virus program is your sole responsibility!  The use of any anti-virus solution does not guarantee against infection or possible data loss.  Whatever product you use, remember to read the license agreement carefully, as well as compatibility with your OS.  it may also help to read on-line reviews. To see an alphabetical list of some Anti-virus providers, click here.

Perform a daily backup of all critical data and applications.

Now that Microsoft is determined to provide security patches on a regular basis, other brands of software are now being target by criminals for security flaws.  These are as important to install as the Microsoft Windows updates.  However, because Windows does not include an easy way to search for updates for non-Microsoft software, you may need to install a 3rd party application that will help you detect and install updates as they become available. 

What is "Spoofing"?

In general computer terms, spoofing is a way for a program or associated web content to hide it's original point of origin; in other words, to disguise where or from whom the content really came from.  E-mail spoofing,  
IP spoofing,  web site spoofing, and DNS cache poisoning are examples.

E-Mail spoofing is most commonly seen with spam mail.  Because the protocol for sending e-mail (SMTP) was not originally intended to be highly secure, spammers have found a way to forge the incoming e-mail headers to appear to originate from another source.  In this way, they are attempting to hide their real source to prevent detection and blocking.  For example, you may receive spam that appears to come from a non-spamming source, even from people that you may know.  Spammers hope that this will enable them to "slip past" detection systems, and provide a higher chance that you will actually view the e-mail.  If you receive spam mail that looks like it came from a legitimate source, there is a good chance that e-mail spoofing has occurred - so don't be quick to blame what you believe is the originator.  Some people may also receive a "bounce-back" e-mail from an anti-spammer bot or server claiming that they have attempted to send an e-mail that contains a virus, or simply violates generally accepted anti-spamming rules.  In this case, someone else is using your e-mail address to spoof the header and pretend that you are the original sender.  A policy server on the internet (an internet bot) has detected the e-mail and "sends-back" a message to what it believes was the original sender.  Unfortunately some bots are not smart enough to detect the forged header, so you receive the warning instead.  This is possible indication that someone you know may be infected with a virus, or it may simply indicate that your e-mail address is now part of the spammers list of well know e-mail addresses.  Either way, your best bet is to simply delete all spam immediately and ignore the bounce-back messages.  Installing a good anti-spam software program can help.  Although not perfect they can help reduce spam.

Web Site spoofing is commonly seen with criminal activity that attempts to lure people to forged web sites for the purpose of stealing personal information such as credit card numbers and social security numbers.  Phishing and web site spoofing are often used together.  A spoofed web site address will take you to a false web site that looks like the real site that you intended to visit.  You can protect yourself by making sure you have the latest web browser updates and by never clicking on links that take you to a web site that asks for personal or financial information.  If you need to use a web site for these kinds of transactions (on-line banking or credit card purchases), simply type the address in your browser's address bar every time.  This may seem overly cautious, but external links that take you to web sites that give access to confidential information or are intended as on-line shopping sites, may expose you to spoofed web sites.  For more information, read Microsoft's article, "How to recognize spoofed web sites".

DNS cache poisoning is an exploit that re-directs web addresses away from the authentic site to another site.  This is often used by malware to prevent removal by keeping the user from downloading anti-malware software from the internet. It is also sometimes used as a way to re-direct web searches to an alternative site, which is a form of browser hijacking.  DNS poisoning is a very serious issue especially if a DNS server is involved.  Every computer that uses that server for DNS resolution is vulnerable to exploitation.