Get started with staying safe online
Here are Santorelli's top nine tips:
1. Software patches
Patch your OS and all your applications, especially your browser and browser plug-ins such as Java and Flash.
"This one step will likely give you 90 percent protection, as infections, which lead to privacy compromise, often rely on exploiting known vulnerabilities in your operating system," Santorelli said.
Set up automatic updates whenever possible, such as in the Windows Control Panel, in Flash and in browser settings.
2. Two-factor authentication
Use two-factor authentication for as many accounts as you can. This means you must provide both a password and a second form of identification, such as a code that's sent to your phone, to log in to an account. Most of the major free service providers, such as Twitter and Gmail, have enabled this capability.
3. Anti-virus software
Use anti-virus software, and update it regularly.
"While it's only about 30 to 50 percent effective, it's still well worth doing," Santorelli said.
Many ISPs will give you a free subscription for anti-virus software. There are several good free anti-virus clients, such as AVG and Avira for PC and Sophos for Mac, but paid anti-virus software adds extra features such as Web-link screening and anti-phishing alerts.
4. Web browsers
Santorelli said that you can stay safe using any of the "big five" browsers — Apple Safari, Google Chrome, Microsoft Internet Explorer, Mozilla Firefox and Opera — as long as you update them "rigorously."
Ideally, you should remove browser plug-ins that can execute code, such as Adobe Flash and Oracle's Java applet platform. This may not be practical in all cases, however.
"Most people don't do this, because they find the Internet very boring without these plug-ins," Santorelli said.
You won't miss much with Java turned off — the only widely used online applications that really need Java these days are Web-conferencing things like GoToMeeting. But many websites still use Flash for displaying video.