The FBI watches criminal activity on the Internet very carefully. The agency has some alarming statistics. It says that virtually all home PCs are now infected with spyware or viruses orboth, and that 91% of these infections are dangerous. A lot of this malware is still distributed via email, but hackers are finding ever more innovative ways of infiltrating your computer.

Cybercriminals now plant malicious code on innocent, trusted websites, lying in wait for victims to come to them and be silently infected. Sophos Labs, the world leader in security technology says it discovers 6-thousand new infected websites a day--one every 14 seconds! Google researchers say at least one in 10 web pages is booby-trapped with malware.

Hackers use this web-based malware to steal information directly or to establish botnets -- large networks of hijacked computers -- from which spyware, viruses, spam and other threats can be distributed. Most of this malicious code goes undetected by packaged software products you can buy in stores or download on the Internet, or that comes bundled on new computers. If this consumer grade security software worked, we wouldn't have a serious cybercrime problem on our hands. (An adviser to the U. S. Treasury Department reported that in 2005 criminal organizations made more money from cybercrime than from illegal drug trafficking: over $205 billion.)

How to Protect Yourself
The first rule of preventing spyware is to be careful about what you download on your computer, says Doug Tygar, Phd, a computer science professor at the University of California, Berkeley. Think twice about installing freebie software, no matter how enticing it appears. Forbidden landing zones should include any website offering sexy photos of your favorite starlet. And never open unsolicited e-mails promising discount products.

The second rule is to scan your computer daily with a good anti-spyware program, preferably an industrial grade program.

I personally use a service called iCare from the same company that now provides my identity protection. iCare technicians installed the same grade of firewall, anti-spyware and anti-virus software that is used by major corporations, financial institutions, universities, and government agencies. They keep the software updated, and they keep my computer clean and expertly maintained. Anytime I have a problem, they take care of it for me, with no extra charge. It's like having my own tech department. How cool is that! Hey, the last time I took my PC in for repair, it was in the shop for 4 days, and the bill was almost $300.

Consider a Different Browser
The most popular browser is Internet Explorer, which comes pre-installed on most personal computers. Small wonder, then, that most viruses and spyware programs target Windows-based PCs rather than Macintosh computers.

Dr. Tygar recommends using alternative browsers such as Firefox or Opera to address identity theft or online privacy concerns. These alternative browsers can be downloaded free of charge. To learn more, visit www.getfirefox.com or www.opera.com.

Although Macintosh computers are generally safer, Dr. Tygar recommends that Mac users download the browser named Safari on their machines. For more information about Safari, visit www.apple.com/macosx/features/safari.

Get a Second (or Third) E-Mail Account
Never use your real e-mail address in online chat rooms. Never use it when shopping online, and never use it to register at any website. "If you have ever done business online," says John Hambrick, an FBI supervisory special agent with the Internet Crime Complaint Center, "you have to expect that your e-mail address will be compromised; there is [then] the potential for that account to be stolen or sold."

So do what the G-man does: Establish a separate e-mail account—free on MSN's Hotmail, Yahoo!'s Mail or Google's Gmail—and use it specifically and exclusively for online purchases. The Hambrick trick should make your private accounts less vulnerable.

How to Protect Yourself
When choosing a free e-mail address for online shopping, some people opt for a pseudonym or non-identifier. As long as you have valid payment information, most retailers won't care whether or not it matches your real name. But which free service is best? "Currently, Gmail probably gets the edge," says Dr. Tygar. "It is excellent at detecting spam and phishing, though Hotmail and Yahoo are improving quickly."

Watch Your E's for Cues
Be wary of any incoming e-mails, to any of your accounts, from unrecognized names—especially strange-sounding ones. Spammers often send e-mails using first names only, misspelled ones, or the simply absurd.

If you read just the names and subject lines of incoming messages, you can often tell they're counterfeit because they are riddled with misspellings and grammatical errors. Of course, sophisticated phishers now take the time to proofread their messages.

How to Protect Yourself
Assuming you don't really know Dai, Petter Parrker, or Hudson Fabergé, why bother opening e-mail from them? At the very least, strangely titled or misspelled e-mails are likely to be spam pitches. Yet the mere fact of clicking such an e-mail open can alert the sender that your e-mail address is active—and therefore ripe for attack or sale. Worse, opening unknown e-mail may automatically admit spyware or viruses into your computer.

Password Dos and Don'ts
Need another reason to guard your computer passwords? It's possible they could be cracked by eagle-eared identity thieves using a high-tech microphone that detects sound through glass.

To keep your passwords unknown—and unknowable—follow these pointers:

Do combine parts of two unusual unrelated words, such as gastrocumulus or cytoplasticity. The longer and stranger the better.

Do mix capital and lowercase characters, as well as symbols and numbers, in the middle of the password: f2reeDoMeYe#wTness, not freedomeyewitness.

Do use words from a foreign language in combo with an English word. Many hackers try to crack passwords with common words, or with those pooled from the dictionary database of a single language.

Don't use anything that can be easily guessed by neighbors, co-workers or strangers who get their hands on your wallet—a nickname, child's name, pet's name, or your favorite sports team or hobby.

Don't use slightly different versions of the same password on different websites, such as ABCebay, ABCmortgage or and ABCvisa.

Don't pair a common word or your name with a different character at the beginning or end, such as $user or johnsmith7.

Don't use the same password from one application to another. "It's fine to have a simple, short password on a news website," says Dr. Tygar. "But use a different, longer, more complicated password on a site with sensitive information."