Dont Use cr@p Anti virus protection like Kaspersky /and especially not Norton

the rest of your suggestions are OK

I haven't heard anything good about Norton for a very long time, but Kaspersky's reputation seems to be improving.

I would also add...

• get into the habit of routinely looking for https in the address bar (and also reading the colored site information).
  
• Never enter any information in response to an email - NEVER, EVER, EVER!
  
• And in the real world, never hand over any information on the telephone unless you initiated the call - NEVER, EVER, EVER!
  And never phone prize-winning hotlines, etc.
  

I've had phone calls from legit companies that have asked for information to confirm that they are speaking to the right person - unbelievable. I've had magazines selling subscriptions asking for debit-card information. Obviously, enough people are stupid enough to do this that it's worthwhile even for real companies - amazing! (I make a point of trying to verify whether such calls are legit even though I never agree to anything or hand over any information.)

Kaled.

I haven't heard anything good about Norton for a very long time, but Kaspersky's reputation seems to be improving.

true ..but there are far too many copies of it cracked on home machines for it to be considered safe ( cracked usually means made to look the other way when the crackers code installs and phones home ) ..if kaspersky protected their own .exe and authentification and reg systems .. better ..I would not lump it with norton ..it's better ..but its vulnerable itself ..and there are lots of cracked versions running ..and they dont release new "point" versions fast enough to kill the old ones ..IMO

Being an ecommerce owner I have in my confim email that is sent to customer that bought a product from our website.

example.com will NEVER EVER ask for private information sent to us through an email. If there is a question we will call the number provided give you the order number for verification before we ask you for assistance.

I used to have a credit card from a company that made regular marketing calls to me and asked for my card details to confirm that I was the card holder. The calls were Kosher as I discovered when I called back to either complain or warn them of a phishing attempt.

Thank You Kaled , piatkow , bwnbwn , leosghost for your replies.

and also reading the colored site information

Sorry i didn't understood Kaled Can you please tell what you meant by this?

I'm not sure how it's implemented since I've not studied https, but if you go to the login page of any bank, you will typically see something like "Acme Bank PLC" in a colored block occupying space beside the address.

Naturally, you need a modern browser - I'm using Firefox 3.53 (and Opera 9.63) but I don't have a modern copy of IE installed in my current boot option to check that.

Kaled.