People who write operating systems need to make it easy for users to limit keystrokes to only one program or process when they want to. Similarly we need to be able to know and control which applications are able to read the screen.
Until those basic improvements are made there are some simple and direct measures we can all take to greatly reduce the threat.
Specifically -
*Pick a strong password
*Do not ever trust a web link in an email message that takes you to a site that asks for personal information no matter how official it looks
*Email and Instant Messaging is not usually encrypted. Be careful about what information you send using these services. Don't write anything you wouldn't be comfortable sending on a postcard.
*Install and use an encryption tool such as PGP to store and transmit information that is sensitive.
*Any antivirus package needs regular updates or it will only give you a false sense of security
*Check for and install any critical security updates regularly
*Do not surf the web as an administrator or root user. Configure a limited user account to be used on a daily basis. Many computers that run windows (like windows XP home and Pro) are configured to run with administrator rights by default. You have to make a second account that is "limited" to help protect your computer through start-control-panel-UserAccounts . Avoid going online with an account that has privileges that allow installation of applications or changes to critical system files and settings.
* You need some kind of firewall
Read more at you are free to quote or use all suggestions here