And here comes unSpawn, overkilling since 2001! Or so would it be, if there was such a thing as "overkilling" in the security area...
Half the things unSpawn has outlined are beyond the reach or the will of common users, but are indeed funny to investigate at the very, very least :-D However, the most important one is:
"More than that you need sane network-using habits."
Which basically stands for "Don't fall into scam, don't accept invalid SSL/TLS certificates, don't fall into social engineering traps, don't download untrusted stuff" and so on. Usually, is easier to trick people by pure lying than by using a complex technical attack.