The link he posted is actually a good one and worth the read,...
I would also mention a few things...
Disable remote gui logins for everyone. Either disable ssh, or secure it according to that article. Choose a password that has 8+ characters (more is better) and have a look here for a humorous take on this;
http://xkcd.com/936/
In your browser, use things like NoScript (helps contain javascript malware). Chrome/Chromium tends to sandbox web sessions better than other browsers (but was, ironically, the first one hacked in a fairly recent hacking contest). Avoid using Adobe flash, if you can help it.
Try to logout of your user account between browsing sessions, especially when browsing unfamiliar sites (java/javascript malware has the potential to temporarily "infect" your account). Make sure your Desktop Environment is set to give you a fresh session by default (rather than trying to preserve running apps, etc.). Make sure that your browser is connected securely when inputting any personal information (using https,... you'll see the little lock symbol in the status bar).
If you use Google services (gmail, Google+, have an Android phone, etc.), make sure to activate two step authentication. If you have an Android device,... there's a nice app from Google that gives you rotating pin codes to authenticate apps and devices that connect to Google's services... You just have to authenticate that device first.
Make sure your screensaver (and login) requires your password. Never re-use your user account password, nor any derivatives of it, with on-line accounts. Never re-use passwords on any online accounts connected to a credit card or bank account. Never use an open WiFi connection (one without WPA2 encryption or better) to transact anything that you wouldn't announce from the top of a building. And try to avoid using a static IP from your ISP, unless you have to do this for some business related purpose.