Here's your gratuitous service announcement, since it is spring - no, really, for no other reason than that I've recently stumbled across these issues again, and found it smart to check - and change - some of my passwords… which, admittedly, I am doing way too rarely.
So… amidst all the spring cleaning, and the gardening, and spending time outside where it's finally nice and sunny again, maybe you can make time for some spring security stuff regarding your computer?
Thing One: Make a backup. I've written about that before, but it never hurts to repeat this from time to time. Hard disk drives are, yes, prone to die at some point, and preferrably at the worst possible point for you. So get yourself an external disk, or - if you are data paranoid - a simple RAID 1, and backup your data. There is plenty of free software around; I use SyncBack (not because it's the best ever, but because I got it at some point, it's all set up, and I have not seen a need to change it yet).
While you're at it, make sure that you will be reminded to actually use your backup software and equipment. Put a reminder into your calendar, set a recurring to-do on your to-do-list, or do whatever else works for you to do periodical backups of your important data.
Thing Two: Make sure your software is up to date. (Most software updates itself readily on its own if you allow it to do so; there's usually a "check for updates" menu item somewhere in the Help or Options menu.) Outdated software can pose a security issue - and sometimes the new version comes with nifty new features that make life a lot easier. (Sometimes they come with annoying new features, admittedly... but well. Life.)
Thing Three: Change some passwords. There is a rather good chance that at some point in time, you too were affected by a data security breach - that is someone stealing personal information from some portal or website that you have an account at. These stolen data then turn up in form of lists somewhere on the Internet, for other shady individuals to use for dark deeds. Such as sending you spam emails, or using your address to send spam from.
Fortunately there are sites that let you check if your email was leaked, and if other personal data got out as well. The Hasso-Plattner-Institute offers a free Identity Leak Checker, where you can check if your personal data was leaked.
A second site worth checking out is "have i been pwned". This not only lets you check for your email address - it also has a search function where you can input a password and see if that has been leaked and is on a list available in the Internet.
If you get hits, you should change the password on the sites that you use that specific email address for. Which is annoying and might be a lot of work, but might save you a good amount of heartache and hassle in the long run. And spam. It might save you from getting as much (or, worse, having it posted from your account).
If you set any new passwords, there's a few good guideline things to remember. Most important of them all: Don't use the same password for several sites, especially not important ones with sensitive data, such as your bank data. Managing that ever-increasing number of passwords is a hassle, which is why password managers such as KeePass are a very good thing - you only need to remember one master password to access the database, where you store all your other passwords. These managers can also remind you to change your passwords regularly, which is a feature that I have now (finally) enabled... because I'm just as lazy, or as prone to forget about the age of a password, as the next person is.
For the master password, or any other important password that you need to type in on your own, you should choose a strong one that you can remember easily. There's a brilliant XKCD comic about strong passwords that fit the bill - which is the type of password I use for the ones that I actually want to remember. For those used only rarely, and only from my home machine, I tend to let the password generator in my manager do the work; it spits out a long random string of numbers and characters which is pretty secure.
So. Ready for some cyber housekeeping?