Hackers never stop looking for new ways to steal your information and money. You stop being fooled by emails from Nigerian princes and hackers start sending fake email claiming to be from legitimate companies - here's how to spot a fake email.
You stop clicking on links or downloading attachments in unsolicited email and hackers start posting malicious ads on questionable sites.
You start checking a site's reputation before you visit and hackers - well, what can they do next? They can turn to watering-hole attacks.
A watering-hole attack is when a hacker slips malicious code onto a legitimate site, usually through ads. It already happened to Yahoo a while back, but that's small potatoes compared to hackers' latest venture.
That's right, hackers have managed to get malicious ads on YouTube. And not just on little-watched videos, but on videos that have more than 11 million views.
According to security company Trend Micro, 113,000 people have clicked on a malicious ad on YouTube in the past 30 days. Even worse, the ads you might click on are legitimate-looking ads.
Hackers have bought real ads on two ad networks, and when you click you're bounced from network to network before you're shuffled off to a site that attacks your computer. The attack site might even look legitimate because the hackers found a way to piggyback on a Polish government site.
The hackers attack your computer with a virus named KOVTER. This is ransomware that holds your files hostage unless you pay up. It's similar to the dreaded Cryptolocker, but a bit older and not as sneaky.
That's actually good news, because it's fairly easy to protect yourself from it. If you have up-to-date security software, it should catch the virus.
Also, the virus sneaks in through older security flaws in Java, Flash and Internet Explorer. If you've been keeping those updated - click here to learn how - then the virus can't install.
It just proves again that following basic security steps can protect you against most of the threats out there. Here are some more basic security steps you should be following.