7 online blunders: these common mistakes can ruin your computer or invite identity theft.

1 ASSUMING YOUR SECURITY SOFTWARE IS PROTECTING YOU

Security software is fully effective only when activated and frequently updated. (Most products can update automatically.) To update most commercial software products, you must pay an annual fee. Last fall, the National Cyber Security Alliance and software maker McAfee found that nearly half the users polled who thought their software was protecting them hadn't updated it regularly. Software bundled with a new computer requires special attention because its subscription may expire within weeks.

[ILLUSTRATION OMITTED]

WHAT YOU CAN DO. Renew the subscription when the software prompts you. Make sure your security software is active when you're online and that it has been updated within the past week or so. (Most products will display that information.) If it wasn't updated recently, verify that its automatic updating feature is enabled. If it isn't, that's the problem; enable it, then update manually. If you can't, your subscription has probably expired. Renew it or call the software maker. If you can update only manually, automatic updating might not be working. Call the software company's support line for help.

2 ACCESSING AN ACCOUNT THROUGH AN E-MAIL LINK

No matter how official an e-mail message looks, trying to access a financial account by clicking on embedded Web links is risky. If the e-mail is fraudulent, a cybercriminal could use the account number and password you enter to steal your identity or empty your bank account.

WHAT YOU CAN DO. If an e-mail asks you to update your password, account number, or other information, don't take the bait. Access an online account only by using your existing browser bookmark or typing in the institution's Web address. If you suspect an e-mail is a phishing attempt, forward it to spam@uce.gov and reportphishing@antiphishing.org.