Indeed the most important rule for NEO security is to trust no one when downloading your NEO wallet and therefore only download it from the official NEO website or from the official NEO Reddit wallet list on the right side of the page (which is not visible on mobile phones). Also never download any random programs from random individuals on cryptocurrency forums as they could contain keyloggers. Ensure you have a proper virus scanner (could be Avast or Avira) and a program against malware such as for example MalwareBytes. In case anyone accidentally downloaded such a program, ensure you have neutralised the threat before logging into your wallet (if you intend to login at all). Personally I do not even store my wallet file on the computer, but instead have paper copies of the private keys and storage of the .db3 wallet file on external storage devices located in most secure locations. I only check my balance via NEO blockchain explorers. For anyone who plans to hold long term something like this might be one of the better options besides hardware wallets (which is in development).