Many things actually. Care about computer hygiene. Don't download and execute files you are not sure about their trusted source.
Always be vigiliant about phishing websites (check address bar carefully).
There are so many rules that its hard to describe them all, experience matters here.
Good thing to know that I am not computer wizard that always looking for some application to download to modify computer set up. It is sometimes a help to not do anything about the computer except the monthly maintenance i.e. running computer virus scanner system. And definitely I agree with you stating that experience does really matter here. I have experience already getting phished out by an offer that lead me to disclose account details (not in BCT) including password of that account, its email and password. So, I am now more careful with hacking activities.