Turn on two-step verification:
This means giving Microsoft , Google your mobile phone number .This will make it harder for “hackers” to access your account even if they guess your password because if they try to sign in on a device Microsoft or Google doesn’t recognize, they’ll be asked for an extra security code (which you can get from a special app on your phone, sent to a different email address or via SMS text message).
Use a strong password and change it often:
Make sure your password contains a mix of letters, numbers and symbols, isn’t a complete word and is different than the password you use on other sites. Be sure to change your password often.
Watch for suspicious activity on your account:
The “Recent Activity” page on your Microsoft Account shows recent sign-ins and changes to your account, and allows you to let Microsoft know if you were not the person making these changes.
The Security page in Google will show recent activity on any devices that have a Google Account
Be careful of suspicious emails and websites:
Don’t open emails from unfamiliar senders or email attachments that you don’t recognize.
Be careful when downloading apps or files from the Internet, and make sure you know the source.
Keep your computer software, including your Web browser, up to date and run an up-to-date anti-virus program:
For Windows PCs, you should turn on Windows Update to ensure your PC and Microsoft software stay up to date and check it on a regular basis to make sure it is active and working.
You should install a reputable anti-virus/ anti-malware software.
Both Windows 8.1 and Windows 10 already include free anti-malware software called Windows Defender.