Getting Back to the Basics: 10 Tips for Newbies
Never hand-type your address. If you copy and paste your address, do it in incognito mode and still take the time to double check the address. This attack has not been seen yet, but a lot of Chrome extensions have access to the information that you copy and paste. Most extensions do not have access to incognito tabs by default but you can change this in your settings. (Contributed by @RaymondDurk - Thank You!)
Use the version of your address that has uppercase letters. Ethereum address has Lower and Upper Case Letters
Never hand type your private key / keystore file / mnemonic phrase. Triple-check the words for mnemonic keys if hand typing (there are still mistakes you can make).
Always send a small amount of ETH, ensure everything goes well & it arrives at the destination you wanted it to, before sending all the ETH.
For new wallets, especially cold storage, send small amount in, send small amount out from new wallet, before sending full amount in in.
Save and back up your private key in a separate location BEFORE sending ETH/Tokens to it.
Never email your private key.
Never post your private key on Reddit, Twitter, Slack.
Never store your private key on Dropbox or another cloud storage service.
Double & triple check your work. Look at what you are sending. Look at how much you are sending. Look at what address you are sending too.
One of the safest & easiest ways to store your ETH, Tokens, ETC, BTC, and many other coins is via a Ledger Nano S or TREZOR. The device itself holds the keys and signs transactions for you. This ensures your keys aren't ever on any internet-connected device. Phishers can't get them. Malware can't get them. Keyloggers can't get them.
(Seriously, even if it's sold out, pre-order it now, it's worth it.)