One of the strangest facts about fighting spam is that most spam comes from people who aren't even aware that they are doing it.
There are eight types of problems I deal with at work, and the top two are people spamming without even being aware that they are. See, the spammer lost access to audiences with his own accounts long ago. Either his ISP doesn't tolerate it and booted him, or does tolerate it and was blacklisted, so all his emails fall into the ether before reaching his customers. So instead, he infects people with a virus that gives him the passwords to their accounts, and spams in their name. When this doesn't work, the spammer resorts to guessing passwords, just in case someone decides to use "password," "123456" or their username as a password, because a shockingly high number of people do.
Alternatively, botnets can hack a number of popular installations with remote file injection, and the spammers love to insert mailer scripts into these. mailer scripts that send out hundreds of thousands of emails before being noticed.
The best protection against the first kind is to regularly scan your computer for viruses, using any one of the anti-virus products in the market, most of which you can at least try for free. Use a strong password, such as the first letter in the lines of your favorite poem or song in random capitalization, with a number or punctuation mark, and at least 12 letters long.
To prevent the second one, make sure your content software is up to date. Many packages even allow auto-upgrading, informing you if they are out of date and providing a handy upgrading button so that you can order it if you wish.