Windows 98 is lousy for local access security, and pretty abismal for remote security too. However, the following do's/don'ts will make most machines secure enough for normal use:

1. Install a good Anti Virus product and run it periodically.
2. Install a good firewall (e.g ZoneAlarm
3. Configure the firewall to only allow IE/Outlook Express (or whatever browser/mail clients you use) to access the internet.
4. Apply all the official MS patches.
5. Don't install 'Ad ware' programs.
6. Disable file/printer sharing! (v. important)
7. Don't run a local server (e.g. Apache) or host webpages on your machine.
8. Upgrade IE to the latest stable version (also v. important)
9. Don't install shareware unless it's from a trusted source
10. Don't install pirated software (this is illegal as well as potentially insecure).
11. Don't rely on Windows' passwords to secure your computer.

Obviously, your machine may still have some vulnerabilities, but if you at least take the above steps into account then it will be much more difficult for lamers/script kiddies to break into your system and most will move onto an easier target.

Of course, upgrading to Linux will solve most of these problems, but that's another story...