Software from untrustworthy sources, such as P2P file sharing networks or cracked software, often contains malicious code. The malware becomes active when the file is opened or executed, mostly unnoticed by the legitimate user.
Use therefore only genuine software and take this as far as possible directly from the manufacturer or from a trusted source. Only apps from the official store of the manufacturer (Apple App Store, Google Play Store etc.) should be installed on Smartphones. Unfortunately, there's also been cases of compromised apps, therefore be careful.
Install only Software which is really needed to reduce the possible attack vector (more software means more security risks by potential vulnerabilities). Again and again vulnerabilities are discovered in popular browser plug-ins like Adobe Flash, which are not closed immediately and therefore represents a security risk at least for the unpatched period. Such vulnerable and critical plugins should not be used if possible or only be used only if necessary (disabled by default).
Note: Often just free programs are linked with plugins and third party programs. In the default installation these software are installed mostly unintentionally. Here, the user-defined installation method with the possibility of targeted selection of the software to be installed is recommended.
Use only software you know. Lately more and more so-called scareware shows up, so alleged protection programs, which can significantly affect the security of your system.
Before using software, make sure how it handles your data (which communication channels are established, which data are transmitted, are they stored in a cloud, which laws apply, etc.). For smartphone apps, note which authorizations they require.