Sad, but true. If you use email and/or surf the internet on a regular basis, then a firewall is a must, as is some form of spyware checker and anti-virus software.
It's highly unlikely your PC will be targetted specifically, but you may fall victim to a random attack.
Email viruses are common, but their damage can be reduced by the use of anti-virus software and common sense, e.g. don't open messages you are not expecting or look susicious.
Spam can be reducd by setting up a separate email account for on-line forms or purchases. Then only give your personal email address to people you trust, e.g. friends or family. Also, if you do get spammed, never reply, even to remove yourself from a 'supposed' list. You could try software to filter and bounce unsolicited emails, like Mailwasher.