Very good advice for those continuing to use XP - or any operating system for that matter. I always say the same thing - you can have all the best anti-virus software in the world, but the user is the first defense against malware.
Unfortunately, the inherent insecurities in XP have very little to do with the user. The underlying code is ancient in technology terms and after 12 1/2 years, Microsoft is no longer going to patch the security holes. Every month that new exploits are developed and the holes are not patched leaves your XP computer more and more vulnerable. If businesses and individuals had moved off XP leaving a small target, I'd say it's probably not worth the time of the bad guys. But with XP still making up almost 30% of installed operating systems, my fear is it simply presents a much too tasty and easy target.
But I'm going to do like you advise and only use the internet very rarely. I took my XP computer off my network a couple of months ago because I just don't want to take the chance of it getting hosed. I have an image backup, but don't feel like dealing with reimaging my disk!
In my PC corner for the winter, gaming and knitting.