Browsing Safely
Safe browsing starts with good practices like using secure passwords, keeping an eye out for phishing, updating software and having a good firewall and anti-virus running. Some anti-virus packages include optional browser plug-ins and extensions which can help further protection. Even without these options, a good anti-virus will be hard at work monitoring all channels of communication between your system and the outside world, including all wired/wireless network, modem, and storage peripheral connections. Below are a few more good practices you can choose to follow.
Use Secure Websites
When shopping, banking or conducting other online transactions, be sure to do so only with websites that use secure connections. Upon initiating transactions, such sites will have their addresses preceded by the "https" protocol and a lock icon displayed in the address bar of your browser. This indicates that the server you are connected to is authentic and ensures that any sensitive information you exchange with it will be encrypted to protect against eavesdroppers and man-in-the-middle attacks. Clicking on the lock icon will specify, at a minimum, the registered domain name and the certificate authority (CA) used to perform the authentication, but you can opt to view the certificate itself for further info. This icon will be either neutral colored or green, with green being the most secure and indicating that the site has been verified with an Extended Validation (EV) certificate as normally used by banks and other large financial institutions. Be sure that your entire session of transactions is encrypted and that you manually log out when you're done.
Turn Off Scripts
When browsing unfamiliar or untrustworthy sites on the web, you can instruct your browser to not run scripts. This can greatly impair the functionality of the web page, even rendering it non-functional if it relies heavily on them, but you will essentially be safe from malicious drive-by installs. If you later feel the site is safe to interact with, you can always turn scripts back on. The easiest way to do this in Internet Explorer is to go to Tools/Internet Options/Security and set the slider to High while making sure that Windows Protected Mode is on. In Mozilla Firefox, the option to toggle JavaScript on and off has recently been removed, but installing another add-on such as NoScript Security Suite will allow you to do this quickly (you can also disable JavaScript through the use of "about:config" in the address bar, but you will have to do this every time). Google Chrome's own virtual script environment significantly improves protection against JavaScript exploits. You can also install Adblock Plus for each browser you use. This nifty application allows some scripts meeting certain safety criteria to run, but you'll have to explicitly whitelist sites you trust to run them all.
Check the Hyperlink
Be careful with hyperlinks offering to direct you to another website. A link's true destination need not necessarily match the link label. Hovering your cursor over the hyperlink will indicate the true target page in a mouseover or your status bar without having to click on it. Even then, the link may point to a domain whose name appears similar to, but does not match, the desired website. Try to familiarize yourself with the web domains used by applications and organizations that manage your computer's programs or sensitive information, such as your anti-virus, social networking, online banking and webmail providers.
Searching for Downloads
Often times search engines will list results prioritized by popularity (among other things) and not by official website. They may also list ads that will not be immediately distinguishable from the true results. If you already know the subject's domain name, use the address bar to manually navigate to the subject's website, or verify the URL in the search results. I will usually inquire after an unfamiliar company's site address through Wikipedia or YP before navigating to it. Once you've found the appropriate website, bookmark it if you'll be returning to it. By not confirming first, you increase the risk of inadvertently downloading fraudulent software or malware from copycat sites. This can be a major reason why some users complain about legitimate software having corrupted their computer when in fact they have unwittingly installed a fake version, trojan, or one bundled with malware.