Actually this is quite a nice write up if you want to harden your browser.

http://www.techsupportalert.com/content/how-harden-your-browser-against-malware-and-privacy-concerns.htm

The biggest culprits that spread malware, viruses and spam onto other computers and online are those that download bad material from visited websites, or copied on from external devices and fail to scan their computers regularly, transfer their bad material through disks and memory sticks in their workplaces and end up getting viruses in their email accounts that automatically send attachments and bad links to all their contacts or send what they consider as must haves by email or links to others who take the bait. No versions of windows can protect us from that.

Actually that's a popular misconception and it's no longer true, as I said earlier.

Most of the infection attempts I see (other than emails) are from hijacked links on legitimate websites. in other words, they've been hacked and instead of defacing the site or something, they replace a valid link with one to a host somewhere like China or Russia. User's don't normally question a quick lookup, look how many Google or Amazon links you go to just opening most webpages.

They are web attacks intended to exploit either unpatched browsers (any of them) or unpatched addons like Flash.

The email ones are easy to deal with.

The web based ones much harder, because they use sophisticated techniques to hide the download of browser-based malware, then encrypted tunnels to go back to a CnC server to download more malicious code.

Again: The key attack points are unpatched operating systems and software.

Just going around in circles. Different strokes for different folks.

Just going around in circles. Different strokes for different folks.

I'm afraid web-borne threats do not distinguish between "different folks".

The more holes you have, the more vulnerable you are.

Very simple equation really.