"Check before you click"
There are a lot of malicious sites out there, and they have innumerable ways of getting to you. Some of them give you the software that you need for free (pirated) and they would have put a payload of malware, trojans etc. in it. Or many pornographic sites have had a history of installing random toolbars and embarrassing spyware on your system, some sites that redirect you to some other sites, some lawyer or old lady who has a large amount of money wanting to share that wealth with you for some strange reason (scam, incidentally) and so on...
Of course, you are aware of these. I just found a new one, and thought I must share it with you guys. I got a mail from facebook, which the facebook team had sent. A very neatly designed mail, that masquerades exactly like the facebook type pages. Just have a look at it
It says that the facebook tem has sent me a message. It also has the mail domain name as facebook. It also has a link that shows facebook. However, when you move the mouse arrow over it, read the link to which it is pointing to in the status bar. This is not facebook and is some malicious site.
Set your browser security settings to high, and install an antivirus as well, just to be careful. Of course, another typical workaround would be to type the link that has been sent rather than clicking. This, I don't believe is feasible because the links are typically too long, and have too many random characters, and we are just plain lazy to type to press so many buttons, when we could have just pressed one.