My approach to Internet security centers around not allowing the browser to execute code with admin privileges:

1. Never surf the Web under an administrator account. This is easy because I never have log into my Admin account -- Windows 7 makes it easy to work under restricted accounts.

2. Use a modern, secure browser. Never use IE because it relies on ActiveX controls which execute native code.

3. Always set the UAC to maximum security. Never turn it off. This may sound scary for Vista users (and anyone who has seen the brilliant "Security" ad by Apple), but actually it's much better in Windows 7.

4. Never install any software unless absolutely necessary.

5. When installing software, pay attention to the publisher signature of the .exe installer -- most well-known software companies have their .exe files signed. I once witnessed a situation where a co-worker downloaded what he thought was Skype but failed to notice that the .exe had no publisher signature, and ended up sending the bad guys $30 for "Skype activation". We had to wipe his PC right away -- the installation required an admin password so the .exe had enough privileges to install any trojans it wanted.

6. Always have an anti-virus software installed and running. I use Avast.