If you are using a well-designed and fully functional antivirus scanner/firewall product, it should detect some known security vulnerabilities. Unfortunately, browser exploits are frequent and varied, and it only takes one little change to bypass a scanner. Antivirus scanners do not have the greatest luck against browser-based malicious mobile code. Some software tools, such as Finjan's SurfinShield are built from the ground up to detect and prevent browser-based security threats, and as such, should be given higher consideration in an environment with a higher than normal risk of browser exploits.

Malicious mobile code often causes unexpected errors or warnings. If you are surfing a web site and all of a sudden an error message pops up saying something like, “Unable to access System Registry,” there is a good chance malicious mobile code is afoot. I also get suspicious if my browser warns me that unsafe content is attempting to access local resources. That said, most browser errors are created by legitimate, poorly written scripts or buggy browser code. When in doubt, try the next step.

On suspicious web pages, I often view ...