NO SELF-RESPECTING information worker on Earth will claim to have never fallen prey to malware at some point or another during her life with computers. It is the one inexorable truth about the information age: if you want to succeed in it, you've got to be prepared to take a scare now and then.

Luckily, most modern IT environments already have state-of-the-art anti-virus systems in place, and most modern email clients and browsers have built-in fail-safes designed to prevent computers from being infected by serious viruses such as worms and trojans. However, these measures are not foolproof, as many a user has already discovered.

For example: while ISP email filters generally prevent emails with .EXE attachments from getting through to end-users, they still let .ZIP attachments through, which can be just as dangerous to unsuspecting users. Also, unless a website is already listed on your browser's "block list" (a list of URLs that have been reported as hazardous by other users around the world), you have no way of telling whether or not a so-called recommended link in an IM message is going to infect your computer.

So, what can you do?

Defend Windows
You can start by defending Windows itself.

While dedicated anti-virus shields can keep your computer secure against more sophisticated (and less pervasive) malware such as trojans and worms, it is nonetheless comforting to know that if something does manage to slip through, then Windows Defender is there.

"Windows Defender is aimed at spyware and adware rather than true computer viruses," explains Gary Chew, a certified ethical hacker and network security consultant. "You can pick up these types of malware while surfing less-wholesome parts of the web, and they often squeeze past conventional anti-virus solutions because they operate at a different level than real viruses."

So, turn on real-time protection in Windows Defender, and while you're at it, sign up for a Microsoft SpyNet membership to help the developers improve the tool.

Upgrade to Internet Explorer 8
According to statistics from Trend Micro, 53% of malware attacks are now delivered via internet downloads compared to just 12% via email. This may be largely attributed to the improvements in email filters and security over the years while browsers grappled with evolving web threats such as rootkits.

Happily, it looks like Microsoft's Internet Explorer is ready to take on the challenge of dangerous websites. A report by NSS Labs, an independent online security-testing organization, found that the mean block rate for malicious URLs for Internet Explorer 8 stood at 89%, versus Safari 4 (34%) and Firefox 3.5 (32%). The authors of the report suggest that this vast superiority is largely due to Internet Explorer's SmartScreen® Filter technology.

"The test results also found that Internet Explorer 8 caught 85% of live malware threats, which is outstanding," says Chew. "Safari 4 and Firefox 3.5 only managed 29%, while Chrome 4 only scored 4%. IE 8 is clearly more secure than any other browser out there, and organizations should upgrade the browsers on their employees' machines as soon as possible."

Keep unwanted email out of your system
While nasty websites and the occasional errant thumb drive might be to blame for many malware intrusions, the real threat within organizations comes from email.

Malware delivered by email typically arrives in the form of a compressed file attachment such as .ZIP or .RAR. These files are actually disguised executable files, and the moment you open them, you unleash the virus.

"They are getting cleverer these days, though," comments Chan with a wry smile. "Sometimes, the ZIP file itself is legit, but it contains an .EXE file disguised by Excel or Word icon. And if the Word or Excel document is legit, it contains an embedded .EXE as an object within the document. Double-click on any of those things, are you surrender your computer."

But while keeping your organisation's anti-virus solutions up-to-date might seem to be the only way to beat email-delivered malware, Chan believes that organisations can go a step further to beat the threat.

"Initiate a 'no ZIP/RAR attachments allowed' policy within your Junk E-Mail Filters, and then make an exception for one email address handled by your IT department," says Chan. "If someone does need to send such a file over to an employee, they can send it there. The IT department can then forward it to the user after verifying it."