DavidR
3
Whilst the web shield is very good at detecting these hacked sites with the injected script tags, iframes, etc.
If you are using Firefox, then you should be using the NoScript add-on as driveby downloads need to be run, generally through a hacked site, iframe or script tags, redirect, etc. by default NoScript blocks all scripts unless you specifically allow scripts on that page. So it pays to have protection in depth and the NoScript add-on adds another level.
You could go a step further and include the RequestPolicy (RP) add-in, which blocks cross site scripting, often these scripts aren’t actually on the page that you are visiting, but on another site with a call to run the script.
The RP add-on combats that cross site scripting unless you give permission, but some find this a bit too intrusive as some sites may have many cross site scripts