Model

When you enter the website URL in the browser, it requests the corresponding IP address for that URL from the ISP's DNS system.
The ISP Gateway's Firewall forwards the request to the requested DNS system, which finds and returns the IP address of the site to the browser via the ISP Gateway Firewall.
The Browser requests the content from the returned IP address, via the ISP Gateway Firewall.
The website at the returned IP address replies to the browser with the requested content, via the Gateway Firewall.

The link you clicked on or entered might connect to a CyberScum site instead of what you expected. This site might return malware to infect your computer, which might do all kinds of unpleasant things, such as sending all your passwords and files to the CyberScum and/or making all your files unreadable and your computer unusable.

Check the destination URL before you click. Does it look legitimate?
Trust the ISP DNS system to check for malware at the IP address if finds for the URL, and return an error rather than the IP address it found.
Trust the browser you use to check blacklists for the URL you enter or the IP address that's returned by the DNS server, and redisplay an error if found instead of processing the request.
Trust the ISP Firewall to detect any malware in the site content as it's being returned to your browser, and if found, display an error message rather than returning the malware.
Trust the Anti-virus program you installed on the computer to prevent any malware from executing, and to detect all malware when scanning your memory.