People on here are talking about attachments and being smart enough not to fall for sham downloads, but this isn't how most of ransomeware is spread to its victims. They use exploit packs and 0 days. Visiting a website that's been hijacked with an Iframe or a proxy that embeds an Iframe or any other data to the HTML that is returned could get you infected. There is no full proof way around this unfortunately.