For Firefox I an highly recommend the addon
NoScript
It allows you to state exactly what pages may use java, flash or scripts.
For example if you visit this the current page you are looking at.
Data is loaded from:
sinsofasolarempire.com
google.com
stardock.net
stardock.com
googleanalytics.com
twitter.com
facebook.net
Now, with no Script you can allow only the Java, Flash and scripts your really want to execute.
For me that means I tell NoScript to
Allow
sinsofasolarempire.com
google.com
stardock.net
stardock.com
Allow on this page only - normaly it is blocked but on this site it is not.
googleanalytics.com
Not trustworthy - those sites are always blocked wherever you surf.
twitter.com
facebook.net
Of course the decision what sites are allowed to do what is entirely yours.
I use it for several years now and never again had any browser hijacked.