The how involves some html coding experience, prefferably with some knowledge of scripting.
Internet Explorer has some pretty nasty bugs, some of which are not patched up to today.
Some of these bugs are just annoying (causing the browser to crash) and some of them are truely dangerous(local file execution/reading/deletion).
To find out how they exactly work you can dig true security mailing list archives.
To prevent these kind off exploits it is a good policy to set all active scripting to disabled or at least to prompt. You can also try to use a different browser then IE. Although they might have bugs also I have experienced that they get solved much quicker in most instances.
Also you need to keep your software up to date. This helps prevent being bugged .
And then it is good policy to run a firewall and anti-virus software (perhaps anti spyware, anti trojan).