HTML, by its own, is a mark-up language to control the layout of Web pages. Raw HTML cannot be viral, so browsers supporting only pure HTML are not at risk. It is therefore, the so-called ' HTML virus ' is unlikely to be a real world incident. The real threat comes not from surfing the Internet but from downloading viral programs from the Internet and executing them.
Nevertheless, most browsers now support other scripting languages in addition to HTML. And the so-called ' HTML virus ' usually takes advantage of these scripting languages. The script virus usually uses Web pages as a vehicle to reach the machines of the victim. The most common script virus nowadays is VB Script virus, which has been discussed before. The three HTML viruses - Offline, Redirect and Prepend - found in November 1998 are typical examples. Written in VB Script, these three viruses will exercise their payloads if users open infected htm or html files.