Well, DNS has not changed much over the last 20 years. It was never designed with security in mind. Normal address resolution normally goes over UDP which makes it even worse and susceptible to spoofings attacks. DNSSEC is meant to solve some of the issues by implementing some cryptographic checks. But all dns clients and servers will need to be updated and the implementation will not be easy. So it's not for tomorrow.
Today, I stumbled upon OpenDNS. It has nothing to do with DNSSEC but it can also improve your security. The first feature is being an alternative for the DNS servers from your provider and they provide an intelligent cache of most DNS information. Thus providing excellent DNS resolving speed. They respect the TTL of the domain anyway.
Secondly, they include a phishing filter and typo correction. I fooled around with the typo correction and it didn't impress me.
What I found more interesting was the phishing filter. Apparently it's actually Phishtank: a community based phish verification system where users submit suspected phishes and other users "vote" if it is a phish or not. Phishtank is also used by Opera.
Bit with OpenDNS, you don't need new browsers or new plugins/extensions. Just fill in the following DNS server in your PC or home router/DNS forwarding server