"Ordinary websites are fast-becoming a top security threat for PC users. Tainted Web pages first appeared in late 2005. Now, they're turning up as Google advertising links, on Wikipedia and elsewhere, "from top-tier names to mom and pop bakery shops...Cybercrooks are corrupting Web pages by the tens of thousands. By tapping holes in the Internet Explorer browser, they implant tiny programs that connect the PC of anyone who simply clicks on the tainted page to a "mother ship" server, often in Russia or China. That central server collects data typed into online forms — banking log-ins and shopping cart transactions, for instance. It also hijacks the captured PC into a network of compromised PCs, known as "bots," to spread spam.
In one recent sweep, security firm Cyveillance identified 50,000 corrupted pages. Websense estimates the actual number may be 10 times that..."