According to the latest research, a website infected with malware is detected every five seconds.
Websites poisoned with malware capable of infecting visitors' machines are being discovered at a rate of 16,173 per day - which is three times faster than in 2007.
Antivirus firm Sophos has published its latest research, which found that more than 90% of the web pages capable of spreading Trojan horses and spyware are legitimate websites.
Recently infected websites include those of ITV, Sony PlayStation and a golf page on the BBC site although the companies worked quickly to fix their security problems.
Sophos also claims that Blogspot.com, the blog publishing system owned by Google, was found to be hosting 2% of the world's web-based malware in June 2008.
Hackers were hosting malicious code on blog pages and also posting links to malware infected websites in comments.
The main security risk was caused by SQL injection attacks, which can allow Trojans and keyloggers to be automatically installed on visitors machines.
Senior technology consultant at Sophos, Graham Cluley, said: "Many businesses are increasingly putting themselves at risk by not scanning web activity and employees are going to these websites and getting infected".