The latest State of the Internet Report (PDF) from Websense warns that many popular social networking, search engine and web 2.0 sites have suffered temporary infection with cyber-tricks such as data-stealing code and hidden redirects.
"Attackers are forgoing creating their own malicious sites and targeting legitimate sites that have a built-in base of visitors," said Dan Hubbard, chief technology officer at Websense.
"There is an element of trust in the web 2.0 world that the sites we frequent every day are safe, but attackers are taking advantage of the 'good reputations' of sites to launch attacks."
The validity of the URL does not matter any more, according to Hubbard. "It is all about the dynamic content that is served up on the page," he said.
To use the internet safely, organisations need web security protection that can analyse content on the web page in real-time, he added.