The research from Avast says that landing on an infected website is as simple as looking for something innocuous on the web such as the NHS, roofing supplies and fireworks.
Avast's research teams discovered a grand total of 396 679 hijacked and malicious webpages during May.
According to Avast, its research division uncovered an overwhelming small business theme during May for the most infected types of websites.
Drawing on the collective intelligence service collated by its CommunityIQ network, Avast says that, during May, its software prevented more than a million users every day from accessing infected websites.
The number of visits to individual infected sites, meanwhile, jumped by 52%, with each site receiving an average 89 visitors – up from the previous level of 59. At the same time, the number of reported infected domains dropped by over 30% to 396 679.
Odrej Vlcek, Avast's chief technology officer, said that the results from the May analysis are bad news for the general public, as it means there are more infections at high profile, legitimate sites with a high visit rate.
"Small businesses are easy targets as they often don't employ in-house IT staff and tend to use basic hosting services with limited threat prevention technology", he said.
Avast is advising internet users to avoid using peer-to-peer and warez sites and services – 'cracked' copies of your favourite movie or game might contain more than you think, says the firm.
"Watch where you click. Don't click on all search engine results or pop-ups that suddenly appear on your computer. You might get yourself infected with a fake security programme", he explained.
"Stay up to date. Keep your browser and related programmes up-to-date with the newest security updates. This will reduce the opportunity for hackers to take over your computer through a known vulnerability", he added.