Not just the newspaper sites
In the past three weeks or so, I've seen a huge uptick in phish and malware hack attacks against all sorts of sites which permit user interaction, from social networking sites to forums to special-interest sites. The bad guys are increasingly seeding such sites with redirectors to malware downloaders, phish pages, and spam pharmacy sites.
Last week, I started receiving nearly 800 emails a day on one of my email accounts, all spamming URLs belonging to social networking sites (the majority hosted on Ning), bulletin boards, newspaper comment pages, and so forth. About half the redirectors seem to be leading to spam pharmacy sites; the other half are about equally divided between virus downloaders, faux antivirus downloaders, bank phish pages, and affiliate porn sites.