In its 'State of the Internet Security report' for the last half of 2009, the security vendor said mass injection attacks were down 3.3 percent on the first half of the year, and instead there had been a surge in focused efforts to drive web users straight to malicious sites.
The research revealed there had been a 225 percent surge in the number of malicious sites on the web, while 71 percent of these websites were legitimate sites that had been compromised.
Furthermore 35 percent of all malicious web attacks included code designed to steal sensitive personal data and 58 percent of all incidences of data stealing took place on the web.
Websense also said 95 percent of all comments on blogs, chatrooms and message boards are spam or designed to infect a user's PC with malware, while more than four out of five of all emails received are spam.
Carl Leonard, Websense's senior research manager, said: "Over the past six months, we've witnessed a change in the strategy employed by malware authors, championed by the continued growth and popularity of web 2.0 activities".
"The hackers are becoming smarter, exchanging the traditional scattergun approach for carefully considered attacks, targeting fewer websites with higher traffic and multiple pages generating a more effective and efficient attack."