The Internet is like a giant shopping mall littered with hidden land-mines. As long as you stick to the mapped out walkways, you're generally pretty safe. But wandering off the beaten path runs you the risk of encountering something nasty. And, of course, every now and then a few land-mines end up in the J.C. Penny's or the line at the Sbarro.
Allow me to clarify that peculiar metaphor: Google Image Search is just, like, swarming with malware. Over 5,000 hacked sites have been identified by Denis Sinegubko, a Russian malware researcher. He estimates that Google sends about 15 million people to infected websites through GIS every month.
Here's what's happened. Some very clever, very nasty people found a way to embed websites with malicious code and fill them with key search terms to keep them at the top of Google Trends. These sites grab pictures off of other sites and use them (alongside spammed search terms) to attract traffic. You GIS "Snake eyes figurine 1994", find a picture that looks like the one you want and click it...only to find yourself in the grip of an attack site.
An app is currently in development for Firefox that will identify these booby-trapped images with a red border. But for the immediate future, vigilance is the only way to avoid harm. If you find yourself stuck on a fake Anti-Virus Alert site, your best option is to immediately close the browser. You can use task manager or Ctrl+Alt+Del or even mash the power button while screaming. Although I don't recommend that last option.
If you'd like some added protection, NoScript for Firefox provides the best protection you can get. It allows you to decide which sites can run active content, and also gives you a great deal more control over what kind of a resource hog your browser is. There's no similar addon in Safari, but Google Chrome has Not Scripts. Which is kind of similar, but not nearly as good.