The "mom and pop" sites point rings amusingly true for me.
Around a year ago, my dad went through a wave of really nasty malware infections. The ones that block your AV software, redirect your DNS and generally embed themselves right across the OS.
Now, my dad has historically been a bit of a malware-magnet. He falls into the category of "knows just about enough to think he knows everything", which used to lead him into some really poor security practices. But after a really nasty infection in 2012 which resulted in him losing quite a significant chunk of personal data, I thought he'd finally learned his lesson. He was keeping on top of Windows Update, keeping an updated AVG install, running weekly Malwarebytes scans and had finally, finally, stopped opening dodgy e-mail attachments from his perpetually-malware-infested dickhead golf-buddy friends.
I'd also put him on an adblocker. I wasn't using one myself at the time (though I am now), but I was sick of making the 4-hour-each-way journey to his place to fix his machine, so I'd held nothing back.
So a wave of four or five infections in the space of a month came as a bit of a shock. What was surprising was that he was getting re-infected very quickly after each disinfection (including one which involved a full format-reinstall of Windows).
Eventually, after going through his browser history after two consecutive infections (and half-expecting to find a megaton of pr0n), I track down the source.
And it's not pr0n, it's his bloody family history club website. Some online forum he participates in for people who are trying to trace their ancestry in a particular area. It has under 50 regular participants. It also has a prominent notice about how much the site depends on advertising income to stay in operation and asking users to disable or make an exception in their adblocker (with instructions on how to do so).
My dad has, of course, been making an exception for this site, which is then pushing a remarkably concentrated and toxic cocktail of malware-infested ads almost every time it is accessed. We actually ended up on the phone to the guy who ran the site, begging him to switch to another advertising provider. He wasn't exactly enthusiastic, so the adblocker remained in place. Don't know where things have got to since then.