Can you get a virus from simply visiting a web page? Yes, you sure can! This is something that was previously thought impossible... the delivery of a Trojan by simply accessing a web page. The user simply accesses the web site and "may" be presented with a download option (not always), however the download has already begun and cannot be stopped. What makes this dangerous is not the forced download but the fact that the downloaded program is run ... all without the user knowing anything is going on.
According to one expert there are actually a few ways to accomplish this; java script active x control (particularly HHCtrl...the active help control), perl, with an html 'internet zone' attack, and even a shockwave exploit.
However, it should be noted there is always a draw. The e-mail is the draw that sets up the web page and is the medium to draw unsuspecting users in. Usually something along the lines of "Did you know someone was talking bad about you? To check it out visit this web page."
At this time all such attacks are PC oriented but with the advent of OSX this may open the Mac up to such attacks since it will be running a UNIX shell.