No website is 100% safe proof; a website may get infected or hacked for countless reasons. An infected site can easily be detected, but the most important part is to repair the damage done as soon as possible so as to avoid further system abuse.
Usually when your site is hacked the hacker would shut down the site by altering the home page. But today the hackers use a different trick they infect some part of the site so even when the website is compromised it is still operational.
Apart from the website owner the hacker will also have access to the site and occasionally will alter codes with intension of phishing or injecting malicious code also called malware. The malware will then attack user’s computer that is accessing the website.
How can one know if their site is infected?
If you are not using Google Webmaster Tool (GWT) you should do now. GWT comes with a feature called malware warnings. Since Google bots keep crawling majority of your web pages they can easily detect abnormal behaviour. On malware detection Google will automatically send email to the webmaster. Website owners can also see the warning when they login into the Webmaster Tool.
Malware or Badware detection is done using guidelines by StopBadware.org, apart from this Google also has its own set of criteria to determine if the host is infected and distributing badware.
If your site is compromised you should immediately fix it. Also Read, How to fix and clean hacked or infected website.