Is your site secure? Do you have trusted hosting? Hackers are having a field day this year with sites that are vulnerable to attack. Your site can be vulnerable due to old extensions that haven't been updated. So for instance, that blog feature or twitter feed on your site that was installed two years ago has had security updates since, but they haven't been updated on your site yet. This would create security holes on your site where hackers could get in and insert malicious code.
Maybe your site passwords are way too easy to crack. Make sure that your hosting login, database login, ftp login, and site logins are at least 12 alphanumeric characters and throw in some special characters, for example this is a strong password, hTue53yStw@! and this is super weak, kelli4.
Your hosting is not reliable nor secure. Before choosing hosting make sure your host does regular backups of their sites. Call their customer service and see if they are responsive and helpful. I judge hosts off the ease of use of their control panel when you login and their customer service. I truly recommend Godaddy, I know their ad campaigns can be racy but they have the best customer service. When I have to call them on behalf of a client they always know what they are talking about and the customer service rep will email you after the call to see if you have any other questions or concerns. You really can't beat that.
If you can afford the extra fee, pay for a more secure environment for your site files by upgrading your hosting package. This way the host that you already pay monthly is working for you daily by making sure your site has an added barrier of protection. In the long run this is cheaper than it is to get your site fixed after it has been compromised. I have seen it all this year, hacks have included sites redirected to malicious sites that would download a virus on a users computer, sites filled with popup ads, a joker image added to the front page with scary text saying "You've been hacked", searching for the site in google would pull up an error page. You want to avoid these type of embarassments and confusion so that your customers can always find you on the web and trust that your site is safe to browse and use.
This year I have been performing many upgrades of Joomla 1.5 to Joomla 2.5. If your site is still on Joomla 1.5, it would be in your best interest to have it upgraded as soon as possible so that you can trust that everything is up-to-date. A website is not a thing you publish once and let it sit, it has to constantly evolve and be maintained just like your business.