When you are logged in as an administrator on your PC or Mac, you have the ability to do anything on that machine including: setup new accounts, install software, and raise or lower internet protections such as: firewalls, anti-virus software, etc. So, if you should download malware embedded within some music, video, flash file, or other program you download, that malware will execute with administrator privileges on your machine and will have similar capabilities!
In addition, the download of malware could simply happen by just visiting a webpage on a website that has been unknowingly hacked. It is estimated that this is the major method used today and that 1 out of every 1000 webpages has malware embedded in it! It is additionally complicated by the banner advertising that is displayed on websites. Those websites often don't tightly control what banners show up, and hackers use hacked accounts to pay marketers (without the marketing company's knowledge) to have their malware embedded images flow through the marketing system and onto all these webpages.
Now if you use a non-administrator privileged account (when you set up other accounts, be sure NOT to give them administrator rights) then the non-administrator account can be used as a safer way to regularly surf the Web and do your business. If malware is downloaded by accident, it will only be able to do little or nothing if it does not have the privileges to do so.
Of course, you will still need your administrator account to install software, etc.
On Windows machines to get to the screen where you manage user accounts the menu path would be:
Start --> Control Panel --> User Accounts
In Windows XP the screen might look like this:
If you don't already have a non-administrator account, you can click on "Create a new account" and then set it to NOT have administrator privileges - in other words a "Limited account".