Why is this website trying to connect to some of my bookmarks?

I would bet that this is http://en.wikipedia.org/wiki/Cross-site_request_forgery instead of XSS, but I'm just nitpicking. This is still one site trying to screw you over and steal your money/information. And it doesn't matter what OS you are using. mac, linux, freebsd, whatever, it doesn't matter since this attack just involves stuff in your web browser. The attack is just hoping that you didn't click the logout button from your bank website and the authentification cookies are still valid. If they are, the attacking site makes a request to your bank, and your web browser will attached the auth cookies to the request and perform the action requested. This is the reason that you should always click logout, and that many sites have the timeout to log you off. Also, a good idea to clear out your cookies before you go browse any slightly questionable parts of the web, though that isn't complete protection.

No need to panic monger, the chances of it hitting on exactly that list of sites randomly is tiny, and if there was a browser bug allowing the site access to your bookmarks you'd have heard about it. The most likely explanation is that your browser is loading the favicons for your bookmarks (the little pictures that show up next to the URL), and your software firewall is configured to alert you about https but not http, so only the "secure" sites show up in the warning.

fvw, I don't know why the favicons would all be loaded when you visit this specific site. I'd think you'd see it either loading everything at random times, or only loading for the sites you visit. The original post makes it sound like the connections happen only when he looks at a specific page. anon, you might try removing one of the site that it looks at from your bookmarks and trying again. If it stops trying that site, it would seem to be your bookmarks that it is looking at. If not, it is more likely that it just happens to be trying sites that you have bookmarked.

The best habit to get into is this: whenever you visit a secure site, especially one that has access to your money, then when you are through kill your browser session. Terminate the program. Then start another one before you visit anything else.

http://www.siteadvisor.com/sites/sggirls.com. That's not a 100% guarantee, but the site has also been around since 1999, so it's not some fly-by-night operation. I would scan your system with a different virus checker than you usually use, and Ad-Aware as well. You probably picked up a BHO somewhere.

Hmm, was going to recommend NoScript, (http://noscript.net/) but I see you're a Mac user. Can anyone confirm whether or not NoScript is useful for Macs?

NoScript is definitely useful for Macs. Like all Firefox extensions (at least all that I'm aware of), it's platform-agnostic. Although it's somewhat less likely that you'll pick up a trojan or rootkit on a Mac, you're still vulnerable to CSRF and CSS attacks. NoScript is the easiest way to prevent them. (NoScript blocks all JavaScript except on whitelisted pages, but gives you the ability to temporarily enable it on any page when you need it. Very nice -- I use it everwhere and recommend it to everyone.)