Essentially what happens is that a hacker finds a security hole somehow, gets inside your website code, and loads scripts that auto-generate links and even fake pages that are immediately redirected to other websites. Your site becomes a link-generating drone, controlled by hackers from Russia, China, Korea or who knows where.
And don't assume that just because the site is not an ecommerce site that it's safe. This activity is NOT about trying to get credit card numbers or customer lists.
It's solely designed to game the search engines by creating links to the hackers' adult, ringtone or pharmaceutical sites (and by pharmaceutical, I don't mean Eli Lilly's website, I mean that shady site supposedly selling oxycontin without a prescription).
Here are some articles on this topic:
Hacked: It Could Never Happen to My Site (Famous Last Words) This is my own experience with similar type of hacking.