Checksum functions go through every bit (as in subset of byte) of a file and include it in a calculation. If a single bit is off, the final number will be hugely different; if your checksum calculation is different from the posted one, then something happened to one (or more) of the bits while the file was being transferred and the file has been “corrupted”, which can cause errors of different levels depending on just what the corruption is.

Checksums are posted next to where a file can be downloaded because they are extremely small in comparison to the file. So if somebody is unsure about a file’s integrity, they can just run a local checksum function and compare it to a single number (which will be smaller than even the page hosting it) instead of downloading the entire file again (which can be arbitrarily large).

Edit: there is also purpose in using checksums to ensure a file is actually what it says it is; renaming a file to make it look like something desired while actually being a virus is a classic malware attack. It is extremely difficult to change an average file without changing its checksum, so checksum verification is also used to reduce trojan horse type file changes.

(checksums are also used locally by programs to make sure files haven’t been tampered with; if a game doesn’t want its users to cheat by editing save files, they can use a checksum and only load save files that are verified, as an example)