VitalSecurity.org has come up with an interesting scenario. In it, the user goes to a website using Firefox, Mozilla, Netscape, Opera, or Netcapture and Sun's Java Runtime Environment. A pop up message shows up asking the user to install some software to view the website correctly. The dialog box specifically warns the user not to install the software, but let's pretend the user doesn't read that message and installs it anyhow. The installer begins downloading a shitload of adware, spyware, and malware and installs it in IE...even though IE was locked down with a locked HOSTS file that warned about this site and Spyware Blaster was installed. The wares installed were from the usual sources.
It's a scenario that experienced web surfers might not fall for, given the warning messages, but the average user might. Ugly...and it shouldn't happen, but it does...once again, user beware!