I came across an interesting first-person story over on ComputerWorld, from a security manager who ended up in the somewhat embarrassing position of being infected with malware. This is the insidious type of malicious code that pops up warnings and hijacks your web browser to try to get you to download software to "fix" the problem (for a fee, of course). It sounds like something that could easily happen to users who aren't tech savvy, but how does it happen to a security pro whose system is up to date and running antivirus software?
It's called FakeAV and it masquerades as the Windows Security Center. Why didn't the author's real AV detect it and prevent it from installing? Apparently the number of variants are fooling the anti-virus programs, and you can get infected simply by doing a search on Google. As the malware gets more and more sophisticated, nobody will be safe. Read more about it here: