You've undoubtedly educated your users to recognize that when a window pops up, wanting them to install software, they should be wary. Well, those who spread the malware know this, and have taken to using different tactics to persuade users to install their malicious code. Because most people tend to put more trust into a "real person" - someone they interact with in person or even over the phone - these clever criminals are calling works on the phone and pretending to be support personnel, sometimes masquerading as Microsoft partners. They talk you into installing viruses, remote control apps, etc. under the guise of helping you cleanse your computer of a virus they've detected or a similar story.
Better user education is the only defense against these social engineering tactics, so be sure you touch on this in security awareness training for end users.