The rogue site is gone now, but the screenshots of it demonstrate a reasonably effective social engineering page. The clumsy English grammar might have been a giveaway to a careful reading by a fluent English reader, but perhaps not noticeable to many people. It looks so similar to the Firefox warning page that I had to examine it carefully before I realized it was bogus.
I'll keep telling my friends that don't know any better yet, "Don't accept any software installation offered to you by a website unless you asked for it." And I've given up typing urls in the address bar. A simple typing error could take me to a rogue site. I only use bookmarks and search engines now.