Hi doktornotor and pondus,
Yes, user education will be our only hope in the end, the "malcreants"will register another thousands and thousands of domains and morph these "old wine in new sacks" malicious fake av malware to users launched from there or from hacked sites. If something is "too good to be true" there is almost always crime or malware behind it, and yes without the first elementary lines of browser security practices all browsers will eventually turn a user's computer into a malcode spewing zombie beast.
For the more aware the malware can be followed and added to anti-malware solutions from "the sites we do not want to name but are known to every security staff and some other resources", for instance with a "search query for this malware that would be: /viruses.php?virusname=W32/FakeSec.B.gen!Eldorado&sort=first%20desc", keep an eye on the sparrow at "herbivore" (joke), there really is no excuse not to have the latest definitions as the binairies get unfold...
polonus