Microsoft has found that downloads of malicious software are increasing due to psychological trickery, not hacking skill.
Through research revolving around customer use of Internet Explorer, Microsoft has determined that 1 in 14 downloads today are of a malicious nature. In other words: trojans, spyware, malware, and any other term used to describe programs that screw with your computer. In the past, one might have blamed these downloads on vulnerabilities in web browsers, but according to Microsoft most of it ends up being approved by users themselves through hacker mind tricks.
They're called "social-engineering attacks," and just about anyone using the internet has probably been hit by one. Instead of uploading malware to your computer just by visiting a website, these attacks will actually get you to be an accomplice just by messing with your mind.
For example, you visit a website and a window pops up saying: "Your computer is at risk! Press yes to scan using Malware Cleanser 3.5!" In reality, pressing yes downloads a malicious program that isn't trying to help you at all, and will haunt your coming days and weeks unless you're lucky enough to figure out how to delete it.
Microsoft and other companies are building databases to help warn customers about this type of download, but it's basically a neverending battle. It might seem worrying, but user-downloaded malware is actually pretty easy to avoid if you know what you're doing. The rule of thumb is to never trust anything on the internet ever, especially when it involves clicking "Yes."
Source: Microsoft Blog