Yep, seen that!
Girlfriend was looking for at bike shops and the top link on a google search (which looked completely normal until clicked) opened what looked like a finder window complete with nasty looking stuff in it, downloaded a package and popped up the instalation confirmation dialogue!
Well, that caught my attention and a swift 'let's not do that!' stopped what might have been bad news.
As more people are drawn to a platform I guess we can expect ever more attempts to dupe the innocents.
Bastards! (malware producers, not the innocents)