iMore explains Once again: Why you shouldn't blindly install things on your Mac.
It seems that people who accidentally misspell a URL and end it with .om versus .com are being redirected to sites that only exist to serve malware. Sites many of us visit every day have been spoofed, such as Citibank, Dell, Macy's and Gmail. Our testing hasn't seen the issue on the listed sites, but it's always better to be safe than sorry."
The only popups I run into that tell me to install something are for flash and they've always been legit. But still, whenever I see one I never click yes in the popup, instead I dismiss it, open the flash system preferences on my mac and install from there. That way I know I'm going to the real site.
I'm also mostly immune to the described attack because all such sites I regularly visit I have Safari bookmarks for and to visit them I use the bookmark via Quicksilver (Spotlight will serve the same function). The bookmarks also include HTTPS so I visit them securely.