Something I don't think a lot of security professions are aware of is the trend of users being tricked by fake anti-virus/anti-malware software that is really malware! (apparently we now have a term for this: scareware) People are so concerned about getting infected, that they install software they think will protect them, when, in fact, its infecting your system.
A recent presentation I was at said that the largest vector for Macintosh malware is via such fake anti-malware apps. And, per another article, there is way more fake anti-malware on Windows then on Mac. Big surprise.
And it shouldn't be a big surprise that the bad guys are doing the same on smartphones as well.
HERE is a great posting at Sophos' Naked Security blog on a deep examination of one such fake anti-malware on the Android platform. Check it out. A good read, with some great information.