Read somewhere that none of the Anti-Virus programs are currently able to block this particular trojan, with the exception of CryptoPrevent.
And the users being careless... well it is difficult to answer. The virus is mainly being spread through emails. The crooks will send emails which look exactly like the one which comes from your Bank or your Employer. If you open the files attached with the mail, your system will get infected. On a first look, the attached file just looks like a PDF file. But be careful! The extension is not *.PDF but rather it is *.PDF.EXE