When I worked as a technician, I used to see 4 or 5 cases of Scareware per day. The most common method of distribution is P2P file sharing, where they are disguised as a program or something else (e.g. best_porno_ever.mov.exe) you want. As far as harm goes, they usually leave files alone and do nothing to technically damage your operating system. That would kind of defeat the point of their business model. However, some can replace your Google results, open porn popups on your desktop or insert adverts into your favourite social networking site too.
I never use antivirus, I find that the major "security" programs are the biggest resource hogs you can get on a computer. The best defense is common sense in this case; don't download things that look suspect, check hashes, use BitTorrent and check the reputation of the torrent uploader, watch your porn online instead of downloading it and so on. If you want to use a virus scanner, that's fine, just choose one that doesn't constantly run in the background and use it to scan stuff that you just downloaded. Also, most malware is written for Windows, I've never seen scareware or most other forms of malware on Linux or Mac (although I'm sure they do exist).