[my69thaccount]

1. the file is replaced with a malicious version on their server and not checksummed

2. copy/pasting includes invisible characters that aren't seen until executed

both of these things happen regularly

orthogonally, curl|sh (usually) circumvents the package manager and makes uninstallation difficult