If a user trying to visit the popular search engine accidentally types "Googkle.com," they will open up a malicious web site that attempts to exploit known vulnerabilities in the web browser - mostly Internet Explorer - to drop spyware onto the machine, said Ero Carrera, F-Secure virus researcher.
On its web site, F-Secure urged users to not go to the malicious web site. As of Wednesday afternoon, the site was still up, Carrera said. Researchers have reported the site, which is owned by people with Russian names, to authorities.
F-Secure researchers have seen the technique used before, but usually the spoofed web site aims to make a political statement of some sort, not to install malware, Carrera said.