Earlier this year users mistyping the Google.com domain name were diverted to web sites that installed malware on their computers. It appears the problem still exists, this time with a twist. There’s a worm that will automatically forward your browser to a Google-look-alike site no matter what you type in. When you search on the spoofed Google site you get normal search results but the sponsored links on the page are substituted with the worm author’s own paid links. Apparently it doesn’t hurt your computer, but just enriches the worm author if you click on the links. Also, people mistyping the Google.com domain are landing on the spoofed version.
With so many people typing in Google.com each day, Google will just have to register every possible misspelling known to man. But even that won’t prevent stealth tactics like the worm redirect.