Wrong Keystrokes Can Lead You to Money Extorting 'SpeedUpKit' Scareware Scheme

We have all had it happen to us at some time. We type in the wrong web address in our web browser and poof, the wrong site loads up and we have a moment of slight embarrassment or confusion. The outcome of these situations is mostly dependent on the type of site that mistakenly loads on our screen – sometimes it is bad and other times it is really bad.

Unfortunately, the bad part about typing in the wrong keystrokes for a web address is that hackers and cybercrooks thrive on our missteps and exploit many commonly misspelled sites or typos. In those cases the typo sites to lead us down a path of utter destruction or mayhem. There is a name for this practice, and it is called typosquatting.

Typosquatting is a URL hijacking exercise when hackers and cybercrooks violate consumer protection laws and infringing on trademarks all by conjuring up a website that uses a name similar to a big well-known brand. As an example, typing in the website name flickr.com may end up with a common mistake of typing in "flicker" or "flickre." Fortunately, for one of those misspellings the flickr site owns the domain (flicker.com) and it will happily redirect you to the real site. For the other one (flickre), it may land you on a site that is writing in a different language and is flooded with links that have questionable content.

In recent events of hackers using aggressive typosquatting techniques, computer users are ending up on a page that promotes SpeedUpKit, an application that claims to clean registry entries and junk files from a PC. SpeedUpKit, in the recent forms we have seen it in, is a scareware program designed to ask for a payment of $30 to perform a clean-up function on your computer to supposedly fix registry issues and junk that it finds on your system. In reality, SpeedUpKit has limited functionality – just enough to entice computer users to the point that they end up paying the $30 for application registration. Essentially, SpeedUpKit can be classified as nothing more than a money extortion tool that does very little to rectify any type of alleged issue or cleanup of junk files.

The SpeedUpKit typosquatting scheme has been a broad attack on companies such as Adobe, Google, Microsoft and New York Daily News and Wikipedia. All of those names have several of misspellings that cybercrooks are taking advantage of to wage their typosquatting war.

Through DomainTools' investigative efforts, they have found these massively large companies to be among those targeted in the recent typosquatting scheme. Within the sites that users are redirected to, many of them have prompts that users are enticed to click through which will eventually download the SpeedUpKit application. Ten fixes from the program are offered for free but then the $30 fee is asked to be paid to repair other alleged issues.

Additional findings made by DomainTools reveals that if the typosquatting site related to the SpeedUpKit scheme is loaded, it will then redirect to one that was registered by Paul Cozzolino of Boynton Beach, Florida, in addition to other redirect sites rooting from the original. Digging into Cozoolino's history, it appears registered a company called CallTactics that specializes in online advertising and managing inbound calls. The CallTactics company, working as part of an EZ Tech Support call center in Portland, Oregon that was shut down just a week ago. The EZ Tech Support was responsible for fielded calls from many online advertising campaigns using adware. The common actions were to bait people by offering a free utility, similar to what is going on with the SpeedUpKit typosquatting scheme.

The FTC does not take too kindly to these types of schemes, which has filed lawsuits which will eventually put Cozzolino on the wanted list to track down and question into the typosquatting matter.