Re "... a shortened version of its name ..."
What's also interesting is that Google has not flagged that site with stopbadware.org as it usually does...
For those without FF+ABP+NS or those not game to have a look, here's a rundown:
The site itself looks very slick... The English is well written with no spelling or grammatical errors that I could find, and some time has been spent on the graphics and layout, it has a very typical shiny-glass 2.0 look to it. Pages accessible from the front page are Home, Terms, FAQ (!), Sign Up, About Us, Rates and a Login button. You could be forgiven for thinking it was a legitimate business site at first glance!
Looking at the source, I can't find any suspect Javascript but it does try to run a Flash object - which is almost certainly where the malware comes from. I couldn't find any iframes or external script calls on the pages I looked at. The site uses PHP to display its pages, and the HTML is not W3C compliant; no DOCTYPE, some HTML tags are uppercase, and it uses deprecated elements and attributes.
Interestingly, the WHOIS turns up two names and addresses in Iowa City, USA. A little email to the FBI is in order, methinks...
Finally, that "phony trojan" is a fantastic idea, and I'll be passing that along to some friends who will be able to make good use of it...