Feeds

Pfizer and MS sue Viagra spam gangs

Big stick

  • alert
  • submit to reddit

Seven Steps to Software Security

Pfizer and Microsoft today announced a joint legal offensive against sellers of illegal Viagra and two international spam syndicates alleged to have promoted illicit sales of counterfeit versions of the drug. The legal action follows a seven-month investigation during which Microsoft and Pfizer worked together to track down illegal drug distributors operating websites selling "generic" Viagra as well as the spammers advertising them.

Pfizer has filed civil suit against two websites - CanadianPharmacy (trading as www.cndpharmacy.com) and E-Pharmacy Direct (trading as www.myepharmacydirect.com) - which allegedly promote and sell products that are unapproved by the US Food and Drug Administration (FDA). The identities of the individuals controlling these sites, which were registered under false names, are unknown. Pfizer hopes its lawsuit will uncover their names. The drug manufacturer also filed ten other domain name actions.

Microsoft filed suit against the unnamed spammers promoting CanadianPharmacy and E-Pharmacy Direct. It has also begun three lawsuits against junk mailers who spamvertised other online pharmacies known under a variety of names, such as Discount RX, Virtual RX, and EzyDrugStore.com. These pharmacy spam rings have allegedly sent hundreds of millions of email messages to Microsoft's MSN Hotmail customers within the past year alone. The defendants stand accused of using illegal and deceptive email techniques that violate the federal CAN-SPAM Act of 2003 and other state and federal laws.

Viagra is estimated to feature in up to one out of four spam messages. Many of these junk mail messages link to illegal websites that sell consumers illegal version of the drug, which may be unsafe. Microsoft and Pfizer's account of its investigation into the trade, leading up to legal action against CanadianPharmacy et al, makes for interesting reading.

Pfizer and Microsoft first investigated CanadianPharmacy, a website advertised by high volume spamming. Working together, the companies' investigators uncovered a highly sophisticated spam ring with several groups of affiliates all advertising websites associated with CanadianPharmacy. The spam directs recipients to one of dozens of identical websites. Many of these websites are registered with the true names and addresses of persons unassociated with the websites or spam rings, and who were unaware that their identities are being used in conjunction with these activities. Tracing the order process, investigators determined that the website encompasses an allegedly illegal pharmaceutical supply chain that spans the globe. Consumers place orders for drugs advertised as Viagra (sildenafil citrate) or illegal "generic" Viagra on one of several websites advertised by spam. Once the consumers' online orders are received on computers in New York, they are sent to a call center headquartered in Canada, and then on to India for processing. The orders are filled with illegal, unregulated and unapproved products. The illegal generic drugs are then shipped from India to the United States and delivered by an airfreight forwarding company based in the United States.

Knowing as much as that about CanadianPharmacy it’s perhaps a little surprising that Microsoft and Pfizer don't yet know who's running its operations.

Earthlink targets spammers

Separately, US ISP EarthLink yesterday announced another round of lawsuits as part of its ongoing legal battle with spammers. Its four latest lawsuits accuse named defendants in California, Florida, Nevada and Washington state, as well as John Doe defendants, with violations of CAN-SPAM Act and various other state and federal statutes including the federal Computer Fraud and Abuse Act and state and federal racketeering laws. In suits filed in US District Court in Atlanta last month, Atlanta-based EarthLink is asking the courts for injunctions against the alleged junk mailers and unspecified damages.

The defendants have been named as: Gregory Lars Alsing, of Elk Grove, California, and Impression Media Inc., of Las Vegas, Nevada, who stand accused of sending hundreds of thousands of fraudulent emails punting cable descramblers and fake college diplomas; Craig S. Brockwell of Miami, Florida and BC Alliance Inc., of Sunrise, Florida for allegedly sending deceptive discount ink jet cartridge junk mail; Christina Reesea and Angela M. Nickerson of YamboCS.com (along with 22 unnamed defendants) for allegedly spamvertising pornographic websites using obscene subject lines and explicit pictures and text; and Peter Moshou of Auburndale, Florida (with 23 unnamed parties) over time-share brokering spam.

Last year Earthlink obtained a $16.4m judgment and injunctive relief against Howard Carmack, aka the "Buffalo Spammer," shutting down an operation that had generated more than 825m spam emails. EarthLink's pursuit of Carmack led to his conviction in March 2004 on forgery and identity theft charges related to his spamming. Last month, two members of the so-called Alabama Spam Ring paid undisclosed damages to Earthlink and signed a court order promising to never send another spam email.

Earthlink has promised its legal campaign will continue. Said Larry Slovensky, assistant general counsel for EarthLink: "We will continue to pursue litigation, technical solutions, consumer education and legislative support to help ensure the quality of the internet experience for all users." ®

Related stories

Pfizer takes big stick to Viagra spammers
Online pharmacist jailed
Rogue pharmacies still thriving
US giants move to can spammers
Buffalo spammer jailed
US court skins Buffalo Spammer
Earthlink wins cash from spammers
Interview with a link spammer

Mobile application security vulnerability report

More from The Register

next story
Yorkshire cops fail to grasp principle behind BT Fon Wi-Fi network
'Prevent people that are passing by to hook up to your network', pleads plod
HIDDEN packet sniffer spy tech in MILLIONS of iPhones, iPads – expert
Don't panic though – Apple's backdoor is not wide open to all, guru tells us
NEW, SINISTER web tracking tech fingerprints your computer by making it draw
Have you been on YouPorn lately, perhaps? White House website?
LibreSSL RNG bug fix: What's all the forking fuss about, ask devs
Blow to bit-spitter 'tis but a flesh wound, claim team
Black Hat anti-Tor talk smashed by lawyers' wrecking ball
Unmasking hidden users is too hot for Carnegie-Mellon
Attackers raid SWISS BANKS with DNS and malware bombs
'Retefe' trojan uses clever spin on old attacks to grant total control of bank accounts
Manic malware Mayhem spreads through Linux, FreeBSD web servers
And how Google could cripple infection rate in a second
Don't look, Snowden: Security biz chases Tails with zero-day flaws alert
Exodus vows not to sell secrets of whistleblower's favorite OS
prev story

Whitepapers

Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
Reducing security risks from open source software
Follow a few strategies and your organization can gain the full benefits of open source and the cloud without compromising the security of your applications.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Consolidation: the foundation for IT and business transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.