Feeds

Spammers aim to profit from swine flu pandemic

Caution advised over modern day Harry Limes

The Power of One eBook: Top reasons to choose HP BladeSystem

Russian cybercrooks have laid the groundwork needed to build a business cashing in on swine flu panic-buying.

Tamiflu sales from dodgy unlicensed pharmaceutical websites are being promoted through spam email, search engine manipulation and a variety of other underhand techniques. Web affiliates, commonly based in Russia where they are called Partnerka, are driving traffic to dodgy pharmaceutical sites using a variety of spam and adware-related marketing tactics.

Hundreds of virtually similar so-called "Canadian pharmacy" sites exist. Although they claim to be based in Canada (a tactic designed to add a thin layer of legitimacy) the sites might be actually be located anywhere in the world.

Sophos reports that members of Glavmed, one of the more popular Russian affiliate networks, can earn an average of $16,000 a day promoting such dodgy pharmacy websites. These sites have begun advertising Tamiflu alongside more traditional products such as Viagra and Ciallis.

Responding to these spamvertised websites risks exposure to potentially dangerous drugs, while also handing over personal data to cybercrooks, net security firm Sophos warns.

This July witnessed a huge increase in UK internet searches for Tamiflu, at a time when concerns that global Tamiflu production was falling behind schedule. The northern winter could see a repeat of this interest, creating a demand that unlicensed online pharmacies are ready to exploit.

Rat boys

The business model of the cybercrooks is straightforward. Surfers searching for information online about Tamiflu are directed to specific online pharmacies where they are invited to buy a generic and (likely counterfeit) version of the drug. Cybercrooks have manipulated search engine results to drive as much online traffic as possible to illicit pharmacy websites using black-hat search-engine optimisation techniques. Cybercrooks are also bombarding web users with spam and messages from hacked accounts on social networking websites

Sites supplying the drug pay affiliates between 20-40 per cent of the value of any sale. Buyers typically receive some kind of drug as result of their purchase but the supplied pills are liable to be out of date or otherwise risky. In other cases users may receive only sugar-pill placebos. Sophos reckons the top five countries purchasing Tamiflu and other drugs from bogus sites are the US, Germany, UK, Canada and France.

"As more and more cases of swine flu in the UK come to light, it is essential that we all resist the panic-induced temptation to purchase Tamiflu online," said Graham Cluley, senior technology consultant at Sophos.

"The criminal gangs working behind the scenes at fake internet pharmacies are putting their customers’ health, personal information and credit card details at risk. They have no problem breaking the law to promote these websites, so you can be sure they’ll have no qualms in exploiting your confidential data or selling you medications which may put your life in danger.

"If you think you need medication go to your real doctor, and stay away from quacks on the internet."

Sophos's research into Partnerka spam affiliate networks more generally, presented at the Virus Bulletin conference back in September, can be found here (PDF).

The warning about spam promoting dodgy pharmaceutical sites coincides with the start of a campaign by drug firm Pfizer, warning that between 50-90 per cent of drugs sold through unlicensed sites are counterfeit. Pfizer has produced a hard-hitting TV advert - which is only allowed to be shown on British TV after 11 o'clock at night - that depicts a man throwing up a rat, as part of this campaign. It claims that rat poison can be one of the ingredients of "medicines" on offer from illegal websites.

In support of its public education push, the Viagra developer has also set up a website featuring less stomach-churning material at realdanger.co.uk. ®

Designing a Defense for Mobile Applications

More from The Register

next story
Secure microkernel that uses maths to be 'bug free' goes open source
Hacker-repelling, drone-protecting code will soon be yours to tweak as you see fit
How long is too long to wait for a security fix?
Synology finally patches OpenSSL bugs in Trevor's NAS
Roll out the welcome mat to hackers and crackers
Security chap pens guide to bug bounty programs that won't fail like Yahoo!'s
HIDDEN packet sniffer spy tech in MILLIONS of iPhones, iPads – expert
Don't panic though – Apple's backdoor is not wide open to all, guru tells us
Researcher sat on critical IE bugs for THREE YEARS
VUPEN waited for Pwn2Own cash while IE's sandbox leaked
Four fake Google haxbots hit YOUR WEBSITE every day
Goog the perfect ruse to slip into SEO orfice
Putin: Crack Tor for me and I'll make you a MILLIONAIRE
Russian Interior Ministry offers big pile o' roubles for busting pro-privacy browser
prev story

Whitepapers

Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Top 8 considerations to enable and simplify mobility
In this whitepaper learn how to successfully add mobile capabilities simply and cost effectively.
Seven Steps to Software Security
Seven practical steps you can begin to take today to secure your applications and prevent the damages a successful cyber-attack can cause.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.