Wednesday, October 10, 2007

Incentives Model for Pharmaceutical Scams

Sometimes, it's unbelievable how easy is in fact to social engineer people on their way to "make a deal" online, especially when buying pharmaceuticals online. Let's discuss organized pharmaceutical scams the way I perceive them, which like phishing also aim at reaching the efficiency level.

It's a public secret that's success in terms of sustained profitability has to do with their affiliation based model, namely "let the others do the sale for you". Pharmaceutical scammers have been anticipating this model for quite some now, a model where the pharma masters forward the processes of collecting potential customers (emails harvesting), contacting them and letting them know of how cheap their pharmaceutical are (spamming), enticing them to initiate a transaction with a fancy and professionally looking like site (freely available pharmacuitical web site templates) to those who become part of an affiliate network like the one you can see in the screenshot.

Pharmaceutical scammers have their own fast-flux networks of constantly changing domain and IP addresses, shared hosting of multiple scams in different segmets. Remember It's still up and running but the javascript obfuscation I reviewed before is now pointing to web server's directory whose main index hosts a p0rn site -, so you have a p0rn site that's hosting viagra propositions - "insightful". Moreover, pharmacuitical scam campaigns are also known to use free web space providers as doorway pages in the form of redirectors. For instance, the most recent spamming campaign promoting a Canadian Pharmacy scam located at, is taking advantage of the already established trusted brand of Geocities to redirect the spammers users to the main page :

If efficiency truly matters from a scammer's perspective, we may soon witness actual DIY marketing packages with templates, "collection of potential customers", and a list of services to use when "contacting them". Now, if the pharma masters want to diversify as well, they can vertically integrate by owning or renting the spamming services themselves, something I haven't come across to - yet.

No comments:

Post a Comment