False pretenses
 Fake logoes
Each logo in the trailer does not link anywhere, they are mere images, indicating fraud.
 False security claim
At check-out, where you are asked to provide your credit card details, the link is unencrypted. The page contains the words "Secure Payment Form". However, the icon image next to the address is depicted as a locked padlock, in an attempt to defraud the victim into believing otherwise:
Further evidence of fraud is in the FAQ link
How do you protect my privacy and security? Our drug store is dedicated to patient privacy and security. All information furnished is legally protected under doctor-patient privilege laws. Our on-line ordering system uses the latest in Secure Encryption Technology. All personal and credit card information is submitted with the highest level of security and precautions. Our drug store system also has safeguards in place to protect against credit card fraud. Individuals attempting the fraudulent use of a credit card will be reported.
 Invalid address
|There is a building in Belize on the corner of Eyre and Hutson Streets. Any legitimate business that lists its address would be expected to know how to spell the names of the streets where it is located. Notice how the Online Pharmacy lists its address. It spells Eyre as Eyer.
From the picture of the building, it is clear that there would not be 72 offices on the ground floor.
 Lack of pharmacist oversight
As outlined in detail in the article on Canadian Pharmacy, it is clear from their "Free Viagra" promotion that there are no pharmacists involved in running these sites. Try ordering a drug that has a potentially lethal interaction with Viagra, and they'll throw the "free" counterfeit Viagra tabs in the shopping cart anyway. You can't even remove the Viagra without removing the other drug.
Either the drugs are fake or they've got some dead former customers out there.
 Installation process
This site is loaded using an automated tool. An example of the loading process can be seen at easyprescriptionforyou.com and hotrxlive.com
This illustrates the "Cookie Cutter" approach to setting up these fraud pharmacies
 Sample sites
Registered on CHINA SPRINGBOARD / NAMERICH
browserxonline.com click4urrx.com clickhere4rx.com earthlyrxonline.com easyrxacces4u.com endthesicknessrx.com extrarx77.com firerx.com greatrxherejustclick.com hottestrxhere.com onlinerx77.com realestrx.com realestrxonline.com rx-01.com rxreorder24.com scriptfreerx.com varietyofrxmeds.com
Registered with Chinese registrars
cheaprxmeds01.com fingertipmedz.net fingertiprxmeds.net freshstuff2009.com geitwhileitshot.com goodyzap.com goodzchoices.com kingofthekingofrxz.com kmleeer.cn manyrxmeds.com mosthighlysoughtafter.com mycheaprxmeds01.com mycheaprxmeds02.com mygreatrx.com myrxonlinemeds.com myrxprocess.com myverygoodrx.com newcheaprxmeds01.com publicgoody.com raiseyearly.com rasieuptowns.com refillrxstation.com reliablerxforyou.com rxgoodiesforyou.com rxhealingcenter.com rxkingsatyourservice.com rxmed77.com rxofthereliablesort.com rxprocessnow.com rxprocessonline.com rxrefillhere.com rxreliever.com rxrelievers.com rxwelcome01.com savegoody.com selectfromthebesthere.com selectionforaking.com simple-meds1.com simple-meds2.com simple-meds3.com simple-meds4.com simple-meds5.com simple-meds6.com simple-meds7.com simple-meds8.com somanychoicestochoose.com thebestusrx.com thebestusrx.net thecheaprxmeds02.com theflowageoccurshere.com themyrxaddress.net therxlove.com thetrustedrxonline.net trustedrxavenue.com trustedrxcity.com trustedrxdepot.com trustedrxnation.com trustedrxplace.com
 Sponsoring registrars
Spammers use redirections to these targets. One such abused redirection service is in Indonesia - idelink.com Sample redirections
Each spaces.live.com URL spammed provides a web page on Microsoft's abused service that will redirect to one of a range of spam brands. Each brand represents an illegal web site that indulges in fraud and misrepresentation. It is strongly recommended that visitors do not provide their identity and credit card details on any of these sites. They are run by criminals who use credit cards to order domain names for spamming, or to sell stolen identities within their own "carding" community. Online Pharmacy is one of several brands targeted.
Sites are typically registered with the following registrars in China
- GUANGZHOU MING YANG INFORMATION TECHNOLOGY CO., LTD
- CHINA SPRINGBOARD INC.
- 35 TECHNOLOGY CO., LTD
- XIN NET TECHNOLOGY CORPORATION
Name servers are usually spread over 3 domains, and registered with these registrars in China
- BEIJING INNOVATIVE LINKAGE TECHNOLOGY LTD. DBA DNS.COM.CN
- BIZCN.COM, INC.
- HICHINA ZHICHENG TECHNOLOGY LTD.
- HOOYOO INFORMATION TECHNOLOGY CO.LTD.
- Domain Name: BUY-ED-LEGIT.COM - Registrar: ADVANTAGE INTERACTIVE LTD
- Domain Name: LATINNS32.COM - Registrar: BIGROCK SOLUTIONS PRIVATE LIMITED
- Domain Name: JAPANSER7.COM - Registrar: NAMESCOUT CORP
 Related brands
October/November 2009 showed a new trend. Canadian Pharmacy sites contain a "Best sellers" section, which in turn link through to an Online Pharmacy site.
In 2010 there was a series of spammed sites that combined two brands, Canadian Healthcare and Online Pharmacy