- 1 Introduction
- 2 False pretenses
- 3 Lack of pharmacist oversight
- 4 Installation process
- 5 Sample sites
- 6 Name Servers
- 7 Sponsoring registrars
- 8 Related brands
Each logo in the trailer does not link anywhere, they are mere images, indicating fraud.
False security claim
At check-out, where you are asked to provide your credit card details, the link is unencrypted. The page contains the words "Secure Payment Form". However, the icon image next to the address is depicted as a locked padlock, in an attempt to defraud the victim into believing otherwise:
Further evidence of fraud is in the FAQ link
How do you protect my privacy and security? Our drug store is dedicated to patient privacy and security. All information furnished is legally protected under doctor-patient privilege laws. Our on-line ordering system uses the latest in Secure Encryption Technology. All personal and credit card information is submitted with the highest level of security and precautions. Our drug store system also has safeguards in place to protect against credit card fraud. Individuals attempting the fraudulent use of a credit card will be reported.
How I can be sure that it is secure to assign my credit card information to your site? The protection of card details is the question of major importance when dealing with electronic transactions. That is why we pay much attention to privacy and security of our customers. Be assured that our online order system makes use of the latest security encryption technology to ensure that your credit card information is submitted safely and with the highest level of protection. All our computer systems undergo regular security checks to ensure that our ordering system is properly protected.
|There is a building in Belize on the corner of Eyre and Hutson Streets. Any legitimate business that lists its address would be expected to know how to spell the names of the streets where it is located. Notice how the Online Pharmacy lists its address. It spells Eyre as Eyer.
From the picture of the building, it is clear that there would not be 72 offices on the ground floor.
Lack of pharmacist oversight
As outlined in detail in the article on Canadian Pharmacy, it is clear from their "Free Viagra" promotion that there are no pharmacists involved in running these sites. Try ordering a drug that has a potentially lethal interaction with Viagra, and they'll throw the "free" counterfeit Viagra tabs in the shopping cart anyway. You can't even remove the Viagra without removing the other drug.
Either the drugs are fake or they've got some dead former customers out there.
This site is loaded using an automated tool. An example of the loading process can be seen at easyprescriptionforyou.com and hotrxlive.com
This illustrates the "Cookie Cutter" approach to setting up these fraud pharmacies
Registered on FOSHAN YIDONG NETWORK CO. LTD
rxmedic-shop.com tax-free-med-shop.com web-pills-online.com
Registered on GUANGDONG NAISINIKE INFORMATION TECHNOLOGY CO LTD
buy-meds-cheap.com pharma-rx-online.com rx-product-market.com
Registered with HANGZHOU AIMING NETWORK CO.,LTD
2015-best-pharma.com best-med-store.com drugs-for-sale.com happy-dickland.com med-market-online.com med-rx-solutions.com med-store-elite.com medtopseller.com refill-good-rx.com web-rx-market.com
Registered with XIN NET TECHNOLOGY CORPORATION
bestbluepower.com bestmedorders.com bestmedssafe.com (suspended) bestpillship.com cheapmalehealth.com credible-medstore.com drugsbaay.com (suspended) elitemedclub.com genuinerxsafe.com great-medshop.com (suspended) ultimatepillshop.com (suspended) whatsafemeds.com
Registered with R01-RU
best-rx-club.ru (suspended) best-rx.ru best-rxclub.ru (suspended) best-rxship.ru best-ship.ru bestrx-ship.ru bestrx-team.ru bestrx.ru bestrxship.ru bestshiprx.ru bllueoval-club.ru bllueovals-club.ru blue-ovallclub.ru (suspended) blue-ovalsclub.ru (suspended) blueovall-factory.ru blueovalls-factory.ru blueovals-factory.ru bolertt.ru
TLD REGISTRAR SOLUTIONS LTD
- pharmacy24h-drugs.com (suspended)
Obsolete, historical information only
Spammers use redirections to these targets. One such abused redirection service is in Indonesia - idelink.com Sample redirections
Each spaces.live.com URL spammed provides a web page on Microsoft's abused service that will redirect to one of a range of spam brands. Each brand represents an illegal web site that indulges in fraud and misrepresentation. It is strongly recommended that visitors do not provide their identity and credit card details on any of these sites. They are run by criminals who use credit cards to order domain names for spamming, or to sell stolen identities within their own "carding" community. Online Pharmacy is one of several brands targeted.
Sites are typically registered with the following registrars in China
- GUANGZHOU MING YANG INFORMATION TECHNOLOGY CO., LTD
- CHINA SPRINGBOARD INC.
- 35 TECHNOLOGY CO., LTD
- XIN NET TECHNOLOGY CORPORATION
Name servers are usually spread over 3 domains, and registered with these registrars in China
- BEIJING INNOVATIVE LINKAGE TECHNOLOGY LTD. DBA DNS.COM.CN
- BIZCN.COM, INC.
- HICHINA ZHICHENG TECHNOLOGY LTD.
- HOOYOO INFORMATION TECHNOLOGY CO.LTD.
- Domain Name: BUY-ED-LEGIT.COM - Registrar: ADVANTAGE INTERACTIVE LTD
- Domain Name: LATINNS32.COM - Registrar: BIGROCK SOLUTIONS PRIVATE LIMITED
- Domain Name: JAPANSER7.COM - Registrar: NAMESCOUT CORP
October/November 2009 showed a new trend. Canadian Pharmacy sites contain a "Best sellers" section, which in turn link through to an Online Pharmacy site.
In 2010 there was a series of spammed sites that combined two brands, Canadian Healthcare and Online Pharmacy