Online Pharmacy

From Spamwiki

Jump to: navigation, search

Contents

[edit] Introduction

Fake pharmacy
Older web site, click to enlarge
Older web site, click to enlarge
Modified web site, click to enlarge
Modified web site, click to enlarge
Newer web site, click to enlarge
Newer web site, click to enlarge

[edit] False pretenses

[edit] Fake logoes

Each logo in the trailer does not link anywhere, they are mere images, indicating fraud.

Trailer, click to enlarge
Trailer, click to enlarge

[edit] False security claim

At check-out, where you are asked to provide your credit card details, the link is unencrypted. The page contains the words "Secure Payment Form". However, the icon image next to the address is depicted as a locked padlock, in an attempt to defraud the victim into believing otherwise:

image:Online_Pharmacy_unsecured.jpg

Further evidence of fraud is in the FAQ link 

How do you protect my privacy and security?

Our drug store is dedicated to patient privacy and security. All information 
furnished is legally protected under doctor-patient privilege laws.
 
Our on-line ordering system uses the latest in Secure Encryption Technology. All 
personal and credit card information is submitted with the highest level of security 
and precautions. Our drug store system also has safeguards in place to protect 
against credit card fraud. Individuals attempting the fraudulent use of a credit card 
will be reported.

[edit] Invalid address

There is a building in Belize on the corner of Eyre and Hutson Streets. Any legitimate business that lists its address would be expected to know how to spell the names of the streets where it is located. Notice how the Online Pharmacy lists its address. It spells Eyre as Eyer.

From the picture of the building, it is clear that there would not be 72 offices on the ground floor.

image:Online_Pharmacy_address.jpg >>
Actual Blake building, Hutson/Eyre
Actual Blake building, Hutson/Eyre

[edit] Lack of pharmacist oversight

As outlined in detail in the article on Canadian Pharmacy, it is clear from their "Free Viagra" promotion that there are no pharmacists involved in running these sites. Try ordering a drug that has a potentially lethal interaction with Viagra, and they'll throw the "free" counterfeit Viagra tabs in the shopping cart anyway. You can't even remove the Viagra without removing the other drug.


Either the drugs are fake or they've got some dead former customers out there.


[edit] Installation process

This site is loaded using an automated tool. An example of the loading process can be seen at easyprescriptionforyou.com and hotrxlive.com

Cookie cutter install
Cookie cutter install

This illustrates the "Cookie Cutter" approach to setting up these fraud pharmacies

[edit] Sample sites

Registered on CHINA SPRINGBOARD / NAMERICH

browserxonline.com click4urrx.com clickhere4rx.com earthlyrxonline.com easyrxacces4u.com endthesicknessrx.com extrarx77.com firerx.com greatrxherejustclick.com hottestrxhere.com onlinerx77.com realestrx.com realestrxonline.com rx-01.com rxreorder24.com scriptfreerx.com varietyofrxmeds.com

Registered with Chinese registrars

cheaprxmeds01.com fingertipmedz.net fingertiprxmeds.net freshstuff2009.com geitwhileitshot.com goodyzap.com goodzchoices.com kingofthekingofrxz.com kmleeer.cn manyrxmeds.com mosthighlysoughtafter.com mycheaprxmeds01.com mycheaprxmeds02.com mygreatrx.com myrxonlinemeds.com myrxprocess.com myverygoodrx.com newcheaprxmeds01.com publicgoody.com raiseyearly.com rasieuptowns.com refillrxstation.com reliablerxforyou.com rxgoodiesforyou.com rxhealingcenter.com rxkingsatyourservice.com rxmed77.com rxofthereliablesort.com rxprocessnow.com rxprocessonline.com rxrefillhere.com rxreliever.com rxrelievers.com rxwelcome01.com savegoody.com selectfromthebesthere.com selectionforaking.com simple-meds1.com simple-meds2.com simple-meds3.com simple-meds4.com simple-meds5.com simple-meds6.com simple-meds7.com simple-meds8.com somanychoicestochoose.com thebestusrx.com thebestusrx.net thecheaprxmeds02.com theflowageoccurshere.com themyrxaddress.net therxlove.com thetrustedrxonline.net trustedrxavenue.com trustedrxcity.com trustedrxdepot.com trustedrxnation.com trustedrxplace.com

[edit] Sponsoring registrars

Microsoft spaces.live.com

Each spaces.live.com URL spammed provides a web page on Microsoft's abused service that will redirect to one of a range of spam brands. Each brand represents an illegal web site that indulges in fraud and misrepresentation. It is strongly recommended that visitors do not provide their identity and credit card details on any of these sites. They are run by criminals who use credit cards to order domain names for spamming, or to sell stolen identities within their own "carding" community. Online Pharmacy is one of several brands targeted.

Sites are typically registered with the following registrars in China

  • GUANGZHOU MING YANG INFORMATION TECHNOLOGY CO., LTD
  • CHINA SPRINGBOARD INC.
  • 35 TECHNOLOGY CO., LTD
  • XIN NET TECHNOLOGY CORPORATION

Name servers are usually spread over 3 domains, and registered with these registrars in China

  • BEIJING INNOVATIVE LINKAGE TECHNOLOGY LTD. DBA DNS.COM.CN
  • BIZCN.COM, INC.
  • HICHINA ZHICHENG TECHNOLOGY LTD.
  • HOOYOO INFORMATION TECHNOLOGY CO.LTD.

[edit] Related brands

October/November 2009 showed a new trend. Canadian Pharmacy sites contain a "Best sellers" section, which in turn link through to an Online Pharmacy site.

Canadian Pharmacy with "Best seller" links
Canadian Pharmacy with "Best seller" links
 links to
Online Pharmacy target from link
Online Pharmacy target from link
Retrieved from "http://spamtrackers.eu/wiki/index.php/Online_Pharmacy"
Personal tools