The rise in third-party affiliate spam that markets pharmaceutical products is one of the more alarming trends we have seen. In fact, we have seen pharmacy spam increase 20 percent so far in 2015 compared to what we saw in 2014. Although the products are legal for purchase and use, they have not been vetted or approved by the FDA. This presents a double risk for victims: the dubious business practice may result in financial loss and identity theft, while the use of the product may result in a serious health problem.
In this blog series, The Big Business of Spam, Barracuda Labs will explore the various business opportunities created using different spam techniques.
The media has covered the Bruce Jenner special with Diane Sawyer more than it has covered the recent tragedy in Nepal, where a magnitude 7.8 earthquake hit, taking the lives of over 4,000 people. That makes it a perfect topic for spammers, who are always willing to take advantage of a positive story about personal triumph and use it to steal from curious readers.
Spam using various subject lines such as ‘Kardashians beaten by Bruce Jenner’ and ‘Bruce Jenner posts naughty photos of Kardashian sisters’ have been distributed with links that redirect consumers to a website for pills with the extract Caralluma, a plant from India that is often used in the suppression of appetite.
[Spammers often use celebrities to promote products in hopes to make them look more legitimate to consumers.]
Barracuda Central has detected over 750,000 instances of these emails being sent from botnets and individually infected hosts around the world. These emails lead to several different domains, which all lead back to a single purchase page for Caralluma. This attack is similar to the recent Pope / Neuroflexyn email, in that it uses sensational topics and spam to market what appears to be a legitimate product (https://barracudalabs.com/2015/04/the-pope-makes-shocking-admission-he-takes-pills-for-what/).
In this case we have not yet observed infected attachments, phishing attempts, or drive-by downloads. However, spam is a big business, and the business will adapt to ensure maximum profitability. If it is more profitable to try to infect hosts while also selling Caralluma, that is exactly what they will do.
We encourage users to purchase only from legitimate companies that fully disclose the ingredients of their products. Additionally, we encourage everyone to refrain from doing business with companies that allow spammers to market their products.
The reality is users remain one of the biggest threats to a network, as well as its greatest ally. Education is critical to ensuring that this type of email does not result in an infected host and compromised network. Caution should be taken any time a user receives a solicitation for a product, especially if the email uses a sensational subject line to entice curiosity.
Customers using the Barracuda Spam Firewall or Barracuda Email Security Service are protected from these emails.
For more education on how to keep safe from these types of emails, please visit the following pages:
Barracuda central – https://techlib.barracuda.com/display/cp/barracuda+central+operations+center
Additional blogs around the topic –