Threat Intelligence Blog

Posted March 7, 2011

If there is one thing we know about criminal activity on the internet, we know it changes constantly. Because the most illicit gains are to be found where defenses are few, online fraudsters are always seeking new territory to exploit their victims.

One current trend in the world of online fraud is the shift toward the mobile arena. For example, many reports are emerging about attacks against Google’s Android operating system for mobile devices. ISS recently examined malware designed to target Android.

In that vein, today we bring you images from the world of illegal online pharmacies. These organizations put lives at risk by offering prescription medications without a prescription, or worse, by sending fake medications that can cause great harm. Moreover, consumers’ credit card numbers are sometimes stolen when they make purchases from these sites.

Consider this screenshot of one a typical illegal online pharmacy website as viewed on an iPhone:

A traditional illegal online pharmacy as viewed on a mobile device.

As you can see, the type is small, not easy to read, and navigation is difficult.

Knowing that consumers are using mobile devices more than ever, cyber criminals have created the site below specifically to illegally sell prescription drugs in a format that is native to mobile devices. The images below were screenshots taken on an iPhone, and you can see how the presentation is different than a regular website tailored specifically for increased usability on a mobile device: larger font, less clutter… In short, they attempt to make it as easy as possible to make a purchase from this website. You can see that they have even gone to the trouble of incorporating a .mobi internet domain for the site to reinforce the mobile computing experience. It would be praiseworthy if it were not so recklessly endangering consumer safety.

The homepage of the rogue online pharmacy which is optimized for mobile devices.

The site’s product page for its generic Viagra. Note that Viagra is not off patent in most of the world, and is certainly not so in India, where this site claims its products originate. By definition this product is made outside the law and carries risk.

While most illegal online pharmacies will claim to offer a safe shopping experience, most (including this site) do not encrypt your credit card information when the purchase is made.

Here, offerings like “Cialis Professional” are made available for purchase. Unfortunately the maker of Cialis, Eli Lilly, has never offered such a drug. Only the maker of this counterfeit drug knows what the patient is really putting in his body if this is taken.

Regular readers of the Cyveillance Blog are well aware of the significant risks involved in online pharmacies. If you are looking for an easy way to help tell friends and family about this danger, MarketWatch just posted a video interview last week with a Special Agent in Charge from the Department of Homeland Security where they discuss the risks of online pharmacy.

It is our hope that consumers will remember examples like this site and recall that as technology advances, enterprising cyber criminals will likely have already considered ways to take advantage of the new landscape in ways that can seriously jeopardize your health and financial well being. Always stop, think, connect.

Additional Posts

Epsilon Breach Opens the Flood Gates for Spear Phishing and Socially Engineered Attacks

The recent Epsilon breach, which could quite possibly be the largest of its kind, has exposed ...

Overall Phishing Attack Volume Down for 2nd Half of 2010 As Phishers Become More Focused on High Value Targets

As reported in the upcoming release of the Cyveillance Intelligence Report, overall phishing attack ...