Real Viagra sales power global spam flood

Pharma shoots to top of the league.

The truism that spam mostly consists of inducements to buy products such as Viagra turns out to spot on, a security company has found.

According to Marshal8e6's latest Tracelabs report for January to June 2009, three quarters of all spam that passed through its gateways during this period had a pharmaceutical theme to it, echoing the civilised world's obsession with a variety of prescription drugs, especially the potent Viagra.

Astonishingly, a single apparently legitimate company, Canadian Pharmacy, could also be a key entity holding up a large part of the spam economy. This one enterprise has a connection to 50 percent of the total pharma spam seen, the company said, and could be generating profits of as much as $150 million (£93 million) per year for its online sales channel, which demonstrates why spam will be a hazard for the average PC user for some time to come.

The fact that a legitimate enterprise - Canadian Pharmacy does reportedly sell real Viagra - could be indirectly funding so much spam without legal challenge is not fully discussed by the report.

With pharma and Viagra spam accounting for such a huge chunk of bogus email in the first half of 2009, other spam categories are pushed to the periphery. The company's stats show that outright phishing spam accounted for a tiny 0.2 percent by volume, with even the supposed staple of the Internet, porn, trailing at 3.5 percent.

Delving deeper, the figures show that spam volumes have returned to levels before a single ISP, McColo, was shut down some months ago, driven overwhelmingly by a small handful of botnets. The most prodigious and clever of these is Rustock, which alone accounts for 40 percent of the spam detected by Marshal8e6, and was found to be capable of pumping out up to 25,000 spam emails per hour from an infected PC.

It also uses HTML format for its emails, a visual technique which might account for some of its success with its victims.

"The rise of the Rustock botnet feeds the growth of blended threats. Rustock typically uses HTML templates from legitimate newsletters and inserts, or blends in, its own images and URL links. This helps give Rustock spam the appearance of professional, legitimate email which tricks recipients into clicking on the links or buying the advertised products," said said Bradley Anstis of Marshal8e6.

The other related threats detected by the company are much as they have been reported by a variety of other security companies. Social networking sites such as Facebook and Twitter are the big growth areas for criminal incursion, with fake 'scareware' software sites, the compromise of legitimate websites, and even the old-style image spam not far behind.

There is a good piece of news in the Marshal8e6 figures. If most spam is concerned with a single theme, filtering it should be proportionally easier and cheaper. Just block messages containing pharmaceutical keywords using any desktop email or web client and three quarters of the problem should be solved for no outlay.

Join the CSO newsletter!

Error: Please check your email address.

Tags spam

More about FacebookMarshal8e6

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by John E. Dunn

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts