EuroRx Pharmacy

From Spamwiki

Jump to: navigation, search

Contents

[edit] Description

EuroRx Pharmacy spam was first observed in July 2009. It is unusual in that it offers to sell narcotics with very high abuse potential. As this attracts considerable attention from law enforcement, many such sites do not ship any products and instead are sham sites to collect credit card information.


EuroRx Pharmacy, July, 2009


[edit] Fraudulent Domain Registration

Not surprisingly, the people who are behind this are not owning up to it. The domain names and nameservers are registered with laughably false whois information. For example:

Domain Name      : sndmoon.com
Registrant:
 Organization   : zhang  gao
 Name           : zhanggao
 Address        : tianjingnanzhengdalou7A
 City           : tianjing
 Province/State : Tianjin
 Country        : cn
 Postal Code    : 252411
Domain Name      : buymequikk.com
Registrant:
 Organization   : zhanghao
 Name           : rtyrtuyert
 Address        : tdhyrtfgh
 City           : Luzhou
 Province/State : Sichuan
 Country        : CN
 Postal Code    : 200041
Domain Name      : specialymedd.com
Registrant:
 Organization   : zhangha
 Name           : tftyrtyrtgewr
 Address        : sterter
 City           : Xianyang
 Province/State : Shanxisheng
 Country        : CN
 Postal Code    : 200041

[edit] False Pretenses

Image:EuroRxSeals.jpg

They present an array of purported credentials. Let's look at each one:

[edit] US Postal Service

The US Postal Service doesn't credential pharmacies or any other shipper. Anyone can mail a parcel. In this case, it would be a federal crime, since it's illegal to sell these products without a prescription. But as mentioned above, it's doubtful they really mail so much as a placebo tablet.

[edit] Canadian International Pharmacy Association

This one is easy, too. They didn't even bother to edit out the part that says "click here." And they didn't even bother to create a fake page to appear if you do click. It's a unlinked image.

A real CIPA seal would link to a web page on the ciparx.ca website. But you can check any pharmacy directly by entering its name/domain name in their webform.

[edit] Verisign

If they had a certificate from Verisign, they would be able to offer secure ordering, and you would see a "https" in your browser navigation bar instead of "http" when it came time to enter personal information like your name or credit card number. In fact, everything on a pharmacy website should be confidential. But as shown below, they want you to enter all your information on an insecure form. Once you hit send, your personal information will travel from node to node through the internet on its way to the spammer, and it will be readable on every computer it passes through.

Image:EuroRxOrder.jpg


[edit] "We Ship Worldwide"

This doesn't mean anything. They just copied it off another spammer's website.


[edit] FDA

The U.S. Food and Drug Administration doesn't certify pharmacies. It does certify drugs. But some of these drugs, like generic versions of drugs like Viagra that are still protected by patents, can't be sold or manufactured legally in the U.S. And if you can't manufacture it, you can't submit it to the FDA for testing. So they pulled this claim out of their rear ends, too.


[edit] Spam Samples

Subject: Subject: NO PRESCRIB REQUIRED MEDS 

1. Happy 4th of July America
2. Don't Overpay For Your Medications

One of Many: Phentermine 37.5
  
http://buymequikk.com

Source: Wikipedia


[edit] How to report this spam

The Complainterator is configured to request removal of these fraudulent sites. Add a link to this page as evidence.

Personal tools