While it’s not new that spammers are using legit brands to lure users to order counterfeit medications on their fake websites, it’s more prevalent nowadays that these spam mails have one thing in common – they’re using Russian domains to redirect links from the bulk mails that they are spreading.
One brand that is being targeted for this attack is Pfizer. Being the company behind the term “Sildenafil citrate” more commonly known as “Viagra”, Pfizer has been the subject for health-related spams specially when they started selling this product on their own website – an attempt to stop consumers from buying it from other non-authorized online sellers.
Knowing that patients who are suffering from erectile dysfunction and pulmonary arterial hypertension (PAH) would prefer getting Viagra privately online instead of seeing a pharmacist, spammers are leveraging on this demand by putting up fake online drugstores using various Russian domains.
Victimized consumers would first get a mail masking as an official marketing promotion from Pfizer. Usually, it will only have an “Order here!” link which would hide the created online pharmacy carrying a Russian domain. When clicked, it would redirect users to “Pharmacy Express” pretending to be “the number one worldwide drugstore.”
Most antivirus software usually detect these spam mails and the associated links though with how these spammers are changing the websites that carry their online pharmacy, online security companies will have to be fast in catching the next wave of Pfizer spam mails.
- Phishing Email Analysis Landing Page - September 19, 2024
- BPI to hold Cybersecurity Conference to ‘Fortify Cyber-Resilience in an AI World’ - July 25, 2024
- New Smishing Campaign makes use of Globe SMS Sender ID - May 27, 2024
I’m getting a only a few dozen of the pfizer spam, and my antivirus software sorts them straight into the trash.
What’s more annoying is getting hundreds of returned mail from non-existent recipients of spam.
All of them have my email address as sender, and it may put me on some kind of blacklist.
I wish email was not free, let’s put a “stamp” on each message, 1 cent would be fine with me, as I’m not sending out millions of emails a day, like spammers do. I don’t see any other way to deal with these floods.
Blacklist organizations can get too strict and even more annoying than spammers. They will block entire ranges of IPs, and
don’t care about the “collateral damage”. If your server is on GoDaddy for example, you may find yourself blocked by Spamcop and others, even if you have never sent a single unsolicited email. Well, I guess the Internet – just like the real world – is impossible to keep clean.