Real Viagra sales power global spam flood

Pharma shoots to top of the league.

The truism that spam mostly consists of inducements to buy products such as Viagra turns out to spot on, a security company has found.

According to Marshal8e6's latest Tracelabs report for January to June 2009, three quarters of all spam that passed through its gateways during this period had a pharmaceutical theme to it, echoing the civilised world's obsession with a variety of prescription drugs, especially the potent Viagra.

Astonishingly, a single apparently legitimate company, Canadian Pharmacy, could also be a key entity holding up a large part of the spam economy. This one enterprise has a connection to 50 percent of the total pharma spam seen, the company said, and could be generating profits of as much as $150 million (£93 million) per year for its online sales channel, which demonstrates why spam will be a hazard for the average PC user for some time to come.

The fact that a legitimate enterprise - Canadian Pharmacy does reportedly sell real Viagra - could be indirectly funding so much spam without legal challenge is not fully discussed by the report.

With pharma and Viagra spam accounting for such a huge chunk of bogus email in the first half of 2009, other spam categories are pushed to the periphery. The company's stats show that outright phishing spam accounted for a tiny 0.2 percent by volume, with even the supposed staple of the Internet, porn, trailing at 3.5 percent.

Delving deeper, the figures show that spam volumes have returned to levels before a single ISP, McColo, was shut down some months ago, driven overwhelmingly by a small handful of botnets. The most prodigious and clever of these is Rustock, which alone accounts for 40 percent of the spam detected by Marshal8e6, and was found to be capable of pumping out up to 25,000 spam emails per hour from an infected PC.

It also uses HTML format for its emails, a visual technique which might account for some of its success with its victims.

"The rise of the Rustock botnet feeds the growth of blended threats. Rustock typically uses HTML templates from legitimate newsletters and inserts, or blends in, its own images and URL links. This helps give Rustock spam the appearance of professional, legitimate email which tricks recipients into clicking on the links or buying the advertised products," said said Bradley Anstis of Marshal8e6.

The other related threats detected by the company are much as they have been reported by a variety of other security companies. Social networking sites such as Facebook and Twitter are the big growth areas for criminal incursion, with fake 'scareware' software sites, the compromise of legitimate websites, and even the old-style image spam not far behind.

There is a good piece of news in the Marshal8e6 figures. If most spam is concerned with a single theme, filtering it should be proportionally easier and cheaper. Just block messages containing pharmaceutical keywords using any desktop email or web client and three quarters of the problem should be solved for no outlay.

Tags spam

Show Comments