As the number of reported swine flu cases in the northern hemisphere and around the world climbs to an all-time high, IT security and data protection firm Sophos is warning consumers against buying Tamiflu over the Internet.
Panic-induced stockpiling by individuals who aren’t officially classified as being at risk of contracting swine flu, and therefore anxious they won’t receive Tamiflu through the normal channels, will not only line cybercriminals’ pockets with millions in cash, but also grant them access to sensitive personal data to be used for other crimes.
Sophos took an in-depth look at how these underground web affiliates, which form networks called the Partnerka, profit from online Tamiflu sales. Working inside an organised criminal network alongside the businesses running online pharmacies, the Partnerka generate traffic to those sites for an agreed share of the profit.
Many of these pharmaceutical sites brand themselves as “Canadian Pharmacy” in order to appear as a more trusted website to unsuspecting internet users.
This year, Sophos has intercepted hundreds of millions of fake pharmaceutical spam adverts and fake pharmaceutical websites, promoted by affiliate members. Working day and night, thousands of affiliates use criminal methods including spam, adware and malware to drive as much traffic to their partners’ stores as possible, which then sell high-profit illegal goods as part of a multi-million dollar industry.
The top five countries purchasing Tamiflu and other drugs from the Canadian Pharmacy, and thus unwittingly assisting additional criminal activity, are the US, Germany, the UK, Canada and France.
Although the precise number of affiliates is ever-changing, it is projected that there are thousands in operation at any one time. Sophos’s research has discovered that on one of the more popular affiliate networks operated out of Russia, called Glavmed, it is possible to earn an average of $16 000.00 a day promoting pharmaceutical websites – totalling $5,8-million a year. But the criminals can be members of more than one affiliate network, and some have boasted of earning more than $100 000.00 per day.
Sophos is warning that concerns about the severity of swine flu, which has led to more than 6 500 deaths worldwide and may reach as high as 40 000 before the end of the pandemic, has the potential to drive even greater volumes of traffic and total sales to Partnerka websites.
Graham Cluley, senior technology consultant at Sophos, says: “The worrying trend of stockpiling Tamiflu has already been seen in the UK. Not only did large corporations come under fire for stockpiling Tamiflu this summer, Sophos further uncovered that this July, when concerns that global Tamiflu production were falling behind schedule, there was a 1 400% increase in UK internet searches for Tamiflu. As there’s a very good chance the swine flu pandemic has not yet hit its peak, Sophos has issued this warning to help prevent another significant influx of cash and unwitting transfer of personal details to Partnerka affiliates.”
The business model for exploiting online purchases is fairly simple. Once someone searches online for Tamiflu, they are directed to specific online pharmacies such as the Canadian Pharmacy to purchase a generic and very possibly counterfeit version of the drug. What most people don’t know is that cybercriminals have manipulated internet search engine results to drive as much online traffic as possible to these sites. Furthermore they bombard innocent users with adverts via spam email sent from hijacked computers and hacked social networking accounts.
Profits can range between 20% to 40% for each of the parties involved, depending on who has the upper hand in the relationship. Although unwitting buyers do often receive some kind of drug as result of the transactional exchange, at best the drug doesn’t work and at worse it can pose serious health risks.
“As more and more cases of swine flu in the UK come to light, it is essential that we all resist the panic-induced temptation to purchase Tamiflu online,” adds Cluley. “The criminal gangs working behind the scenes at fake internet pharmacies are putting their customers’ health, personal information and credit card details at risk. They have no problem breaking the law to promote these websites, so you can be sure they’ll have no qualms in exploiting your confidential data or selling you medications which may put your life in danger. If you think you need medication go to your real doctor, and stay away from quacks on the Internet.”