Critical.
Authoritative.
Strategic.
Subscribe to CIO Magazine »

Real Viagra sales power global spam flood

Pharma shoots to top of the league.

The truism that spam mostly consists of inducements to buy products such as Viagra turns out to spot on, a security company has found.

According to Marshal8e6's latest Tracelabs report for January to June 2009, three quarters of all spam that passed through its gateways during this period had a pharmaceutical theme to it, echoing the civilised world's obsession with a variety of prescription drugs, especially the potent Viagra.

Astonishingly, a single apparently legitimate company, Canadian Pharmacy, could also be a key entity holding up a large part of the spam economy. This one enterprise has a connection to 50 percent of the total pharma spam seen, the company said, and could be generating profits of as much as $150 million (£93 million) per year for its online sales channel, which demonstrates why spam will be a hazard for the average PC user for some time to come.

The fact that a legitimate enterprise - Canadian Pharmacy does reportedly sell real Viagra - could be indirectly funding so much spam without legal challenge is not fully discussed by the report.

With pharma and Viagra spam accounting for such a huge chunk of bogus email in the first half of 2009, other spam categories are pushed to the periphery. The company's stats show that outright phishing spam accounted for a tiny 0.2 percent by volume, with even the supposed staple of the Internet, porn, trailing at 3.5 percent.

Delving deeper, the figures show that spam volumes have returned to levels before a single ISP, McColo, was shut down some months ago, driven overwhelmingly by a small handful of botnets. The most prodigious and clever of these is Rustock, which alone accounts for 40 percent of the spam detected by Marshal8e6, and was found to be capable of pumping out up to 25,000 spam emails per hour from an infected PC.

It also uses HTML format for its emails, a visual technique which might account for some of its success with its victims.

"The rise of the Rustock botnet feeds the growth of blended threats. Rustock typically uses HTML templates from legitimate newsletters and inserts, or blends in, its own images and URL links. This helps give Rustock spam the appearance of professional, legitimate email which tricks recipients into clicking on the links or buying the advertised products," said said Bradley Anstis of Marshal8e6.

The other related threats detected by the company are much as they have been reported by a variety of other security companies. Social networking sites such as Facebook and Twitter are the big growth areas for criminal incursion, with fake 'scareware' software sites, the compromise of legitimate websites, and even the old-style image spam not far behind.

There is a good piece of news in the Marshal8e6 figures. If most spam is concerned with a single theme, filtering it should be proportionally easier and cheaper. Just block messages containing pharmaceutical keywords using any desktop email or web client and three quarters of the problem should be solved for no outlay.

Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.

More about: Facebook, Marshal8e6
References show all

Comments

1

Jude PR

Sat 15/08/2009 - 03:52

Inquiry

Post new comment

The content of this field is kept private and will not be shown publicly.
Users posting comments agree to the CIO comments policy.
Login or register to link comments to your user profile, or you may also post a comment without being logged in.
Related Coverage
Related Whitepapers
Latest Stories
Community Comments
Tags: spam
Latest Blog Posts
Whitepapers
  • Customer Case Study: Yarra Valley Water Turns to Enterprise Software to Improve Information Flow
    “We don’t need to wait till month-end for management reports—they’re now available whenever we need them. We have much more efficient management, as everyone across the organization is looking at the same set of figures. Read on.
    Learn more »
  • Managing IBM License Complexity
    IBM provides thousands of products in its portfolio and uses a variety of license models, contract terms and conditions. These license models can be very complex, causing frequent confusion for organisations trying to grasp the concepts while maintaining license compliance. While at first IBM licensing may seem incomprehensible, some education on the license models and licensing scenarios will help minimise the confusion. In addition, a more automated approach to managing licenses enables organisations to gain control, reduce ongoing software costs and minimise license liability risks. Read on.
    Learn more »
  • Lower Your IT Costs When You Standardize on Oracle Database 11g
    As business operations become more complex, the demand for change in IT increases, along with the associated risks that must be mitigated. Today’s IT professionals are asked to manage more information and deliver it to their users in a timely manner with ever-increasing quality of service. And in today’s economic climate, IT must also reduce budgets and derive greater value out of existing investments.
    Learn more »
All whitepapers
rhs_login_lockGet exclusive access to Invitation only events CIO, reports & analysis.
Recent comments