As the number of reported swine flu cases in Britain climbs to
an all-time high, IT security and data protection firm Sophos has
added its voice to government warnings against buying Tamiflu and
other medicines over the internet. Panic-induced stockpiling by
individuals who aren't officially classified as being at risk of
contracting swine flu, and therefore anxious they won't receive
Tamiflu from the NHS, will not only line cybercriminals' pockets
with millions of pounds in cash but also grant them access to
sensitive personal data to be used for other crimes.
Sophos's indepth look at how these underground web affiliates,
which form networks called the Partnerka, profit from online sales
of Tamiflu and other medicines was revealed today in a whitepaper
entitled
"The Partnerka - what is it, and why should you care?"
[PDF]
Working inside an organised criminal network alongside the
businesses running online pharmacies, the Partnerka generate
traffic to those sites for an agreed share of the profit. Many of
these pharmaceutical sites brand themselves as "Canadian Pharmacy"
in order to appear as a more trusted website to unsuspecting
internet users.
This year, Sophos has intercepted hundreds of millions of fake
pharmaceutical spam adverts and fake pharmaceutical websites,
promoted by affiliate members. Working day and night, thousands of
affiliates use criminal methods including spam, adware and malware
to drive as much traffic to their partners' stores as possible,
which then sell high-profit illegal goods as part of a
multi-million dollar industry. The top five countries purchasing
Tamiflu and other drugs from the Canadian Pharmacy, and thus
unwittingly assisting additional criminal activity, are the United
States, Germany, United Kingdom, Canada and France.
Although the precise number of affiliates is ever-changing, it
is projected that there are thousands in operation at any one time.
Sophos's research has discovered that on one of the more popular
affiliate networks operated out of Russia, it is possible to earn
an average of $16,000 a day promoting pharmaceutical websites -
totalling $5.8 million a year. But the criminals can be members of
more than one affiliate network, and some have boasted of earning
more than $100,000 per day.
Sophos is warning that concerns about the severity of swine flu,
which has led to more than 6,500 deaths worldwide and may reach as
high as 40,000 before the end of pandemic, has the potential to
drive even greater volume of traffic and total sales to Partnerka
websites.
The worrying trend of stockpiling Tamiflu has already been seen
in Britain. Not only did large corporations come under fire for
stockpiling Tamiflu this summer, Sophos further uncovered that this
July, when concerns that global Tamiflu production were falling
behind schedule, there was a 1400% increase in UK internet searches
for Tamiflu.
"As there's a very good chance the swine flu pandemic has not
yet hit its peak, Sophos has issued this warning to help prevent
another significant influx of cash and unwitting transfer of
personal details to Partnerka affiliates," said Graham
Cluley, senior technology consultant at Sophos.
The business model for exploiting online purchases is fairly
simple. Once someone searches online for medicines such as Tamiflu,
they are directed to online pharmacies to purchase a generic and
very possibly counterfeit version of the drug. What most people
don't know is that cybercriminals have manipulated internet search
engine results to drive as much online traffic as possible to these
sites. Furthermore they bombard innocent users with adverts via
spam email sent from hijacked computers and hacked social
networking accounts.
Profits can range between 20% - 40% for each of the parties
involved, depending on who has the upper hand in the relationship.
Although unwitting buyers do often receive some kind of drug as
result of the transactional exchange, at best the drug doesn't work
and at worse it can pose serious health risks.
"As more and more cases of swine flu in the UK come to light, it is
essential that we all resist the panic-induced temptation to
purchase Tamiflu online," continued Cluley
on his blog.
"The criminal gangs working behind the scenes at
fake internet pharmacies are putting their customers' health,
personal information and credit card details at risk. They have no
problem breaking the law to promote these websites, so you can be
sure they'll have no qualms in exploiting your confidential data or
selling you medications which may put your life in danger. If you
think you need medication contact your real doctor, and stay away
from quacks on the internet."
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.