-
Blogs
-
News
-
Industry
-
Community
-
Topics
You could call this Part Three in our series on Illicit Internet Pharmacy. Part One being What's Driving Spam and Domain Fraud? Illicit Drug Traffic, Part Two being Online Drug Traffic and Registrar Policy. There are a few facts I'd like to list briefly so everyone is up to speed. The largest chunk of online abuse at this time is related to illicit international drug traffic, mostly counterfeit and diverted pharmaceuticals. Not only is this an Internet abuse issue but it also represents a grave public health risk since the entire chain of doctors, pharmacists, and patient education has been bypassed by criminals. We have also found that the lion's share of phony RX domains and IP hosts are in the U.S.(see Host Exploit's Top 10 Bad Hosts 2009). As we pointed out Registrars and ISPs have the technical ability and legal obligation to terminate these sites, but few of them are unless put under pressure. There is an additional threat, the one to Intellectual Property. Not just a threat to brand-holders, abuse of trademarks is a ticking time bomb for Registrars and ISPs.
Many ISPs and Registrars falsely believe they are protected from their customer's illicit activities by various statues. This is only true for certain types of crimes and lawsuits. Providers have even written in the Terms Of Service or Acceptable Use Policy that their customers are responsible for any legal action stemming from abuse, but this only covers some activities. Registrars and ISPs ARE in fact liable for Intellectual Property violations conducted by their customers. The Communications Decency Act only immunizes defendants from non-intellectual property claims and non-criminal complaints. Illicit pharmacy is both a criminal act as well as an IP violation since most deal in counterfeit or unauthorized sales of trademarked drugs. One critic of our first article was chagrined that we suggested that Registrars should act on abuse reports from the public, but doing just that is in their best interest. Failing to act can be seen as an act of complicity later when lawsuits begin.
We have a new proactive process that monitors IP abuse in the wild and during initial testing we found 85 compromised IP addresses at one provider's ASN that were hosting spam template content. These sites are never advertised themselves but rather provide low-level content delivery to thousands of spammed domains which are advertised, dumped and replaced. We found that many of the domains that used these templates had trademarks in the domain names. Words like Zoloft, Motrin, Norvasc, Celexa, Zyloprim and many others. None, of course, were the real sites controlled by the actual brand-holders.
One thing is for certain, they are making considerable amounts of money by abusing brands. So much so that they have gone beyond common spam, site hijacking, or paid search engine advertisements and are now issuing press releases to announce deployments of new illicit pharmacies. It seems mind-boggling that a completely illegal business would be so brazen as to use a press release but it shows us the lack of fear on their behalf.
So, folks may wonder why if there is an abundance of research data as well as legal authority. Reason is simple: no enforcement. Many IP attorneys have expressed their lack of faith in WIPO and ICANN enforcement. Brand holders feel that chasing IP violators on the Internet is like swatting at gnats. Recently, we got into a spat with a Registrar over an unlicensed pharmacy domain that was impersonating a pharmaceutical manufacture. The Registrar brushed off our concern until we made clear that their position was completely indefensible. They finally suspended the domain after the brief discussion. The pharma brands also share in the blame for not enforcing their marks. Some drug companies may have unfortunately lead to believe that there is no solution. Others fear the public perception of big pharma pursuing lost profits from illicit providers as if the rogue drug traffickers were some kind of Robin Hood. They are not. Illicit drug traffickers are only helping themselves and often replacing active ingredients with poison. Money in their pocket, garbage in your body.
Some Registrars and ISPs welcome the rogue pharmacy traffic because of the revenue generated by thousands of illicit sites that operate with impunity. Others are seemingly helping illicit pharmacies find variations of unclaimed trademark violation domains with "suggestion" utilities (see sample snapshot). For those that are not familiar with domain registration, some companies will allow you enter any word, including the name of a trademarked product, and return a massive list of unused variations containing that word. For anyone wondering how the spammers come up with so many different URLs with the names of male enhancers, they actually don't have to because Registrars will make them up on the fly for the spammers to buy in bulk. It is a puzzle to many people how the Registrars can sell off someone's trademark. This is, of course, the fundamental question. Adding a warp-speed engine that generates lists of potentially abused trademarked domains is the injury to the insult.
This is a wake-up call the pharmaceutical brands, I am telling you that something can be done to put the pharmacy fraudsters out of business. The problem can be quantified, minimized and managed. And, honestly, this is the case for any trademarked product or service being abused on the Net. It's a new year, let's move in a new direction. The best solution to the whole abuse problem is a shared solution between government, Internet users, brand-holders and service providers. If everyone lifts their weight we all benefit.
By Garth Bruen, Internet Fraud Analyst and Policy Developer. Visit the blog maintained by Garth Bruen here.
Related topics: Access Providers, Cybercrime, Cybersquatting, Domain Names, Domain Registries, ICANN, Internet Governance, Law, Malware, Policy & Regulation, Security, Spam, Top-Level Domains
To post comments, please login or create an account.
Copyright © 2002-2010 CircleID.
Iomemo Inc.
All rights reserved unless where otherwise noted.
This kind of hysterical articles is what gives some spam fighters a bad name. While spam and selling prescriptions illegally is bad your "Salem Witch Trial" techniques makes things worse.
You claim to know how much profit these spammers are making but I don't think you really have any idea how much they actually make. Trademark claims are complicated and such claims are not criminal cases. Further, unless you are the trademark holder you have no standing to bring such a complaint. If every registrar started shutting down domains because someone claimed trademark infringement you would have chaos. For instance, the sex.com guy who stole the domain used to threaten everyone with "sex" in their domain with trademark infringement. Many companies have been found to engage in "Reverse Domain Name Hijacking" in domain disputes.
You also make claims such as "Failing to act can be seen as an act of complicity later when lawsuits begin." Spamming has been going on for years. How many such suits have there been? Is the electric company also going to be sued for supplying electricity to spammers? If that were true all the major ISP's would be shut down (AOL, Comcast, Verizon, etc.) because they often don't answer the spam complaints.
The scariest part was that you had a domain suspended after "brief discussion." Are we now supposed to shut down domain every time a complaint is made? Just try reading some of the anti-spam newsgroups and tell me if you want some of those people running around shutting down domains based on their word.
In one case a major e-mail provider blocked me from responding to someone who sent me e-mail from within their network. the reason they gave ... and IP close to mine was supposedly involved in spamming and they claimed it was up to me to tell the host to stop it. It turns out they had no evidence or any kind of explanation at all, they just abused their position as a mail administrator and just wanted to tell people what to do and annoy the host they thought was a spammer. They had no concern that they disrupted my business and I had no association with spammers. These administrators who abuse their positions are just as bad as the spammers.
"The best solution to the whole abuse problem is a shared solution between government, Internet users, brand-holders and service providers." This sentence says nothing about any potential solution and is meaningless. Your solution is that everybody is supposed to act on your word and do what you say ... or there will be repercussions.
I get the impression that this article is more about pitching KnujOn's Brand Protection services than suggesting a viable general solution. Generating fear is a time-honoured way to generate sales, after all, and the article is big on scary-talk while being thin on anything that could be described as practical advice. Think of this article as a load of marketing bluster, and it makes perfect sense. Maybe it wasn't intended that way, but that's the interpretation that makes sense to me.
My apologies in advance to Mr Bruen if this assessment seems unduly harsh. I don't mean to imply that the article is dishonest or anything like that.
I am running into similar issues with my lawsuit about IP address blacklisting. Microsoft (FrontBridge), Cisco (SenderBase.org/IronPort) and Comcast are all claiming immunity under the Communications Decency Act. However, immunity is granted to "Good Samaritans" acting in good faith. I have argued that once they offer a paid service to provide blacklists they are no longer a "Good Samaritan." In the case of Comcast they said there would be no blocking if I paid for a business account ... but they won't explain how a security/spam issue would "disappear" by me paying them more money.
I've seen, and interacted with, people who work, constructively, with the registrar and registry community. And I've seen people with a taste for PR and a huge amount of marketing bluster backed with statistics that various other vendors too have released… with, note well, fairly significant statistical variation between the stats produced by one security vendor or the other.
Not too much of an issue when you read stats as stats, but if you use them tor un a top 10 ranking of which ccTLD stinks the most, and simply attack without providing more usable stats, its not the best possible way to win friends or influence people.
<>
Um, are you talking about something we published or John Yunker's article on "The World's Most Dangerous Country Code Top-Level Domains"(which I actually agree with)?
Right. Yunker was quoting an AV vendor's study about ccTLDs, on similar lines.
That little fact corrected, the rest of my comments stand just fine on their own.
Right, giving repuations to an entire country's TLD or a host completly disregards the fact that many innocent people use those services in good faith and would be caught up in any "enforcement" action. In the Salem Witch Trial days there was something similar ... you throw the supect into a well. If they sink (and drown) then they are innocent and their name is cleared. If they float they are a witch and will be put to death. Of course these things never matter to a hysterical anti-spammer who has blinders on.
<>
If you're concerned about that then why did you give it more coverage?
<>
Sales of what? If you knew anything about us you would know about the thousands of free hours we've done for consumers, law enforcement, and small business.
<>
Actually, the advice is quite clear. Providers who knowingly sponsor illicit pharmacies expose themselves to criminal and civil liability.
As far as fear goes, people should be but they're not. Male enhancer spam is the butt of jokes, fake pharmacies are seen as safe alternatives. Just read this FDA alert: http://www.thetechherald.com/article.php/201001/5026/FDA-issues-warning-over-online-pharmacy-extortion-scam
Criminals extending pharma fraud to extortion, impersonating law enforcement, credit card fraud…
If I've warned only one consumer off of bogus pills with "fear", then I'm happy.
<>
That's the way it sounded.
The fact that your article (and quite a few others here on Circle ID) is primarily a vehicle of self-promotion doesn't concern me. I only point it out because I don't want people entering into a debate with a sales pitch. Sales pitches aren't subject to the usual rules of rational debate, and tend to generate frustration when approached critically. The ensuing argument is more painful than educational.
Sales of security-related products and services, of course. When you're offering protection (as you are), you have to first persuade people that there is a threat from which you are protecting them—that is, you instil fear. Then you have to persuade them that your product or service will protect them from that threat—that is, you make your product or service look potent.
That's admirable. Am I supposed to refrain from criticism because of this, or what?
That would be advice if you were a lawyer. To me, however, it looks more like rattling the sabre. You're expressing a willingness—an eagerness, even—to stick it to these bad-egg providers with the full force of the law. Whether you have any actual standing to do so, or any sound legal doctrine on which to base such an attack is one of the questions being raised here.
<>>
<
These two statements are contradictory. You are saying on the one hand if someone has a commercial interest, their blog is not serious. On the other hand if someone should be a lawyer (who always have commercial interests) to discuss the problem. You are narrowing who is allowed a voice.
Additionally, it is abhorrent to suggest someone cannot discuss an issue if they are not a lawyer.
<>
Hardly, we love the spirited debate.
You're misunderstanding me. You are entitled to your commercial interests, and you are entitled to voice your views in that domain.
I note, however, that you are not an expert in law, so your opinions on matters of law should be considered unreliable. I think you should refrain from offering legal opinions, let alone advice, unless KnujOn has a qualified legal department which has analysed the issues and approved the opinions. It's one thing to express an opinion on what the law ought to be—we non-experts are fully entitled to a position on that matter—but non-experts should tread lightly when opining as to what the law actually is. I wish that law did not require expertise to understand, since we are all subject to it, but that has been the reality of the matter for longer than any of us have walked the earth.
In any case, the thrust of my warning is not addressed to you, but rather to the likes of Russ Smith, who would argue with you. I warn against entering into debate with this article because it is a sales pitch. As such, it views the issue from a particular perspective: the business perspective of KnujOn. Most of us, operating outside KnujOn, have a significantly different perspective on the matter. Any argument which fails to recognise differences in perspective between the parties will result in a fruitless and frustrating clash, rather than a productive argument, so don't go there. I'm not saying that your perspective is wrong, or invalid: it's just seriously incompatible with many others.
I would recommend caution when noting that KnujOn does not have expertise in law. While it may be true that we did not go to law school, we have colleagues that have, so we have access to law expertise. Besides, I personally have gotten the better of several lawyers at their own game on their own turf. It's not that hard. We are well aware of the difference between citizen opinion and legal opinion, but that argument is a red herring.
KnujOn would love to be a real commercial entity, but most of work has involved very little money. The accusation that these blogs are commercial in nature is another red herring to the readers. That is not what this is about.
We have had interactions with parties from all over the world, so again we are well aware of the differences of opinion that can and will arise. Not an issue.
The blog entries should be taken as they are written and non-relevant issues should be brought up in their appropriate venues, not thrown in here to provide a distraction to the real issues.
The only real complainers are the criminals, the registrars and folks who do not understand what we do, and maybe a few others just looking for a good debate.
There is a large amount of information that needs to be digested before some of the research conclusions make sense, but sometimes it feels like trying to convince the Flat Earth Society to rethink their position.
Lastly, In the past, I have personally discussed KnujOn's approach to some of the commenters. They believe very strongly in their position and are unlikely to change, but our record of success in making changes for the better speak for itself. It's why we get the pushback.
<>
You are wrong on many levels with this statement. First and foremost, the fact that the CDA does not provide protection to providers in criminal and IP cases is not our -opinion- it is an accepted reality. The abstract of Solid Host, NL v. NameCheap, Inc., is an excellent example: http://www.finnegan.com/files/upload/Incontestable_June09_3.html
as is this analysis of Jane Doe v. Friendfinder Network Inc. and Various, Inc.: http://www.internetlibrary.com/topics/cda-ip-law-exception.cfm
The CDA itself plainly states: "NO EFFECT ON INTELLECTUAL PROPERTY LAW-" Section 230
The idea that we are giving a legal opinion is incorrect. Criticism that we are giving inaccurate legal advice is a complete misreading of the article.
<>
You keep saying that but it's not true.
<>
You speak for everyone?
<>
This is an odd statement. You should read it back to yourself. It sounds like you are saying that minority thoughts should be self-policed and brought into line with the perceived mainstream?
From American Journal of Law and Medicine:
"Online sales of pharmaceuticals are a rapidly growing phenomenon. Yet despite the dangers of purchasing drugs over the Internet, sales continue to escalate. These dangers include patient harm from fake or tainted drugs, lack of clinical oversight, and financial loss. Patients, and in particular vulnerable groups such as seniors and minorities, purchase drugs online either naïvely or because they lack the ability to access medications from other sources due to price considerations. Unfortunately, high risk online drug sources dominate the Internet, and virtually no accountability exists to ensure safety of purchased products."(http://www.safemedicines.org/resources/LiangMackeyAJLM.pdf)
Hello again "Russ Smith",
<>
<< Just try reading some of the anti-spam newsgroups and tell me if you want some of those people running around shutting down domains based on their word.>>
You like anti-spammers, you don’t like anti-spammers.
<>
Yes, Worse for criminals and criminal partners
<>
True, calculating underground profits is difficult, but by examining the amount of money they spend gives you an idea of the size of the returns.
<>
Yes, I made a clear distinction between the two, it was one of the main points.
<>
Wrong. As a consumer I always have a stake in my purchases being safe and functional.
<>
The situation is chaos right now. This is about bringing order.
<>
Not even close to what I'm talking about
<>
Who?
<>
You’re confusing the issues. This statement was about intellectual property not spam per se.
<
Wash, rinse, repeat. Where will it end?!? I'm very specifically talking about Registrars and ISP. Going after electric companies is hysteria.
<>
Talking about selling trademarked goods, not spam specifically. Please read carefully.
<>
The discussion was about unlicensed pharamcies and IP violations. Please read carefully.
<>
Relevance?
<>
Not "everybody", just providers under contract or legally obligated for other reasons. And this isn't
about me, this is about everyone who feels the effects of poor IP enforcement.
<<… or there will be repercussions>>
Well, yes, this is the whole concept of the law: bad actions have negative repercussions.
Your responses are somewhat thin on facts and you look for technicalities rather than addressing the main issues.
You have no legal standing to dispute a trademark that does not belong to you, only the owner of the trademark has that right. If you have a case decision that says otherwise I would like to see that.
As for the rest of your discussion it all depends on you, and you alone, deciding on what is illegal, unlicensed, violations, etc. Then you try to harass innocent parties by claiming if they do not do what you saying they are criminals and will be suject to lawsuits even though you have no legal basis to make the claims. You also completely dismiss the possibility that you could ever be mistaken. Many system admins who abuse their position have this same notion. This will simply lead to more regulation that will cost legitimate opertors money and the spammers will just find a way around it.
You still cannot come up with an answer of why ISP who is not directly involved in the spamming should be targeted while the elctric company should not. Isn't the electric company making the spamming possible and aren't they profiting from allowing the service to continue? You also cannot come up with an answer as to why almost all ISP's should be shut down because they didn't answer a spam complaint or do what you say (whether it be your pet peeve pharmacy trademark issue or some other issue involving spam).
I am sure your response will somehow lead back to unlicensed pharmacies but my comments are general. You can substitue that for all kinds of things like phony loyalty programs, credit repair, abortion, weapons, nazi memorabilia, counterfeit goods of all sorts, and on and on. In Kentucky (home of the Kentucky derby) the courts even tries to shut down domains associated with online gambling ouside the USA where the activity is legal.
As for reverse domain name hijacking and overreaching trademark owner claims happen all the time. Look up "Reverse Domain Name Hijacking" in the domain dispute decisions and you will find many.
First, legal standing is not the same as having an interest in a legal outcome. Consumers do have an interest.
Second, KnujOn does not decide what is legal or illegal. The laws of the US and the states take care of that. In the instance of on-line pharmacies, you do not need to be a lawyer to know that selling prescription drugs (controlled, scheduled drugs) without a prescription is illegal. Moreover, you are required by law to see the physician in person to get that prescription. All KnujOn has to do is report that situation.
KnujOn has been doing this sort of thing for over 5 years - without a single mistake. There are built checks to prevent that from happening, starting with KnujOn and running through the registrars, ISPs, etc. Any complaint recipient can verify the complaint before a take-down.
ISPs and other such organizations are targets because they are the most effective in shutting down spammers. The electric company is not. The electric companies a regulated public utility. ISPs, etc are not. Are you saying they should be?
The unlicensed pharmacies are breaking the law and are providing a lot of money to the criminals who run them, so yes at the moment, they are primary targets. They can sell in any country they want, just not the US.
As far as ISPs not answering spam complaints, they should. Registrars must because they all signed a contract that stipulates they will.
The basic problem here is that money has trumped ethics, like in most business, but the Internet related organizations do not feel subject to any laws, rules or regulations. These parties are not innocent, just greedy.
Agreed with everything you said, except
Read up on TRIPS on the WHO site:
http://www.who.int/medicines/areas/policy/wto_trips/en/
Seems strange how some of the critics simply do not realize the damage, directly and indirectly, done by these offers of illegal drugs (spam being incidental). Once the damage is done, who are they going to blame then? FBI? FDA?
In fact I wish to rephrase your "Flat Earth Society" statement into the "Virtual World Fraternity" (VEF) here. There obsession with the virtual world has let them forget the basic evolution of laws, rules and ethics that led to civilization as we know it today, also the lessons. Now, because something is at the end of a network, are we to assume those laws and rules do not apply?
The USA is a member of the WHO, along with 147 other countries, regardless of the Phrama offer arriving due to an self blinding registrar enabler via the net or not. Nowhere in TRIPS or like is any mention made or the term Registrar, ICANN, Hosting Provider or any other member of the VEF.
Likewise this argument applies to almost all activities on the net today regardless of what the VEF thinks. Not only do national laws apply, also international laws where the USA is a signatory to and member of many of those bodies out there. Without it, it would not be able to allow many of it's citizens to enjoy what they take for granted, be it a product or protection. The VEF needs to wake up.
<>
If, as a consumer, I'm harmed by a fake product I've got lots of standing.
<>
<>
Well, the main issue of this discussion has been Internet pharma, which we've provided many facts on - but you don't like us talking about it so obviously nothing will satisfy.
<>
Why should I? it's a ridiculous comparison. First, electric companies exist to deliver power, ISPs exist to deliver Internet traffic which is the issue. Second, in order to access electricity I do not have to connect to a network(I can generate my own electricity), but in order to access the Internet I have to go through an ISP.
<>
I will answer that if you can show where I said it. What I've said is that not taking action leaves them open to criminal and civil action. I don't want all ISPs shutdown, just the illegal sites they support.
<>
No, what I said (again) is that not taking action leaves them open to criminal and civil action.
My main grouse so far has been (and I told you this back when we had dinner at that chinese restaurant, during MAAWG San Fran last february) that knujon has been, so far, way too confrontational and media oriented to be actually effective.
You'll find that a lot of the constitutencies you're trying to target are going to work far better with you if you're not out to
1. Lump them with genuinely bad actors [your registrar list had a strange mix of extremely whitehat registrars that'd have a problem - and quickly deal with it .. and extremely shady ones.. all tarred with the same brush]
2. Make them look bad in the media
Real work goes on - a lot of it - that you just don't see (and won't ever see, I suspect).
Well, you have outed yourself. I Hope you are well. The Chinese dinner was excellent, including the discussion. All the presentations I have given have been well received, so you are in a minority.
Yes, you did say the same thing. However, I said (and still say) that not much was done before we used the sunshine approach - all backed up by statistics and real research. Nothing was ever refuted, only disliked. Each registrar was offered a chance to work with us (for free) to fix things and only a handful took us up on it. My feeling was that the money was too good. If a registrar was lumped in with others that seemed inappropriate, it was based on data. They should have responded to us.
We are only interested in working with those who are sincere. Stop whining and contact us. The fact they are unhappy means very little. They would not work with before and they won't work with us now. Nothing has changed and your contention that they would work with us if they were not so unhappy has not been verified. It is just your opinion at the moment. Feel free to alter that at any time. Show me the "real work" that I don't see. I am open minded, and public about my goals. No hidden agenda.
None of the work in the shadows has produced long term changes, as have the changes to the RAA, for example or the FDA letters to the registrars. Take the recent changes in China. Xinnet was the worst registrar in the world on both of KnujOn's top 10 lists. ICANN was afraid to de-accredit them, but the Chinese government has shut then down. Real work does go on, in spite of hiding in the shadows hoping that KnujOn will go away. There are more people like us showing up everyday.
If they look bad in the media, it's their own fault. We are merely reporting the facts. If they don't like it, they should change the facts - and they can. We will continue to do research, gather data and make it public until the Internet is cleaned up. Those that make money from the 'Net have a responsibility to all the users in the world to keep it clean and safe.
Xinnet seems to have gone down in a general chinese campaign on online porn. Nothing much at all to do with fast flux etc .. that's a campaign that's strictly local, appears totally unconnected with icann politics, or with knujon (or any other) campaigns, (except for post hoc, ergo propter hoc assumptions, of course).
There's at least three or four chinese registrars with far more problems than xinnet, for several months now.
I meant that you were outed as someone I actually spoke with (previous post). I did not name names to protect the innocent.
Yes, Xinnet went down as part of a general campaign. I mentioned it only to show things do happen that are not caused by us, fastflux was not a factor. ICANN though they were too big to take down, thus protecting them. Sooner or later though, the bad guys get caught or worse, don't make any money ;) I can only hope that China has made some progress that will last.
And yes, we are aware of the other bad Chinese registrars. They will get theirs sooner or later. All countries have people who are willing to work to put the Internet in a safe place.
Agreed. Also, with many of them are extremely knowledgeable and being experts in their own right and many making a living from IT. We need to ask why?
Maybe they are not happy seeing the promise of the net and things they worked for rapidly going to the dogs. Maybe you could consider it the masses asking for a bit of integrity and accountability.
The Illicit Internet Pharmacies just once again illustrates the sick Internet and the shortcomings of the appointed custodians.
What trust or respect should we have for any registrar, hosting provider or like that is willing to idly stand by and allow people with criminal intent, selling drugs that may harm that registrar's or provider's fellow citizens, to abuse their services all for his few dollars of the pie. When confronted, the wish to hide behind something erroneously called the Communications Decency Act. I find nothing decent about this.