Spam levels have declined dramatically since the March 16 takedown of Rustock, the world's largest botnet, but how long will this victory last? Rustock was responsible for sending almost half of all global spam and up to 44 billion spam emails per day. The spam was mainly emails that linked to websites offering counterfeit pharmaceutical drugs. Since the Rustock takedown, Viagra and Cialis spam emails have declined 75 percent, and security vendors have noted that Rustock has not become active again. The takedown is certainly a positive development, but pharmaceutical brand owners have good reason to remain cautious.
The key reason for caution is that the economics of the counterfeit drug industry suggest a continuation of pharmaceutical spam. One security researcher involved in the Rustock takedown observed that the money the Rustock botnet operators were making from sending pharmaceutical spam "was off the chart." According to an Interpol official, criminals spending $1,000 to make counterfeit medicines can earn as much as $450,000. There is a lot of money flowing between the counterfeit drugs industry and the botnet industry.
This big money means there will likely be replacement botnets or alternative online marketing methods to drive traffic to fake pharmaceutical sites. Cybercriminals may develop new botnets via increased malware infections. Or they may find new ways to drive traffic to fake pharmaceuticals websites. Current botnet operators could also form alliances to take up some of the slack in email distribution after Rustock. The point is there's just too much money at stake for the Rustock takedown to be the last word in pharmaceutical spam.
Post-Rustock, pharmaceutical brand owners should remain vigilant and monitor their brands, especially across websites, business-to-business exchanges, and search engines. An effective online brand protection strategy must address distribution channels as well as promotional touchpoints. Such an approach is the best way to protect customers from being diverted to places on the web selling fake, potentially harmful pharmaceutical drugs.
MarkMonitor®, the world leader in enterprise brand protection and a Thomson Reuters Intellectual Property & Science business, uses a SaaS delivery model to provide advanced technology and expertise that protects the revenues and reputations of the world's leading brands. (Learn More)
|Cybersquatting||Policy & Regulation|
|DNS Security||Registry Services|
|IP Addressing||White Space|
Minds + Machines
Neustar DNS Services
Neustar DDoS Protection