Home / Industry

The Botnet-Counterfeit Drugs Connection

Spam levels have declined dramatically since the March 16 takedown of Rustock, the world's largest botnet, but how long will this victory last? Rustock was responsible for sending almost half of all global spam and up to 44 billion spam emails per day. The spam was mainly emails that linked to websites offering counterfeit pharmaceutical drugs. Since the Rustock takedown, Viagra and Cialis spam emails have declined 75 percent, and security vendors have noted that Rustock has not become active again. The takedown is certainly a positive development, but pharmaceutical brand owners have good reason to remain cautious.

The key reason for caution is that the economics of the counterfeit drug industry suggest a continuation of pharmaceutical spam. One security researcher involved in the Rustock takedown observed that the money the Rustock botnet operators were making from sending pharmaceutical spam "was off the chart." According to an Interpol official, criminals spending $1,000 to make counterfeit medicines can earn as much as $450,000. There is a lot of money flowing between the counterfeit drugs industry and the botnet industry.

This big money means there will likely be replacement botnets or alternative online marketing methods to drive traffic to fake pharmaceutical sites. Cybercriminals may develop new botnets via increased malware infections. Or they may find new ways to drive traffic to fake pharmaceuticals websites. Current botnet operators could also form alliances to take up some of the slack in email distribution after Rustock. The point is there's just too much money at stake for the Rustock takedown to be the last word in pharmaceutical spam.

Post-Rustock, pharmaceutical brand owners should remain vigilant and monitor their brands, especially across websites, business-to-business exchanges, and search engines. An effective online brand protection strategy must address distribution channels as well as promotional touchpoints. Such an approach is the best way to protect customers from being diverted to places on the web selling fake, potentially harmful pharmaceutical drugs.

About MarkMonitor

MarkMonitor

MarkMonitor®, the world leader in enterprise brand protection and a Thomson Reuters Intellectual Property & Science business, uses a SaaS delivery model to provide advanced technology and expertise that protects the revenues and reputations of the world's leading brands. Learn More

Related topics: Cybercrime, Malware, Security, Spam

WEEKLY WRAP — Get CircleID's Weekly Summary Report by Email:

Related Blogs

Related News

Topics

Industry Updates – Sponsored Posts

Introducing the Verisign DNS Firewall

TLD Security, Spec 11 and Business Implications

Verisign Named to the Online Trust Alliance's 2015 Honor Roll

3 Key Steps for SMBs to Protect Their Website and Critical Internet Services

Key Considerations for Selecting a Managed DNS Provider

Verisign Mitigates More DDoS Attacks in Q1 2015 than Any Quarter in 2014

Verisign OpenHybrid for Corero and Amazon Web Services Now Available

Afilias Supports the CrypTech Project - Ambitious Hardware Encryption Effort to Protect User Privacy

Public Sector Experiences Largest Increase in DDoS Attacks (Verisign's Q4 2014 DDoS Trends)

Help Ensure the Availability and Security of Your Enterprise DNS with Verisign Recursive DNS

Verisign iDefense 2015 Cyber-Threats and Trends

What's in Your Attack Surface?

Q3 2014 DDoS Trends: Attacks Exceeding 10 Gbps on the Rise

3 Questions to Ask Your DNS Host About DDoS

Afilias Partners With Internet Society to Sponsor Deploy360 ION Conference Series Through 2016

Neustar to Build Multiple Tbps DDoS Mitigation Platform

The Latest Internet Plague: Random Subdomain Attacks

Digging Deep Into DNS Data Discloses Damaging Domains

New gTLDs and Best Practices for Domain Management Policies (Video)

Nominum Announces Future Ready DNS

Sponsored Topics