Pharm spam, pitching fake drugs, accounts for 70% of all spam

Pharm spam — messages pitching fake pharmaceutical drugs — is swamping the Internet. Antivirus giant McAfee today issued this report finding that 70% of spam in September came from scammers directing recipients to websites for a bogus Canadian drug retailer.

The messages aim to take advantage of fears about swine flu and rising health care costs, and do not originate from Canada, says McAfee Labs researcher Adam Wosotowsky.

IBM X-Force on Friday also issued this report showing that another type of dangerous email spam — phishing — is in the midst of a resurgence, after tailing off through spring and summer.

“Contrary to what we witnessed in the first half of this year, phishers came back with a vengeance in the third quarter, says IBM researcher Holly Stewart. “By August, however, the volume of phishing reached the volume seen in the most active months of 2008, and the volume seen in September completely surpassed the volume seen during any one month of 2008.”

Phishers try to trick recipients into typing account logins on faked Web pages. Historically, they’ve focused on PayPal, eBay, Bank of America and other sites that handle financial transactions. Now they are increasingly directing phishing attacks at Hotmail, Gmail and Yahoo Mail email account holders.

Your “virgin” Web mail username and password is worth $1 to $2 in the cyber underground, because it is not yet blocked by anti-spam filters, says Fred Rica, a partner in PricewaterhouseCoopers advisory practice. A scammer will use your Web mail account to email copies of the phishing attack to everyone in your address book. He will then sift yours and your contacts’ email subfolders to ferret out any other online accounts, and try to break in. Or he will “just send spam to the world, which is still very much an active business,” says Rica.

It the teeming cyber underworld, it’s likely that phished Web mail accounts are getting used to spam out Canadian pharm spam. Spammers generate more than 150 billion spam messages daily, enough to send everyone in the world more than 30 emails every day, says Wosotowsky. “The best response for consumers is to avoid clicking links in emails,” he says.

By Byron Acohido

Share on FacebookShare on Google+Tweet about this on TwitterShare on LinkedInEmail this to someone