Pharmaceutical spam

Currently, the share of pharmaceutical advertisements reaching users’ inboxes accounts for one quarter of the total volume of all spam. Several factors contribute to the popularity of this type of spam.

Firstly, in the USA, which is the main target for pharmaceutical spam, the situation with buying medications is not as simple as it is in Russia. It is next to impossible to buy pharmaceutical products in an American pharmacy without a doctor’s prescription. So if you need to take pills regularly, you must visit a doctor every time you go to a pharmacy. It means Americans have to pay both for the doctor’s signature on the prescription, and for the medication itself.

Secondly, the companies selling pharmaceutical products via the Internet (on prescription only) have made incredible profits.

In this situation, the appearance of illegal online shops that offer considerable savings is hardly surprising. However, the medication that they offer is mostly counterfeit or simply fake. Fraudsters themselves often send out spam mailings containing adverts for suspicious products that they then sell online.

Legitimate vendors warn that: At best, ‘economy’ pills are simply ineffective and at worst, they may cause serious health problems. Sometimes ‘considerate’ fraudsters are only after the customer’s credit card data, which the customer enters on the site, and have no intention of supplying any pills, hazardous or otherwise, to the naive consumer.

The majority of spam messages in this category are written in English. Pharmaceutical spam on the Russian Internet is quite rare. This is because online shopping is not as popular in Russia as it is in western countries, medical services are much cheaper and Viagra can be easily bought at the nearest chemist.

What do spammers advertise?

According to Kaspersky Lab’s classification, this spam category includes medications, dietary supplements, offers of medical and health-improvement services and allied products.

Viagra is no doubt the unsurpassed leader of all the spammers’ offers. The ‘blue pill’ has established a new pharmaceutical branch. A great number of fraudsters exploit the legendary reputation of this rather expensive medication and its lesser known analogues – Tsialis and Levitra. The most uninventive fraudsters offer ‘original hexagonal pills’ at a price considerably lower than $10, without a prescription being required.

More creative fraudsters sell pills that allegedly contain some special ingredients. The Pfizer Corporation, developers of Viagra, warn that: ‘Generic Viagra’ does not exist and will not appear before 2011 – the expiry date for Pfizer patents.

Another spammer adaption appeared in reply to the increasing interest in natural medications: spammers immediately started selling ‘Natural Viagra’.


In second place on the fraudsters’ virtual price list is weight loss supplements. The most popular of these being Hoodia Gordonii. This cactus has long-since been used by Africans to ward off hunger. Hoodia Gordonii has become world famous due to some very effective advertising by the abovementioned Pfizer Corp. However their efforts were in vain as the desert plant cannot be cultivated industrially. In addition, the active substance turned out to have unpleasant side effects and this meant that it could not be used by the pharmaceutical giant. Buoyant demand for this plant has made it a critically endangered species and the market has become flooded with products that have nothing to do with Hoodia Gordonii except for their name. In many countries this ‘natural hunger suppressant’ was forbidden and that eventually pushed this suspicious product over into the spam category.


Diet Pill Breakthrough!!!

What if you could actually shed 10, 15 or even 25 pounds quickly and safely in less then 30 days?


Click below to learn more about Hoodia:

In third place come antidepressant and sedative medications. The main hero of Chuck Palahniuk’s ‘Fight Club’, Jack, suffered from insomnia, but the doctor refused to prescribe him any sleeping tablets. You would not be able to buy any medication at an American pharmacy without a prescription. Given that taking tranquilizers in the USA is considered normal, it’s quite natural that antidepressant and sedative medications that can be bought without a prescription are so popular.

Outright quack remedies have their place in the spam list too. The fraudsters who sell aphrodisiacs guarantee ‘Total Success’ – if you use the substances that they sell to attract the opposite sex. Spam circulating in western countries regularly offers ointments to help enlarge your penis size exponentially, whilst Japanese spam occasionally offers breast enhancement without plastic surgery. Everything that cannot find its way on to the shelves of credible drugstores, like pills that change sperm taste or volume, is sold through illegal emails.


Longer orgasms – More Sperm, means longer orgasms. Make her worship you!

24 hour shop

Technical tricks of pharmaceutical spam

Technically, pharmaceutical spam is one of the most sophisticated types of unsolicited mailings. The list of popular medications is not very long and has long been included in email filtering systems. That is why spammers have to find new ways to bypass filtering in order to deliver adverts containing well-known names of medications to users’ inboxes.

The easiest way to ‘deceive’ the system is to write the name of the medication by combining letters, dots, gaps and other symbols (V i a_g.r,a LaEcVeIgTmRnA). Another widely used trick is to replace the letters with similar symbols (for example, l is replaced by 1, a – by @, etc) – \/@1|um ( ia1I$. A human can read it, but a program cannot.

However, the use of these tricks often leads to seriously distorted text. This may result in a user failing to guess what they are being offered.

More skillful spammers prefer HTML. They use invisible text (white letters on a white background) or split the words across tables, thus allowing recipients to read the text, but the system detects a senseless mix.

This is what a user sees:


This is what a robot sees:


With the development of zombie networks, spammers have the opportunity to send out sizeable emails with the advertising drawn on the picture itself. Electronically differentiating the text from the picture is still a highly technical task for a computer, especially if fraudsters have distorted the picture, added random background or just cut it into small pieces.


Spam and phishing in Q1 2018

The quarter’s main topic, one that we will likely return to many times this year, is personal data. It remains one of the most sought-after wares in the world of information technology for app and service developers, owners of various agencies, and, of course, cybercriminals. Unfortunately, many users still fail to grasp the need to protect their personal information and don’t pay attention to who and how their data is transferred in social media. Read Full Article


Tens of thousands per Gram

In late 2017, information appeared on specialized resources about a Telegram ICO to finance the launch of its own blockchain platform. The lack of information provided fertile ground for scammers: the rumors prompted mailshots seemingly from official representatives of the platform, inviting people to take part in the ICO and purchase tokens. Read Full Article


Every little bitcoin helps

It often happens that inventions and technologies that start out good end up turning into dangerous tools in the hands of criminals. Blockchain is no exception to this rule, especially in its most common cryptocurrency incarnation. The attacks targeted employees of small companies, but such emails could be sent to any user’s personal mail. Read Full Article


IT threat evolution Q3 2017

Our growing dependence on technology, connectivity and data means that businesses present a bigger attack surface than ever. Targeted attackers have become more adept at exploiting their victims’ vulnerabilities to penetrate corporate defences while ‘flying under the radar’. Read Full Article


Spam and phishing in Q3 2017

In terms of the average share of spam in global email traffic (58.02%), the third quarter of 2017 was almost identical to the previous reporting period: once again growth was slightly more than one percentage point – 1.05 (and 1.07 p.p. in Q2 2017). As in previous quarters, spammers were quick to react to high-profile events and adapted their fraudulent emails to the news agenda. Read Full Article


Spam and phishing in Q2 2017

In Q2 2017, the average share of spam in global email traffic amounted to 56.97%, which was only 1.07 p.p. more than in the previous quarter. One of the most notable events of this quarter – the WannaCry epidemic – did not go unnoticed by spammers: numerous mass mailings contained offers of assistance in combating the ransomware. Read Full Article