By Dancho Danchev
Opportunistic pharmaceutical scammers are currently spamvertising tens of thousands of bogus emails impersonating Facebook’s Notification System in an attempt to trick users into clicking on the links, supposedly coming from a trusted source. Once users click on the links found in the fake emails, they’re exposed to counterfeit pharmaceutical items available for purchase without a prescription.
More details:
Sample screenshot of the spamvertised email:
Counterfeit pharmaceutical URL: hxxp://medicinetabreckitt.com – 69.64.37.9 – Email: davis@medicinetabreckitt.com
Sample screenshot of the landing URL:
Known to have responded to the same IP, are the following fraudulent domains/subdomains:
bizmowerstore.com
whiv.ru
wiskicare.eu
wlptab.pl
salerxhighest.nl
medpillped.pl
brennanlisprescription.nl
bulimic.marijuanapharmedical.com
canadaviagracanadas.com
canadaviagracent.com
mail.medicarepillscms.com
mail.mymedicalpill.com
mail.newpharmedicine.com
mdnowbe.pl.ua
mdnowtiny.pl.ua
mdnowtoe.pl.ua
mdnowtune.pl.ua
medicalpharmacists.com
medicarepharmdeficit.com
medpillped.pl
mehervato.com
mentalrx.pl
newpharmedicine.com
nrytgyxvom.com
ns2.neslyngei.com
pharmticker.com
rxcarestore.com
weightdietrx.pl
shortlisted.welnesscanadalberta.com
smoothtongued.welnesscanadalberta.com
spheroid.welnesscanadalberta.com
raining.welnesscanadalberta.com
televisual.welnesscanadalberta.com
reactionaries.welnesscanadalberta.com
stipples.welnesscanadalberta.com
venders.welnesscanadalberta.com
tabletmedicineipad.com
quavered.thetabletmedicine.com
unbracketed.thetabletmedicine.com
tsetse.thetabletmedicine.com
weatherproof.thetabletmedicine.com
whitish.thetabletmedicine.com
woodmen.thetabletmedicine.com
prioritisation.thetabletmedicine.com
strider.thetabletmedicine.com
underlinings.thetabletmedicine.com
ruinations.thetabletmedicine.com
projects.thetabletmedicine.com
satirically.thetabletmedicine.com
rotator.viagrahealthcarebiotech.com
taffeta.viagramedbosch.com
uncapped.viagramedbosch.com
reunited.viagramedbosch.com
roommate.viagramedbosch.com
underlying.viagramedbosch.com
wildfowl.viagramedbosch.com
woodpecker.viagramedbosch.com
twiddles.viagramedbosch.com
reshapes.viagramedbosch.com
teat.viagramedbosch.com
unaffectedly.viagramedbosch.com
torontocanadapharm.com
viagrahealthcarebioportfolio.com
sequins.torturelismeds.com
pyromaniac.torturetabcialis.com
proofed.torturetabcialis.com
surcharged.torturetabcialis.com
sword.torturetabcialis.com
scythe.torturetabcialis.com
unalterable.torturetabcialis.com
truffle.torturetabcialis.com
proceeding.torturetabcialis.com
rustling.torturetabcialis.com
throttling.torturetabcialis.com
springclean.torturetabcialis.com
unmasks.torturetabcialis.com
repeals.torturetabcialis.com
prophetess.torturetabcialis.com
soft.torturetabcialis.com
purview.torturetabcialis.com
regretful.viagraphysicians.com
strangles.viagraphysicians.com
shutup.vitaminherbalwelness.com
viagralevitratax.com
switcher.viagralevitax.com
victims.viagralevitax.com
slippery.viagralevitax.com
requisitioned.welnessmedicineveterinary.com
unimaginable.welnessmedicineveterinary.com
slurring.welnessmedicineveterinary.com
rug.welnessmedicineveterinary.com
tough.welnessmedicineveterinary.com
unbeaten.welnessmedicineveterinary.com
squirms.welnessmedicineveterinary.com
raisins.welnessmedicineveterinary.com
rearmament.welnessmedicineveterinary.com
toffy.welnessmedicineveterinary.com
signally.welnessmedicineveterinary.com
tensity.welnessmedicineveterinary.com
tabletspharmacytabs.ru
Earning revenue while participating in a pharmaceutical affiliate network, the scammers behind these campaigns have a proven record of impersonating legitimate and trusted brands in an attempt to trick users into clicking on the links. The ultimate question – is someone actually buying these counterfeit drugs? The answer is surprisingly, yes, with the U.S accounting for 72% of pharmaceutical orders, according to research published last year.
Users are advised to avoid interacting with such Web sites, and to consider reporting them as fraudulent immediately.
You can find more about Dancho Danchev at his LinkedIn Profile. You can also follow him on Twitter.
