Spam study offers statistics on 'brandjacking'
(Credit:
MarkMonitor)
MarkMonitor, a San Francisco-based enterprise brand protection company, on Monday released its latest survey. During June, MarkMonitor tracked more than 100,000 drug-related spam landing sites and found a majority of these practice poor Internet security and may not be selling legitimate brand-name drugs, which could endanger users tempted by the low prices offered.
While that's not earth-shattering news, the report gives concrete statistics surrounding the practice known as "brandjacking," which can encompass a variety of online threats to brand names. In the report, MarkMonitor said sample drugs purchased from these sites tested as either stolen, expired, diluted or alternative forms of known brand-name drugs.
MarkMonitor reports that on a daily basis, more than 6,000 unique sites are responsible for these drug-related spam messages, with more than half of this traffic originating in China and Russia. Of the 3,160 online pharmacies landing sites studied, only four are accredited as Verified Internet Pharmacy Practice Sites (VIPPS). One third of the online pharmacies used in the drug-related spam messages generate enough traffic to merit an Alexa ranking.
According to MarkMonitor, a majority of the online pharmacies surveyed, 58 percent, were hosted in the United States, followed by the United Kingdom at 18 percent. More than 50 percent of these sites do not secure customer data, putting consumers? identity information at risk.
To avoid prosecution from registered brand owners, some of these online pharmacies are using a practice called "kiting." Kiting is when a company registers and uses a domain for the ICANN-allowed grace period of five days or less without actually purchasing it. In researching the domain name histories of several pharmacies, MarkMonitor found that a few companies are sharing and kiting the same domain names over and over, more or less cybersquatting for free.
As CNET's resident security expert, Robert Vamosi has been interviewed on the BBC, CNN, MSNBC, and other outlets to share his knowledge about the latest online threats and to offer advice on personal and corporate security. Listen to his podcast at securitybites.cnet.com or e-mail Robert with your questions and comments. 
If it's spam it's a scam.
If it's spam it's a scam.
If it's spam it's a scam.
If it's spam it's a scam.
Who are the dumbasses who buy from spammers anyway?
Maybe getting a computer and getting on the internet should require a liscence where you have to pass a test -- kind of like a drivers liscence.
It is actually more along the lines of promotional material for Mark Monitor. It is a safe bet Mark Monitor will be offering some new suite of services based around what they perceive the contents of the report to mean.
If it was actually a "REPORT" in the purest sense of the word, it would contain a bibliography and details on the validity of the sources cited. Surely this data if accurate is not confidential.
The concept makes great sense, but anybody can snap shot websites and search domain registration data in order to come up with a report such as this.
Phishing schemes will be around as long the general public is foolish enough to click links in emails rather than be certain they are actually visiting a valid website.
These comments, based on facts and common sense do not need a bibliography or reference cites to be accurate.
WE