Shady online pharmacies are still a great source of income for cybercriminals

Apr 25, 2012 18:11 GMT  ·  By

Cybercrooks are persistent when it comes to duping Internet users into visiting their malicious sites. The last campaigns rely on fake notifications that seem to originate from LinkedIn, MySpace, Pinterest, or Foresquare.

The main goal of these schemes is to lure users to fraud sites or shady online pharmacies, Trend Micro experts inform.

While bogus notifications from LinkedIn and MySpace are not exactly uncommon, ones that purport to come from Foresquare and Pinterest are only now becoming a trend. However, as Pinterest’s popularity grows, so will the campaigns that rely on it.

The alerts that target Foresquare customers use the [email protected] spoofed email address to make them more legitimate-looking.

To mask the malicious links contained in the email, a clever tactic is deployed by the fraudsters. Users who click on them are not taken directly to the online drug store. Instead, they are first directed to an empty webpage that contains another link. Only when this one is clicked, the victim is presented with the shady site.

The LinkedIn and MySpace emails are also well designed, embedding a number of graphical elements that appear in genuine notifications. The sender’s address looks something like [email protected] and [email protected], which leads recipients to believe that the messages really come from the social media networks.

In both cases, the links point to a website called Wiki Pharmacy, which advertises a number of shady drugs at apparently fabulous prices.

Finally, researchers reveal that the weight loss scams that were seen circulating on Pinterest were adapted and sent via email.

“Here’s a tip to all my female Pinterest friends! [LINK] the article describes perfectly how I have eliminated 29 lbs last month!,” reads the fake alert.

Similar to the variant that makes the rounds on the social network, the email version of the plot also directs internauts to fraud sites.