Pharmacy related spam mails are not new to anyone, some of them are directly selling their wares with suggestive text in the email-subject and some using fake notifications.
Facebook Notification leading to Fake Pharmacy
Most of the time , fake notification messages like this are a clear indication of Phishing attempts or Drive-By downloads or Fake AV, however in this case , the links will lead you to a fake pharmacy online store – medfright[.]com.
medfright.com HomePage
The homepage of medfright[.]com is all about a Canadian Pharmacy, however none of the links pertaining to the Pharmacy Certificates are not working.
Whois: medfright[.]com – a domain created a few days ago.
created: 2013-02-15 23:09:19expire: 2014-02-15 23:09:18 (registry time)
changed: 2013-02-26 07:47:57
[owner-c] fname: Miia
[owner-c] lname: Hietamies
[owner-c] address: Hermiankatu 92
[owner-c] city: Aijanneva
[owner-c] pcode: 34910
[owner-c] country: FI
[owner-c] state: Aijanneva
[owner-c] phone: +358-04462-35554
[owner-c] email:brabantio@medfright.com
However when we search for other domains using the displayed phone number we come across yet another pharmacy site korsinskytrapharm[.]com
Another Pharmacy registered by the same person
A little more digging related to the IP addresses and Name-Server IP address, we come across another huge list of domains , and all related to Online Pharmacy.
According to LegitScript , who are working towards making Internet Pharmacy and Health Product Sector safe for consumers and for businesses and you may read about them over here.
LegitScript has verified 260 online pharmacies as safe for US patients. Our certification program is free and is endorsed by the National Association of Boards of Pharmacy (NABP).The issue with these Fake Pharmacies is that they not only pose a health hazard, but also may end-up conning you. And check for yourself about “Canadian Family Pharmacy” . I am not even sure whether “Canadian Family Pharmacy” does exist as a legit business or not?
When we look at a phishing domain, it is a spin-off of a legit service, however this code doesn’t apply to Fake Pharmacies.
Secondly, there are some, who for some strange reason prefer to compare a Malware Domain with a Fake Pharmacy domain and treat them on par with each other. Pharmacy and Malware are two different aspects. This was one of the prime concern why I chose to write about Fake Pharmacy.
“3.5.2 of the Registry-Registrar Agreement”
As a part of regulation, registry and registrar are bounded by by some ethics , especially related to the issues faced by us – Phishing, Pharming, Malware Domains etc.
Anti Abuse Policy of “.info” domains and Google Search for Anti abuse policies by other registries.
