CNET también está disponible en español.

Ir a español

Don't show this again


Spam study offers statistics on 'brandjacking'

A survey of Internet pharmacies finds a majority practice poor security and may not be selling legitimate brand-name drugs.


MarkMonitor, a San Francisco-based enterprise brand protection company, on Monday released its latest survey. During June, MarkMonitor tracked more than 100,000 drug-related spam landing sites and found a majority of these practice poor Internet security and may not be selling legitimate brand-name drugs, which could endanger users tempted by the low prices offered.

While that's not earth-shattering news, the report gives concrete statistics surrounding the practice known as "brandjacking," which can encompass a variety of online threats to brand names. In the report, MarkMonitor said sample drugs purchased from these sites tested as either stolen, expired, diluted or alternative forms of known brand-name drugs.

MarkMonitor reports that on a daily basis, more than 6,000 unique sites are responsible for these drug-related spam messages, with more than half of this traffic originating in China and Russia. Of the 3,160 online pharmacies landing sites studied, only four are accredited as Verified Internet Pharmacy Practice Sites (VIPPS). One third of the online pharmacies used in the drug-related spam messages generate enough traffic to merit an Alexa ranking.

According to MarkMonitor, a majority of the online pharmacies surveyed, 58 percent, were hosted in the United States, followed by the United Kingdom at 18 percent. More than 50 percent of these sites do not secure customer data, putting consumers? identity information at risk.

To avoid prosecution from registered brand owners, some of these online pharmacies are using a practice called "kiting." Kiting is when a company registers and uses a domain for the ICANN-allowed grace period of five days or less without actually purchasing it. In researching the domain name histories of several pharmacies, MarkMonitor found that a few companies are sharing and kiting the same domain names over and over, more or less cybersquatting for free.

The complete study is available here (PDF).