Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Vulnerabilities / Threats

9/28/2009
10:19 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

MarkMonitor: Online Drug Brand Abuse is Growing

Latest Brandjacking Index Provides Glimpse into the Economics Fueling Supply and Demand in the Online Pharmaceutical Market

SAN FRANCISCO, September 28 2009 " MarkMonitor', the global leader in enterprise brand protection, today released the company's latest Brandjacking Index', which finds a parallel online system of pharmaceutical supply and demand fueled by continued growth in listings for pharmaceuticals on business-to-business (B2B) exchange sites as well as increased traffic to illicit pharmacies. The report also reveals a growth in pharmaceutical brandjacking for popular drug brands.

"Scammers are opportunists, and by targeting the supply chain they're positioning themselves to move the greatest amount of fake product they can," said Frederick Felman, chief marketing officer at MarkMonitor. "This maximizes their return on the scam but it also poses a potential danger to peoples' health and safety, not to mention brand reputation."

Against the backdrop of the healthcare reform debate and the medical profession bracing itself for another wave in H1N1 virus cases this fall, consumers are turning to the Internet, visiting both legal and illicit online pharmacies, while offshore manufacturers increasingly embrace B2B exchange sites to sell bulk quantities of branded prescription drugs, often of suspicious quality. As more people try to save money when purchasing drugs and more companies look to streamline operations, especially in the current economy, the cost savings and efficiencies of eCommerce become even more attractive, presenting a tempting opportunity for online fraud and brand abuse on both the supply and demand side of the equation.

According to the Summer 2009 edition of the MarkMonitor Brandjacking Index', online pharmacies have increased their market footprint, growing to an estimated $11 billion in sales in 2009, up from an estimated $4 billion in 2007. The online supply chain " listings on B2B exchange sites " shows strong signs of growth for bulk quantities of pills and active pharmaceutical ingredients in powder form, increasing 23 percent in 2009 from 2008. Listings for pharmaceuticals have grown 67 percent on B2B exchange sites since 2007, when MarkMonitor completed its first study of pharmaceutical brandjacking online.

To complete the study, MarkMonitor chose six leading prescription drug brands and examined nearly 20,000 instances of cybersquatting " the practice of abusing trademarks within the domain name system; 3,000 online pharmacies and 652 B2B exchange listings for those brands during July 2009.

The Brandjacking Index also examined phishing trends for Q2 2009, revealing record levels of phishing attacks and attacks per organization. Payment services continue to be a popular target, representing 49 percent of the total number of phishing attacks in Q2 2009, up from 42 percent in Q1 2009. Social networks have also showed substantial increases in phishing attacks, increasing 168 percent from Q2 2008 to Q2 2009.

Some of the highlighted findings in this report are:

Pharmaceutical brandjacking continues to grow

* B2B exchange listings for bulk quantities of pills and active pharmaceutical ingredients (APIs) grew by 23 percent in 2009 compared to 2008. The 652 listings that MarkMonitor identified represented an increase of 67 percent from the first study conducted in 2007 * The number of B2B exchange listings selling APIs in powdered form grew by 81 percent from the previous year, to 416 listings. This indicates a thriving trade in bulk quantities of ingredients as well as in pills * Ninety percent of the exchange listings indicated a country of origin for their products. China led the list at 49 percent, followed by India at 17 percent * Of the 2,930 online pharmacies MarkMonitor found in this study, only four were certified in the VIPPS program by the National Association of Boards of Pharmacy, the governing body for US pharmacies * Daily visitors to these pharmacies averaged 42,000 per site with 68 percent of the pharmacies having sufficient traffic to rank on Alexa, a Web information company. Using this traffic information as well as published figures for average eCommerce order size and traffic conversion rates, MarkMonitor estimates these pharmacies earn almost $11B in annual revenue * Pharmacies not certified by VIPPS offered discounts as high as 90 percent from the prices offered by VIPPS-certified websites. These deep discounts indicate that the products are of suspicious quality * Thirty-six percent of online pharmacies are hosted in the United States, the largest number in the world, while Germany is the second largest hosting country with 13 percent. The UK's share of hosted pharmacies dropped to 7 percent in 2009, from 12 percent in the previous year * The number of websites cybersquatting on the six pharmaceutical brands used in the study reached an all time high with 19,163 domains, up 9 percent from the previous year. Seventy-five percent of the cybersquatted pharmaceutical brands were lifestyle drugs

Phishing attacks reach record levels in Q2 2009

* During Q2 2009, phish attacks reached record levels with more than 151,000 unique attacks * The average number of phishing attacks per organization also increased to record levels, with 351 attacks per organization, on average, in Q2 2009 * Social networking attacks continued to rise significantly, recording a 168% increase from the same period in 2008 * Brands in the financial and payment services industries are the most heavily-targeted industry categories for phishers, constituting 80 percent of all phish attacks in Q2 2009 * The United States hosts the largest number of phishing attacks with 50 percent of the total recorded in Q2 2009

Methodology

The Brandjacking Index is an independent report produced by MarkMonitor that tracks and analyzes online abuses of leading brands. The cornerstone of the report is the volume of public data analyzed by MarkMonitor using the company's proprietary algorithms " no customer data or proprietary customer information is used to create the Brandjacking Index. During the study period, MarkMonitor searched approximately 134 million public records daily for brand abuse in domain data as well as Internet feeds from leading international Internet Service Providers (ISPs), email providers and other alliance partners.

### About MarkMonitor

MarkMonitor, the global leader in enterprise brand protection, offers comprehensive solutions and services that safeguard brands, reputation and revenue from online risks. With end-to-end solutions that address the growing threats of online fraud, brand abuse and unauthorized channels, MarkMonitor enables a secure Internet for businesses and their customers. The company's exclusive access to data combined with its patented real-time prevention, detection and response capabilities provide wide-ranging protection to the ever-changing online risks faced by brands today. For more information, visit www.markmonitor.com.

###

Note to Editors For complete Brandjacking Index results or more information concerning methodology, contact Te Smith at 831-818-1267 / [email protected] or Monica Walsh at 650-762-2894 / [email protected] Contact:

Te Smith, MarkMonitor (831)-818-1267 (mobile) [email protected]

Monica Walsh, A&R Edelman for MarkMonitor 650-762-2894 (office) 650-219-3220 (mobile) [email protected]

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
News
Former CISA Director Chris Krebs Discusses Risk Management & Threat Intel
Kelly Sheridan, Staff Editor, Dark Reading,  2/23/2021
Edge-DRsplash-10-edge-articles
Security + Fraud Protection: Your One-Two Punch Against Cyberattacks
Joshua Goldfarb, Director of Product Management at F5,  2/23/2021
News
Cybercrime Groups More Prolific, Focus on Healthcare in 2020
Robert Lemos, Contributing Writer,  2/22/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Building the SOC of the Future
Building the SOC of the Future
Digital transformation, cloud-focused attacks, and a worldwide pandemic. The past year has changed the way business works and the way security teams operate. There is no going back.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-27132
PUBLISHED: 2021-02-27
SerComm AG Combo VD625 AGSOT_2.1.0 devices allow CRLF injection (for HTTP header injection) in the download function via the Content-Disposition header.
CVE-2021-25284
PUBLISHED: 2021-02-27
An issue was discovered in through SaltStack Salt before 3002.5. salt.modules.cmdmod can log credentials to the info or error log level.
CVE-2021-3144
PUBLISHED: 2021-02-27
In SaltStack Salt before 3002.5, eauth tokens can be used once after expiration. (They might be used to run command against the salt master or minions.)
CVE-2021-3148
PUBLISHED: 2021-02-27
An issue was discovered in SaltStack Salt before 3002.5. Sending crafted web requests to the Salt API can result in salt.utils.thin.gen_thin() command injection because of different handling of single versus double quotes. This is related to salt/utils/thin.py.
CVE-2021-3151
PUBLISHED: 2021-02-27
i-doit before 1.16.0 is affected by Stored Cross-Site Scripting (XSS) issues that could allow remote authenticated attackers to inject arbitrary web script or HTML via C__MONITORING__CONFIG__TITLE, SM2__C__MONITORING__CONFIG__TITLE, C__MONITORING__CONFIG__PATH, SM2__C__MONITORING__CONFIG__PATH, C__M...