Good news: e-mail spam for the erectile dysfunction medications Viagra, Cialis and Levitra is finally on the decline — apparently because consumers are wising up to these scams.

According to Microsoft research:

Last year the amount of e-mails for sexual medications made up around 30 percent of all spam e-mails; however, this year that figure has dropped to under 10 percent.

There is only one reason why this is happening, and that is because spammers are not getting returns on their investment, which probably is due to men becoming wiser and more wary about replying to these types of e-mails.

We’ve covered the problem of Viagra spam previously (including Viagra holiday spam!) It’s good to know that people are beginning to listening.

If you are receiving unwanted e-mails from no-prescription pharmacies, particularly from the same source again and again, you obviously want to stop those messages from appearing in your inbox.

So when the message you receive concludes with an offer to delete you from the mailing list, it’s tempting to click the “unsubscribe” link or reply to the e-mail with a “remove me” request, isn’t it?

Don’t do it!

Most pharmacy spammers send out well over a million spams every day to lists scraped and stolen from all over the Internet. These spammers have no idea which of the addresses on their lists are functional and currently in use, and which are not.

Until you click a link or send a reply, that is.

As Spamhaus explains:

By sending back a ‘remove me’ opt-out request you are confirming to the spammer that your address is live, you are confirming that your ISP doesn’t use spam filters, you are confirming that you actually open and read spams, and that you follow the spammer’s instructions such as “click this to be removed”. You are the perfect candidate for more spam.

A live address is a valuable address, spammers sell live addresses at a premium as “confirmed deliverable” addresses to yet more spammers. If you don’t want your address to end up on endless spammers’ lists, distributed on spam CDROMs to spammers worldwide, do not confirm to the spammer that your address is real and working.

Never Opt-out of lists you did not Opt-in to in the first place.

U.S. laws are strict against sending unsolicited bulk email. If someone is spamming you, chances are the perpetrator is based overseas and, in many cases, linked to criminal syndicates.

Believe us, you don’t want to deal with people like that — even in a seemingly innocuous e-mail reply.

It’s a hypothetical scenario that we’ve heard time and again since 9-11. A suspected terrorist has been captured who has information that authorities need to thwart an imminent attack — such as the detonation of a nuclear bomb in an American city.

How far should we go to get their information? Should authorities be able to ignore Miranda rights? Detain without a warrant? Even torture the suspect?

It’s a difficult question, one with no easy answers. And in the world of spam-fighting, we are facing similar questions.

As Network World reports, a private company may have recently found the key to disabling one of the world’s largest spam networks, dubbed the Kraken network. Among other things, the Kraken network disseminates millions of spam emails advertising illegal online pharmacies.

TippingPoint, an IT security company, recently set a trap for the Kraken network — one that looks like it might have worked. But because of ethical and privacy considerations, they decided not to spring it.

According to Network World:

The Kraken … is a huge network of personal computers that have been infected with software that turns them into zombie systems under the control of a master program – a botnet. The Kraken botnet is used by criminals to generate spam.

TippingPoint researchers Pedram Amini and Cody Pierce “created a fake Kraken command-and-control server … honeypot that waited for connections from PCs infected with the bot.”
As a result, the scientists “monitored the incoming communications from Kraken bots for seven days.” They “listened and collected statistics for a week, and filtered out [for] the IP addresses and then the systems.”

Then “Pierce wrote code that would let him redirect infected PCs, or better yet, use the bot’s built-in update mechanism – something most malware includes – to remove Kraken.”

However, management at TippingPoint forbade the researchers from activating the cleaning code. They argued that although it might be nice to interfere with the botnet, the law in the U.S. forbids unauthorized access to anyone’s computers, including zombies.

That’s right — because it’s illegal to access a computer without authorization from the owner, TippingPoint decided not to fight fire with fire. It’s a classic example of bringing a knife to a gunfight — operating under a more restrictive set of rules than our enemy.

It’s difficult to win when the battle is not being fought on an even playing field. Which has been exactly the argument in favor of dismissing niceties like the Geneva Convention when dealing with terrorists.

Network World argues that TippingPoint’s decision was the right one, for two reasons:

1. Releasing programs that modify other people’s systems without permission, even with the best of intentions, is a prescription for disaster…

2. Accessing someone else’s computer without permission is illegal. Period.

What do you think?

You may have noticed that pharmacy spammers aren’t the best spellers. For example, when you receive an e-mail solicitation to buy Viagra from a no prescription pharmacy, you will often notice that the word “Viagra” is spelled in a way similar to these:

V1agra
Via’gra
Viagr(a
Viagr^a
Viágrá
Viagara
Viag@ra
Viag&ra
vi*gra
\ /iagra

Why the bad spelling? The reason is that your e-mail program is equipped with spam-filtering software that works by searching for patterns in spam e-mails. For example, most e-mails that contain the word “Viagra” are spam — which causes the filtering programs to automatically dump these messages in spam folders or delete them altogether.

By intentionally misspelling words like “Viagra” or “Canadian pharmacy” or “no prescription pharmacy,” the spammers increase their chances of getting past the filters and into your inbox.

A researcher (who had been flooded with spam e-mails) got curious about how many incorrect ways a spammer could spell a simple, six-letter word like Viagra. He found there were over 600 quintillion possible variations — 600,426,974,379,824,381,952, to be exact.

Check out his methodology here.

We’ve posted a few times about the problem of pharmacy spam. In response, we’ve gotten e-mails asking what can be done when you’re being bombarded by spam.

Spammers can obtain private information such as your name, e-mail and mailing address using a wide variety of viruses and spyware. When installing free programs downloaded from the Internet, you often unknowingly download these malicious programs.

Spyware watches the Web sites you visit and records and stores the personal information you type into forms. The companies that collect your information through spyware then sell it to others, including spammers.

CanadaDrugs.com, one of our member pharmacies, offers the following tips and resources for learning more about spyware, how to prevent it from being installed on your computer, and how to remove it:

• Visit Microsoft’s spyware Web site. Windows Defender is a free tool to help protect against some of the most malicious programs on the Internet. It updates itself for free and scans constantly for new threats. A more advanced alternative is Windows Live OneCare, which has more comprehensive scanning and virus removal capabilities. It’s not free but may still be worth the investment if you’re concerned about spam and spend a lot of time online.
• Talk to your Internet Service Provider (ISP). Find out whether, as part of your service with them, they have software available to scan for viruses and spyware installed on your computer.
• Talk to the company where you bought your computer. They might have additional products and services to help address concerns with your particular computer.

If you’re getting spam from online pharmacies, such as no prescription pharmacies, the FDA is interested in hearing about it. You can e-mail the FDA with your complaint at the following addresses:

• otcfraud@cder.fda.gov
• webcomplaints@ora.fda.gov
• webmail@oc.fda.gov

canadian pharmacy spam

Spam Trackers has an informative article exposing some of the tricks and lies used by online pharmacies that send out spam e-mails. As we’ve reported before, very few people open these e-mails — but those who do are at risk of purchasing counterfeit drugs or having their money (or even their identities) stolen.

Among the deceptions used by these pharmacy scammers, as revealed by Spam Trackers:

• The sites falsely claim to take your credit card over a secure connection, but the protocol is unsecure http.
• The sites show a picture of a Verisign certificate, but it is fraudulent.
• The sites claim to have approval from the American Drug Administration (ADA) — a non-existent entity. The ADA logo used is a knockoff of the FDA logo.
• The sites display the PharmacyChecker.com seal — but have not been approved by PharmacyChecker.com.
• The sites display a CIDA seal — claiming to be a member of the Canadian International Drug Association, a non-existent entity. The logo is a knockoff of the logo of the Canadian International Pharmacy Association (CIPA)
• The sites claim to be based in Canada — but are actually based in Russia and other countries known for rogue pharmacies.

When you join No Prescription Needed, you don’t have to worry about being scammed by these rogue pharmacies. Every pharmacy in our network has been approved by the real PharmacyChecker.com, as well as organizations such as CIPA.

So, what are you waiting for? Join us today!

The good news about e-mail spam is that Americans are becoming smarter about it. Thanks to technology that blocks spam from our inboxes and our own knowledge of what spam looks like, the vast majority of those who receive spam e-mails do not respond to them.

For example, a recent study by the University of California Berkeley and University of California San Diego found that 350 million pharmacy spam e-mails sent out by the Storm botnet resulted in only 28 visits to the offending pharmacy’s purchase page.

The bad news is, even with a miniscule response rate like that, spam is still profitable.

And as such, we’re seeing a new wave of holiday-themed spam around Valentine’s Day. In the case of online pharmacy solicitations, you can guess what that spam is promoting — Viagra, Cialis and Levitra.

As PC World reports:

It’s a time for romance, for Cupid’s arrow, and perhaps a male enhancement drug from a fake online pharmacy. Valentine’s day spam and scams are showing up in inboxes in anticipation of the upcoming holiday. The messages, with timely sales pitches like “Increase your length, the best valentine’s gift,” join a flood of other crap mail …

The publication says that, despite efforts to control it, spam currently accounts for about 79 percent of all e-mail.