Daily Telegraph website hit by Canadian Pharmacy spammers

Filed Under: Spam

Spammers have created their own blogs on the website of one of the UK's leading newspapers, and stuffed them with adverts to purchase drugs from Canadian Pharmacy stores.

A post by blogger Paul Carpenter, an SEO consultant, brought my attention to the problem which is affecting the website my.telegraph.co.uk.

According to Paul, The Daily Telegraph was alerted to the problem of spammers clogging up its personal blogs some weeks ago, but sure enough when I visited this afternoon the problem was still present.

Blogs set up by spammers on my.telegraph.co.uk

Clicking onto one of the blogs takes users to a webpage promoting so-called Canadian Pharmacies.

A typical webpage created on the Telegraph's website by the spammers

I say "so-called" because many times the gangsters behind these sites are actually Russian cybercriminals, making millions of pounds from promoting websites that flog counterfeit medicines.

Underground web affiliates have formed networks dubbed the Partnerka, and profit from online sales of drugs such as Viagra and Cialis. You can learn more about the Partnerka in a Sophos whitepaper called "The Partnerka - what is it, and why should you care?" [PDF]

The Partnerka work alongside the businesses running online pharmacies, generating traffic to those sites for an agreed share of the profit.

I imagine that the criminals who have stuffed the Telegraph's website will be rubbing their hands in glee at the thought of such a well-regarded site assisting them in the sale of often life-threatening medications.

Hopefully the Telegraph will quickly tighten up its security, and monitor the activity of the bloggers it allows to post on its website more closely. But there's a lesson here for all of us to take security seriously, and not allow cybercriminals to take advantage of our systems.

, ,

You might like

About the author

Graham Cluley is an award-winning security blogger, and veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Send Graham an email, subscribe to his updates on Facebook, follow him on Twitter and App.net, and circle him on Google Plus for regular updates.