Hard to believe, but Viagra spam like this must actually work

Filed Under: Featured, Spam

Not all cybercriminal activity is sophisticated.

For instance, here's a spam message I saw today, claiming to be a communication from Google:

Spam email, claiming to come from Google

Subject: Consideration

Message body:
Thank you for taking the time to contact us.

Within two weeks we should be able to provide you with a decision in regard to your question, and we want you to know that we will be giving your question our fullest consideration.

We would like to thank you again for your time and consideration and will be in touch with you as soon as we have some definitive information for you.

Also you can track your request by visiting our Tracking System Page.

Yours very truly, Venessa Robison.

There's no personalisation in the email text to lure me into believing the email is genuine, no attachment containing a malware payload, and clicking on the link doesn't even take me to a phishing webpage which will ask me to enter my Google username and password.

It's just some generic wording, sent from a forged email address (wmt-noreply@google.com) - an email address used legitimately by Google for communications about their tools for webmasters.

So, what is the point of the spam? Well, if you click on the link you will be taken (via a redirect on a Brazilian webpage) to a "Canadian Pharmacy" website trying to sell you Viagra and other drugs to improve your performance between the sheets.

Canadian Pharmacy website

Yes, it's hardly the most convincing sales spiel.

But the fact that we keep seeing such unsophisticated tactics used by the spammers to earn cash for themselves suggests that it *must* work. They simply wouldn't continue using such sledgehammer techniques to promote their websites unless a small proportion of people who were duped into clicking on the link from the bogus Google email *did* end up buying something to perk up their sex life.

Which, frankly, is a bit sad.

Remember our spam pledge?


(Enjoy this video? Check out more on the SophosLabs YouTube channel.)

If you never buy goods promoted via spam, life becomes much harder for the spammers. And maybe they'll have to find something else to do with their time.

, , ,

You might like

10 Responses to Hard to believe, but Viagra spam like this must actually work

  1. Vicki · 639 days ago

    I have a simple theory when in doubt delete it. As in if I don't know where or who it has come from I delete it. I told my mother to do the same and so far we haven't had any problems. I also have avast and malware bytes on my computer.

    • pollik · 639 days ago

      More than that - if you get an unexpected email from someone you know, treat it with caution. Apart from viruses that read your address book, there is also a scam involving emails from Facebook friends...sometimes it is obvious like when I know a particular FB friend doesn't have my email address.

      And there is another virus which sends to your friends an email telling them you are stuck in a foreign country without money...please send some money.

      Bottom line...emails from friends are by no means guaranteed safe.

  2. schmunzelmonster · 639 days ago

    Indeed. Sadly those who need to take the pledge are unlikely to be reading a Sophos article.

  3. Rich · 639 days ago

    Where I work we get lots of this particular junk. The source IP addresses are all over the place. Perhaps somebody compromised a load of machines ten moved on and now they'll go on advertising a Canadian pharmacy with its website in Rumania till the end of time.

  4. RDT · 639 days ago

    Everyone should learn how to read the header information that is present in every email we send or receive. Also, how to use the command line prompt to ping various sites.

    Sophos could produce a small video on how to do this and publish it on YouTube or, to maximize the impact, burn the video into DVDs and offer to mail them to sales prospects.

    Even a rank novice can learn these techniques in minutes.

    • Guest · 639 days ago

      "Everyone should learn how to read the header information that is present in every email we send or receive. Also, how to use the command line prompt to ping various sites."

      I don't even pretend to understand what the foregoing means! (I'm not a techie.)

      If knowing how to do either (or both) of these things, will I have a better chance of differentiating spam from legitimate email(s)?

  5. Friedman · 639 days ago

    The reason people buy drugs, including Viagra, from these sites is because the sites actually deliver. Viagra retails for over $10 US a tablet because of laws that 'protect' Pfizer's 'IP', while these sites get their drugs from Chinese factories for much closer to their real cost of production - around $1.50. If you had a prescription for Viagra (and many people do, thankyouverymuch - it's a popular prescription,) might you not take a chance at 20 for about $35, rather than 20 for over $200? And if you're not ripped off, perhaps you might not you become a repeat customer?

  6. Seth.D · 638 days ago

    I appreciate how you're not blurring out the web addresses anymore. You'd think readers of an Internet security blog would know better than to go to those websites. Sometimes I'm just curious about what spammers/scammers' website URLs are.

  7. Curious · 638 days ago

    This doesn't explain the spam we get that has no message, no links, nothing. It's usually just part of a garbled sentence. My only guess is that it's to clog up email systems because when they don't even give you a link to click and the email they're sending from isn't a valid email, one can't really go anywhere with that.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Graham Cluley runs his own award-winning computer security blog, and is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Send Graham an email, subscribe to his updates on Facebook, follow him on Twitter and App.net, and circle him on Google Plus for regular updates.