Archive 5


Flu Pandemic Counterfeit Antiviral Drugs Making Scammers Rich

Sophos, a British security software firm has said it has intercepted hundreds of millions of fake pharmaceutical spam adverts and websites this year, with many of them trying to sell counterfeit antiviral drugs like Tamiflu.

Tamiflu is an antiviral marketed by Switzerland's Roche Holding and known generically as Oseltamivir and is the frontline drug recommended by the World Health Organization to treat and slow the progression of flu symptoms. GlaxoSmithKline makes another antiviral for flu, known as Relenza.

Sophos said many of the gangs behind the websites were based in Russia and the top five countries buying fake Tamiflu and other medicines on the internet were the United States, Germany, Britain, Canada and France.

"The criminal gangs working behind the scenes at fake internet pharmacies are putting their customers' health, personal information and credit card details at risk."

Sophos said criminal gangs were operating medicines websites branded as the "Canadian Pharmacy" to try to appear genuine.

It said its research showed that on one network operated out of Russia, called Glavmed, it was possible to earn an average of $16,000 a day promoting pharmaceutical websites.
"But the criminals can be members of more than one affiliate network, and some have boasted of earning more than $100,000 per day," it said in a statement.

The pandemic H1N1 flu virus has now spread to 206 countries since it was first discovered in March. There have been more than 6,250 deaths to date, mostly in the Americas.


Banking Fraud Combined with Work at Home Scams

The FBI has recently seen a significant increase in fraud involving the online banking information belonging to small and medium size businesses, municipal governments, and school districts.

One of the most common ways is when the targeted organization receives a 'spear phishing' email which either contains an infected attachment, or directs them to an infected web site.

Once you open the attachment or visit the web site, malicious software [malware] is installed on your computer.

The malware contains a key logger which will harvest your business or corporate bank account log-in information. Shortly after, the scammer either creates another user account with the stolen log-in information, or directly transfers your funds out of your accounts.

The next step is for your money to be directed to the bank accounts of people within the United States. Most of these people are unaware of what is happening and have been recruited through work-at-home advertisements, or have been contacted after placing resumes on well-known job search web sites.

These people are often hired to 'process payments', or 'transfer funds' and are told they will receive wire transfers into their bank accounts. Shortly after the funds are received, they are directed to immediately forward most of the money overseas using wire transfer services such as Western Union and Moneygram.

Protecting your computer against malicious software is an ongoing activity and, at minimum, all computers need to have antivirus and firewall software, that is regularly updated.

Further information is available at


Microsoft, Google, Yahoo Lottery Scam

We have been advised of an email circulating that claims you have won a lottery organized by Microsoft, Google and Yahoo. The email claims that you have won 500,000 pounds in the draw that was sponsored by the three computer giants.

The message states that your email address was randomly selected using a computer draw system that harvested email addresses from the Internet. To claim your prize, you are requested to contact the 'Fiduciary Claim Agent' named in the email as Mr. Michael Walker. To receive your prize, you are required to provide personal details for 'verification purposes'.

If you provide these details [name, address, date of birth etc], you will be contacted back and asked to provide 257 pounds to cover fees for insurance, bank fees, taxes and administration. The message states that the fees cannot be deducted out of the winnings, as they are required to pay out the full value of the prize.

This email is a scam.

The goal of the email is firstly to capture your personal details so the Internet criminals can commit identity fraud. The second goal is to steal your money in the form of fees for a non-existent lottery.

You should be suspicious of any notification that you have won a lottery that you didn't enter. This applies also to lotteries that claim to be random draws of email addresses from the world wide web. Legitimate lottery organizers are aware of the issues around collecting information without the knowledge or permission of the owner.

A legitimate lottery won't require you to pay any sort of 'fees' to claim your prize.

The scammers use fake names and disposable email addresses, and usually target countries they don't live in. Once they have made their money, they pack up their tent and disappear into the Internet ether. This makes it almost impossible for police to catch them or return your money.

Although it sounds obvious to most people that it is a scam, it continues to catch people every day! It is the hope of 'something for nothing'. You can read more on our page of Lottery Scams

It may sound tempting, however don't reply, or provide any personal information, or send any money!

Vishing Attacks

Many people have received an email, text message, or telephone call, supposedly from their credit card/debit card company directing them to contact a telephone number to re-activate their card due to a security issue. This type of scam is known as "vishing".

Vishing operates like phishing by persuading you to divulge your personal information, claiming your account was suspended, deactivated, or terminated. You are directed to contact your bank using a telephone number provided in the email or by an automated recording. When you call the number, you are greeted with the "Welcome to the bank of ……" and then requested to enter your card number in order to resolve a pending security issue.

For authenticity, some fraudulent e-mails even claim the bank would never contact customers to obtain their personal information by any means, including e-mail, mail, or instant messenger. These e-mails further warn you not to provide sensitive information when requested in an e-mail and not to click on embedded links, claiming they could contain "malicious software aimed at capturing login credentials."

However, beware of spam e-mails as they may actually contain malicious code which can harm your computer. Do not open any unsolicited e-mail and do not click on any links provided.

A new version recently reported involves the sending of text messages to cell phones claiming your on-line bank account has expired. The message instructs you to renew your on-line bank account by using the link provided.

Because the scammers are constantly developing new approaches and strategies, it is impossible to include every scenario. Therefore, be cognizant and protect your personal information and beware of emails, telephone calls, or text messages requesting your personal information.

If you have a question concerning your account or credit/debit card, you should contact your bank using a telephone number obtained independently, such as from your statement, a telephone book, or other independent means.


Return to Scam Alerts