Damon McCoy,
Assistant Professor at George Mason University’s Computer Science
Department, gives a great presentation at USENIX Security Symposium
dissecting the business model of spam-driven online pharmaceutical
industry.
I am going to be presenting our work on PharmaLeaks, or as I like to call it: ‘Rogue Pharmacy Economics 101′. We collaborated with a good number of people. The interesting collaborator is Brian Krebs. He is a journalist. He does a lot of investigative reporting on cyber crime and he focuses a lot on the pharmacy affiliate program business model. If you are interested in this subject, he maintains a very interesting blog that you should read to get even more details on this subject.
Let me give you quickly some context as to what these online
pharmaceutical drug programs are. So, perhaps anyone who has clicked on a
spam advertising link, there is a high probability that you’ve seen a
storefront similar to this one (see screenshot), advertising
online pharmaceuticals, mostly ED (erectile dysfunction) pills, and all
without prescriptions and at discounted prices.
Most people have probably seen this but let me take a step back and
show you what are the actual players involved in this economy.
So, there are three main players in this economy. There is the User, which is the potential customer; there is the Affiliate Marketer, which is typically is a spammer; and there is the affiliate program. And let me go into a concrete example of business interaction between these three parties.
Initially, what happens is that the affiliate marketer perhaps gets the
user to see some kind of spam advertisement that includes some kind of
link. It includes some kind of enticement of cheap drugs, no
prescription required, to get the user to click on this. If the user is
actually interested in perhaps buying these pharmaceuticals, clicks on
it, they’ll be delivered that template that I showed you in the original
slide.
And the user can interact with this template just as with the normal
e-commerce site. There is a wide selection of drugs there, they can
select their drugs. If they indeed want to purchase some drugs from this
site, then at this point of time the relationship switches from the
affiliate, whose job is to track customers, to the affiliate program,
whose job is to actually monetize the customers and turn them into
money.
At this point, the spammer fades out, the affiliate program steps in.
And if the user decides to purchase, this purchase typically happens
with credit cards. The user gives the credit card details to the
affiliate program (see image). And the affiliate program, as you will see in the rest of this presentation, actually operates much like a business.
Their job is to process these credit cards, and then they’ll actually
deliver some products that you ordered. So this isn’t a complete scam:
these pharmacy affiliate programs that I will show you operate much like
a business. And they are very interested in keeping their customers
happy and satisfied because these customers are paying with credit
cards. If they are not satisfied customers, they are going to charge
back and this affiliate program will be shortly out of business. And as I
will show from the economics, these affiliate programs are in it for
the long haul, and they want to scale their business to large millions
of dollars. So, it’s not in their interest to have dissatisfied
customers.
Quickly here, the pharmaceutical affiliate business. This is one of
the largest sectors of how to monetize spam. As shown at our previous
talk 2 years ago in Auckland, large fraction of the spam emails map back
to one of these kinds of online pharmaceutical programs. Spammers see
this is a very lucrative way to monetize spam.
We’ve come to the approach of fighting spam, which is very important to actually understand the business of the spammers, and to try and identify potentially fragile parts of their business that we can maybe undermine to make them much less profitable, or perhaps drive them completely out of business, if we can disrupt some fragile part of their business.
So, the goals of this study are to characterize the key aspects of these pharmaceutical affiliate programs. Let me just quickly go more concretely into what exactly these pharmaceutical affiliate programs are and what they are responsible for, for people that are unfamiliar with them.
I am going to be presenting our work on PharmaLeaks, or as I like to call it: ‘Rogue Pharmacy Economics 101′. We collaborated with a good number of people. The interesting collaborator is Brian Krebs. He is a journalist. He does a lot of investigative reporting on cyber crime and he focuses a lot on the pharmacy affiliate program business model. If you are interested in this subject, he maintains a very interesting blog that you should read to get even more details on this subject.
Canadian pharmacy site
So, there are three main players in this economy. There is the User, which is the potential customer; there is the Affiliate Marketer, which is typically is a spammer; and there is the affiliate program. And let me go into a concrete example of business interaction between these three parties.
Players in the spam economy
User interaction with the affiliate program
The pharmaceutical affiliate business is one of the largest sectors of how to monetize spam.
We’ve come to the approach of fighting spam, which is very important to actually understand the business of the spammers, and to try and identify potentially fragile parts of their business that we can maybe undermine to make them much less profitable, or perhaps drive them completely out of business, if we can disrupt some fragile part of their business.
So, the goals of this study are to characterize the key aspects of these pharmaceutical affiliate programs. Let me just quickly go more concretely into what exactly these pharmaceutical affiliate programs are and what they are responsible for, for people that are unfamiliar with them.
These online pharmaceutical affiliate programs essentially have to
maintain three key relationships. They have to maintain good
relationships with their affiliates, the spammers, because if they don’t
maintain good relationships then they are not going to be driving
customers to drive larger and larger sales from them.
They also need to maintain good relationships with suppliers and
shippers to deliver their goods to keep the customers happy, to stay in
business. They also need to maintain relationships with payment
processors. This is probably one of the key components of their
business. If one of these relationships with their payment providers
breaks, they can no longer accept payments, they are no longer making
revenue, they can no longer pay the rest of the people, and their
business will quickly fade, they’ll go out of business. As I said, these
affiliate programs operate much like any other businesses do.
