Friday, March 5, 2010

Colleges Selling Fake Dope?

Online security firm, Imperva, has uncovered a complex link "piggybacking" hijack scheme involving online education sites and fake drugs. According to the firm, many UK-based academic sites using the .ac domain and php coding have been compromised by spammers selling fake prescription drugs. The scammers injected php code into the colleges' sites which redirect people searching for prescription drugs from the colleges' site to the spam sites which portend to offer them.

The scheme only works when a surfer comes from a Google search for related drug terms. By "piggybacking" on the academic institutions' URLs, the spammers ensure their sites appear high in the search engine. This also made it hard to discover the ruse, as the correct site appears whenever typed directly into the browser.

Because the spam sites are erected and removed so quickly, it's hard to know how many sites have been compromised by the hijackers, but experts estimate it's in the thousands.

© C Harris Lynn, 2010

No comments: