Hijacked Websites Give False Sense of Security for Online Pharmacy Clients

1/3 of every online search for prescription drug information is redirected to illicit online drug sellers.

Legitimate websites are invaded by hackers who put code into the website that re-directs to a fake online pharmacy. Meanwhile, the legitimate website shows up in the search results, giving the potential customer comfort from a trustworthy brand, who may not realize that the follow up pages are no longer part of the same branded domain.

Computer scientist Nicolas Christin, from Carnegie Mellon University, discovered that 32% of sites in search results for prescription medication are infected with malicious code, reports National Public Radio.

Said Christin, “It’s very hard to find legitimate pharmacies, or information like what the [Centers for Disease Control and Prevention] would give you. This is drowned out in a sea of rogue results.”

Test results yielded hacked sites such as the University of Massachusetts computer science laboratory that had a re-direct to a illicit pharmacy site selling erectile dysfunction medication for $3.30 a pill.

Hackers prefer .edu and .gov domains for search re-direction because they rank at the top of Google searches, and are trusted sources of information.

Said Christin, “I really recommend that you don’t just blindly type a drug name in a search engine. There’s a high possibility that the result will lead you to illegitimate websites.”

Christin presented his research at the Usenix Security Symposium in San Francisco. He recommends that prescription medication purchasers stick to local brick-and-mortar pharmacy, or the website of a brick-and-mortar pharmacy. The FDA amends his recommendation with the advice to only use online pharmacies that are accredited by the National Association of Boards of Pharmacy.

By S. Imber