Pharmacy Spam Email – ‘Private Message From Google’

According to this email, recipients have been sent a private message from Google and can follow a link to read their message. The email is designed to emulate an authentic Google notification and includes subscription information as might appear in a genuine message. Supposedly, ‘Google Support’ sent the email. 

However, the email is not from Google and the claim that a Google private message is waiting for the recipient is false. In fact, the message is just one more in a long line of similar spam messages that attempt to trick users into visiting a decidedly dodgy pharmaceutical website.

Those who fall for the ruse and click the link will be taken to a site that promotes all manner of medications that can be bought online without a doctor’s prescription. The spammers apparently know that at least a few of the people who are tricked into clicking the link will linger and actually buy some of the site’s dubious products. This common spammer ruse obviously continues to work. If such tactics did not trick people into buying products, then the spammers would not bother to keep using them.

Users who buy on the site may or may not actually get the products they ordered. But, if they do get their drugs, they could be significantly risking their health by taking them. Users have no way of knowing if the products they purchase are what they purport to be. And, since users don’t need a prescription to buy them, they might be inadvertently putting their health at risk by taking medicine that is unsuitable for them. It could interfere with other medication users are taking with serious repercussions. 

Dubious online drug sites such as these may also steal credit card and other information from users via bogus order forms. The ‘checkout’ on many of these pharmacy websites is not even a secure (https) page even though it asks for credit card details and other personal information. No legitimate online store would ask for credit card details via an unsecure form. These people should not be trusted with your credit card details or any other personal information.

Moreover, such sites have also been known to harbour various types of malware.

These spam messages use HTML to hide the actual destination of the links they contain. Holding the mouse cursor over a link in the email should display the underlying web address in your email client’s status bar and allow you to easily detect if the link is disguised.

If you do inadvertently click a link in one of the messages and arrive at a spam drugstore website, close the site immediately.

Example