Cyber criminals long ago discovered that there’s a big market for pharmaceuticals online, prompting a tsunami of pharmaceutical spam offering everything from “herbal Viagra” to Prozac and Adderall. But new data from security firm Webroot suggests that scammers are experimenting with new products, namely: pirated musical downloads of Top 40 artists like Adele, Pink and Kings of Leon.
Writing for Webroot, blogger and security researcher Dancho Danchev describes a newly launched affiliate network for pirated music. The scammers promise to hook up high -traffic Web sites with downloads of popular songs that will be offered for as little as $.11 each, then offer them a share of the profits, plus a boost in traffic.
Like other online scams, the cybercriminals behind the affiliate music offerings promise affiliates point and click tools to get their business up and running, including Web based user interfaces to set up their online music store, canned, search engine optimized Web page templates and affiliate links to drive traffic.
Danchev cites posts on online forums for affiliates to sell “MP3 to foreign audiences.” Participants are promised payment within three days using Web Money or a wire transfer. Their site will be promoted in affiliate spam in comments on blogs and other online forums. And, because the music being offered has been pirated, there’s no bottom to the discount scammers can offer. An example Danchev posted includes songs from Adele’s album 21 being sold for just $0.11, compared to $1.29 per song on Amazon.com.
Recent reports have found that spam levels are declining, as are profits from spamming activity. Coordinated takedowns of spam generating botnets like Bredolab have curtailed massive spam runs. But online scammers also struggle with low conversion rates from traditional scams, according to a 2011 report by Cisco.