21
Oct 10

Pill Gangs Besmirch LegitScript Founder

facebooktwittergoogle_plusredditpinterestlinkedinmail

Individuals who normally promote unlicensed, fly-by-night Internet pharmacies recently registered hundreds of hardcore porn and bestiality Web sites using contact information for the founder of a company that has helped to shutter more than 10,000 of these Internet pill mills over the past year, KrebsOnSecurity.com has learned.

The reputation attack is the latest sortie in an increasingly high-profile and high-stakes battle among spammers, online pill purveyors and those trying to shed light on their activities. Around the same time that these fake domains were registered, KrebsOnSecurity.com came under a sustained denial of service attack that traced back to Russian pill gangs.

In the third week of September, hundreds of domains were registered using the name, phone number and former business address of John Horton, founder of LegitScript, an Internet pharmacy verification service. The domains, many containing the word “adult,” all redirect to a handful of porn and bestiality sites (a partial list is available here, but please tread lightly with these sites because they are definitely not safe for work and may not be safe for your PC).

The sites were registered just days after LegitScript finalized a deal with eNom Inc., the world’s 5th-largest domain name registrar. At the time of that agreement, roughly 40 percent of the unlicensed online pharmacies selling drugs without requiring a prescription were registered through eNom, according to Horton.

Since then, many affiliates who promote pill sites via online pharmacy affiliate programs have been scrambling to move their domains to other registrars, with varying degrees of success.

Reached via phone with the news, Horton was annoyed but not surprised, saying the action was almost certainly in retaliation for the eNom deal. He said he’s even received death threats lately in apparent response to the move.

“The bottom line is, rogue pharma types need a ‘safe haven’ for domain name registrations,” Horton said. “There are fewer and fewer of those left, and we’re playing a role in that.”

There are a number of clues leading from the farm sex domains registered in Horton’s name back to the usual pill gangs. For one thing, many of the sites advertise monthly porn subscriptions alongside ads for Pharmacy Express (a.k.a Yambo Financials) brand rogue pharmacy Web sites (in the sanitized screen shot to the right, the red boxes contained graphic images).

A big chunk of the domains were set up through a registrar simply called “Maxine,” which lists in its contact information a non-working number. But that number, “+718.5998172″, is the same one used to register countless pill sites pushing rogue pharmacies, such as anomedic.com.

All told, nearly 2,000 Web sites were either registered in Horton’s name or were existing porn domains that had their WHOIS records updated to include Horton’s data, according to Ronald Guilmette, the security researcher who discovered the cache of bogus registrations.

This kind of reputation attack is typical behavior when organized crime groups sense that their turf is being threatened. Such tricks are reminiscent of the assaults against CastleCops, a once potent anti-scam community that came under a variety of reputation attacks, including DDoS sieges and thousands of dollars in bogus PayPal donations that used stolen credit cards and hijacked PayPal accounts.

I sought comment from Directi, ELB Group (the parent of the “Maxine” domain reseller mentioned above) and UK2 Group, all registrars whose services were abused to register these domains. I have yet to receive a response from any of them. However, since then, many — if not all — of the domains registered through UK2 appear to have been suspended, although Horton’s name remains in the current WHOIS records for those domains.

For his part, Horton said he plans to do what it takes to get the fraudulent domains suspended and scrubbed, and to find out who is responsible –  even if it means filing a lawsuit against a registrar.

“I’m very serious about suing,” said Horton, a former prosecutor and associate deputy director at the White House’s Office of National Drug Control Policy (ONDCP).  “We can’t let this kind of thing go unanswered.”

Tags: , , , , , , , , , , ,

54 comments

  1. Next up for LegitScript, XIN.net? Probably the largest source of pharmacy spam, but sadly it appears they are untouchable and uncontactable if that is a word.

    • Scratch that, meant XINNET TECH, not Xin.net. Now I think the pharm-spam mill is called China Springboard Inc.

  2. Go get ‘em, Mr. Horton!!

  3. I checked 8 randomly selected ‘legit’ pharmsites. All were in the US. Is it legal for US citizens to patronize ‘legit’ Canadian or Mexican pharmsites? If not, and IF my random sample IS representative, then I have more than a little Schadenfreude for Mr. Horton. Even if it isn’t ‘legal’ to use ethical Canadian pharmacies. Anyone working w/ Big Pharma doesn’t deserve many tokens. This in no way condones the business activities of his tormentors, but most people reading this pay too much for prescription drugs.

    • Canadian pharmacies offline or online are obligated by law in Canada to require a prescription from a doctor who has met with a patient before selling any medications that normally require a prescription. If they’re not doing that, they’re operating illegally.

      There are lots of sites that pretend to be Canadian sellers of drugs but aren’t really located in Canada.

    • I re-read your post and should’ve added that it’s probably not illegal for Americans to buy drugs from anywhere they like but I could be wrong.

      • Americans cannot legally mail order from outside the U.S. They can go across the border with a prescription, buy a three month supply from a pharmacy that will have to go through some procedure to confirm that prescription and have a Canadian physician approve it, and bring it the medication back with them.

        That being said, the law is unpopular enough that even some state governments ignored it and had their employees purchase drugs mail order from Canada to save money. The trick then is determining which pharmacies are actually located in Canada, which have Canadian addresses but actually have the drugs shipped from third countries, and which have completely imaginary addresses altogether.

        • There is no trick to it, you just have to contact the provincial regulatory body (see the NAPRA website) which licenses all pharmacies operating within the province.

  4. Is this a legitimate website? The BC College of Pharmacists, listed as regulatory body, does ineed exist.

    http://www.onlinepharmaciescanada.com/canadapharmaciesfaq.aspx#how

    • It’s probably legit due to this:

      “Do you have any ordering requirements?

      All orders for prescription medications must be accompanied, by an original, valid prescription issued by the patient’s primary consulting physician. If the patient is under 18 years of age, the order form must be co-signed by the patient’s legal guardian. ”

      Drugstores that aren’t legit wouldn’t give a crap or not if you had a prescription.

    • KFritz. The site you mentioned is a legitimate online pharmacy and a member of the Canadian International Pharmacy association. We’re legitimate, licensed, require a valid prescription from a physician who has inspected the patient, and provide safe maintenance medications at a fraction of what people pay in the U.S. We hate the frauds and applaud efforts to shut down the bandits, spammers and businesses that masquerade as the real thing. At cipa.com we help to educate people on steps to take that will ensure a safe experience in distance prescription care.

  5. @KFritz

    Web of Trust does not like them…

    • Three of the four negative comments there referenced an American pharmaceutical trade organization. The other mentions phishing. That particular WOT rating doesn’t pass a smell test.
      I don’t like some their ordering policies, but it seems a legitimate way to save $ if done w/ care.

    • The reason WOT has those websites as unsafe is because all the sites legitscripts deems rogue are listed as unsafe.

      They have ‘partnered up to protect users from rogue pharmacies’:

      http://www.mywot.com/en/blog/252-wot-and-legitscript-partner-to-protect-web-users-from-rogue-online-pharmacies

      My mother has been getting cholesterol medication from one of these sites for years . I recently lost my health insurance and got the site names from my parents and when I pulled them up WOT had them listed as unsafe on all levels. It’s pretty messed up that this company, which is obviously funded by the pharmaceutical industry, is trying to smear all Canadian pharmacies in an effort to scare U.S. citizens into paying their ridiculous prices.

  6. It would be a sad day for public safety, civil decorum and earned liberty if the civil libel, harassment & defamation lawsuits against these groups is more successful than criminal ones based on RICO: such as money laundering and tax evasion.

    However it is a known and well attested to tactic for criminals to intimidate by demonstrating their power to touch a person’s reputation to let them know as a warning they really want to touch that person’s life and possibly those close to them. I cite the naro-war and journalists covering that conflict.

    It may be script kiddies who did the work but the permission may have had to be sought or granted from the boss’.

    If not then these are really dumb criminals who raise their profile of activity to the public.

    • While it’s no fun for anyone to be joe jobbed that way, it’s also satisfying to know you’ve touched a nerve. Working hard for months or years and getting no response from anyone is more discouraging.

      The spammers are also shooting themselves in the foot. Their retaliation backfires if it is severe enough to generate publicity. They can only operate because there are so many people who are duped into thinking their sites are real pharmacies that are in any way comparable to pharmacies located in Canada. These sites are frauds in very obvious ways. Each potential customer who learns to look at the date of the domain registration or to follow links to see if the seals displayed on a website were really issued by PharmacyChecker, CIPA, The Better Business Bureau, or various pharmacy licensing boards is a customer who will never again buy from them.

  7. What are the ramifications for Mr. Horton? This seems spiteful, but I don’t understand how this is supposed to dissuade him from continuing his good work. I mean, does his wife frequently use DNS Stuff to research his registered domains?

    • I think it’s mainly a form of intimidation, and it’s probably designed to throw him off his game, get him focused on something else for a while. It will be interesting to see how much information this provides about the pill gangs themselves. Stay tuned!

  8. @KFritz:

    The rogue pharmacy domains being removed from registrars like eNom are ones that are registered within days of being spammed. They are served out on domains registered usually with registrars like Beijing Innovative Link Technology, eNom, xinnet, Moniker.com and several other allegedly “bulletproof” domain registrars.

    The domains are always registered using 100% fake contact information, and any person can easily confirm this. Email addresses which don’t exist. Malformed or obviously fake phone numbers. Addresses which lead to deserted parking lots, or the middle of a field, or no such address whatsoever.

    These domains are routinely hosted via “fast flux” hosting, using infected Windows PC’s to support the actual hosting of the domain.

    The actual spammed URL is usually a rogue page which has been uploaded to a hijacked web server without the site’s operator’s knowledge or consent.

    This activity has been going on for years. I speak as someone who has been actively investigating rogue pharmacies which are solely promoted via botnet-driven email spamming.

    The domain you listed above (onlinepharmaciescanada.com) has been registered since 2002. It’s registered by an actual medical clinic in Surrey, British Columbia, Canada and you can contact them directly to confirm it.

    I think you can draw your own conclusions.

    Big pharma, don’t get me wrong, is another can of worms, but unrelated to this particular story.

    Russian criminals operating affiliate programs which promote fake versions of these same drugs which often contain either no active ingredient or miniscule amounts paired up with harmful particles, created in rogue pharmaceutical plants in India, are in my opinion a much bigger problem.

    Consumers have remained either unwilling to do proper research or just plain ighorant of what they’re putting into their bodies. People have actually been killed by taking some of these fake products, and this illegal activity still continues.

    Which would you prefer: rant away about “big pharma” or actually attempt to make a dent in a rather obvious international criminal operation which is knowingly killing people and infecting their pc’s for nefarious uses?

    SiL

    • Excellent points SiL.

      I am surprised to discover that there seems to be quite a bit of misunderstanding in the general public regarding rogue pharmacy type criminal activities.

      Perhaps part of the problem in dealing with this fraud is partly the incorrect assumption that the criminal pharmacy guys are fighting big/over priced legitimate pharmaceutical companies in the US.

      I recently had an argument with someone to this effect who believed the spam he received was a legitimate underground effort to fight big pharmaceutical. When I tried to inform him it was a criminal enterprise that had no concern for the safety of their “clients” he became furious. He launched into a response about how my politics were wrong, and these companies were just trying to help innocent people get the drugs they need. If he hadn’t been my dad he might have been angry enough to hit me…

      My point is that we need to be careful to differentiate between a dangerous and strictly criminal enterprise like the “rogue” pharmacy type spam, and the political issues surrounding legitimate big pharma companies.

    • The underlying root problem here is the “There’s a pill for that” mentality that has permeated our society! Got an ill, there’s a pill for that! Ask your doctor about… :(

      • I don’t see how that has anything to do with this. Any modern society will have successful medical technology and those who abuse it. Instead of your cynical outlook I’m glad drugs exist for the condition I have and if others choose to abuse those drugs, that’s fine as long as legitimate sufferers like myself are able to get them.

    • My choices are ‘fight malware’ or ‘fight Big Pharma?’ Personally, it’s easier for me to defend myself fr/ malware than fr/ Big Pharma.

      I went back and checked my negged reply and it’s not a rant. Your characterization of it as such is ‘label and dismiss’ @ work.

      This spam issue wouldn’t be an issue, were it not for the predatory behavior of Big Pharma. It’s laudable for Mr. Horton to thwart the spammers. But I believe he’s being paid for his work, directly or indirectly, by Big Pharma.
      As such, I believe he’s forfeited sympathy for this attack. He’s helping Big Pharma keep middle class Americans under its thumb. If the spammers are reprehensible, so is Big Pharma.

  9. How do they register so many domain names? That’s the part I never get with your articles.

    • They can use programs to connect to the ‘reseller APIs’ of a registrar. Then it’s just a matter of random or patterned name generation, combined with loading the victim names and addresses from a database or a fake name / address / phone generator.

  10. They’re in cahoots with the registrars.

  11. How did they register so many domains? It’s not in itself unusual activity for a single individual to register domains in bulk. Brian doesn’t say how they *paid* for it, but since I’m guessing Mr. Horton doesn’t spend a lot of time looking at the whois for bestiality sites, I suspect it came to his attention because they stole someone’s credit card number and that victim complained.

    As far as LegitScript’s ratings of ethical Canadian pharmacies, their lists distinguish “rogue” pharmacies (not legal anywhere) from “unapproved” pharmacies (operating legally within their own countries, but Americans may not order from them under American law).

    I see nothing in the story that would indicate that LegitScript has taken any steps to interfere with the domain registrations of legal pharmacies with real addresses in Canada. However, some MyWot reviewers have not been clear on the difference and voted down all of their reputations.

    Re: Xin Net — I’m not seeing many of their registrations anymore. China Springboard still has a lot of scammy .coms thanks to ICANN’s inaction, but no more .cn domains.

    Directi is very cooperative with those of us who report these fraudulent pharmacy domains and will shut them down within hours of reporting them; they may have been chosen for this stunt in order to target them for abuse, too.

    UK2 was registering a crapload of pharma domains, specifically, Spamit’s Canadian Pharmacy domains. Members of InboxRevenge.com noticed in July that they’d put all those domains on ClientHold. CPh and Spamit have suspended operations as of October 1, so perhaps their affiliates hold a grudge against UK2 Group, too.

    The biggest offenders now are the Russian registrars, who flaunt laws requiring registrant identification by allowing them to register domains first and provide their documentation months later.

    • The automation process is multi fold.

      Obviously the dns registration part has now been demonstrated to be past turk’ing and somehow automated. The ID theft and carding has been demonstrated as automated. Erecting the simple boilerplate websites has long been demonstrated as automated.

      Put them together and you could pump out a 1000 sites to a botnet in less than a 30 minutes.
      given enough credit in enough banks.

      As BK has always alluded: solve the root problem not the symptoms.
      – deny the hosts
      – insist on better consumer OS & Apps
      – deny the DNS opportunites
      – better Business practices or get illicit ISP/Registrars banned
      – deny the ID theft
      – Halt the money laundering and write offs which is bleeding the banking system.

      We’ve reached a moment. Its no longer criminals making their own lockpicks, nor is it the realization there is are “backalley criminal stores” which will sell to anyone.

      Its now a fact there are factories willing to sell in the open the stuff to start your own factory to make the stuff to make your own lock picks to use and sell and so on…

      I sense a lot of GDP being flushed worldwide chasing these guys instead of being invested back into solving domestic issues (k-12, High Schools, vocational programs etc)

      But then again it may expand the economy like other military defence complex supposedly does.

      • Deny the hosts -> They proxy, They Flux, They compromise & investigation is trans-national & expensive in comparison to the crime.
        Better OS & Apps -> Will not help John Doe pick a better pharmacy so he doesn’t get wallet-raped for meds in the US.
        deny the DNS opportunites -> Interesting point this one, in areas where this has been tried, .cn for instance it’s simply pushing those that use and abuse DNS to other ccTLDs or to using compromised redirector services or worse.

  12. UK2 Group have acted swiftly to suspend a wide range of the “adult” sites registered with the fake “John Horton” ID.

    To corroborate the statistics in the story, you need only look up registrations by the John Horton email address on
    http://www.domaintools.com/reverse-whois and you get the answer = Current Domains 1,509

    Reports have been sent to another registrar
    INTERNET.BS CORP. (Bahamas) which has similarly been abused with registrations of of the same porn+pills scam, using John Horton’s details, and we await their action.

    Thanks to the combined efforts of Brian Krebs and LegitScript, it is not a difficult job persuading hte registrars to do a seek and destroy on this outrage.

    There is a thread tracking this incident at
    http://ksforum.inboxrevenge.com/viewtopic.php?f=9&t=4047

  13. Let’s get back to that deal with eNom — what did they actually agree to?

    The most infamous of their domains, canadianhealthcaremall.net, which has been reported multiple times by multiple people, which displays a forged pharmacy license and photoshopped pictures of imaginary office locations is still alive. See http://spamtrackers.eu/wiki/index.php/Canadian_Health%26Care_Mall (They have removed the fake CIPA, Pharmacy Checker, and BBB seals as well as the stock photos of models they were claiming to be the founders of the company, showing how intent the spammers are at keeping this domain alive.)

    Up to now, eNom has deflected complaints about canadianhealthcaremall.net, saying it is up to their reseller, Namecheap.com, to suspend it. Namecheap refuses.

    If the only domains eNom is agreeing to suspend are the ones that weren’t registered through resellers like Namecheap,” the worst of the worst will still survive.

    • @Alpha
      That is a good point. When I reported a fraudulent domain to the designated registrar for a ccTLD registry, rather than report it to the reseller, I was told that they were already considering terminating their contract with the reseller due to repeated violations. I noticed that the domain was quickly removed.

      It is my understanding that the RAA (Registrar/Reseller Agreements) requires the Registrar to take “compliance and enforcement action” against a Reseller violating any of the required provisions.

      I don’t know what the required provisions are but it would seem reasonable to me that if a registrar maintained a contract with a reseller who continued to maintain domains known to be fraudulent, the registrar should be held responsible if they continue to maintain their contract. If this is not the case, the entire RAA concept needs to be reworked, otherwise the accreditation of a registrar by ICANN is meaningless if they can allow fraudulent registrations by proxy.

    • @Curious
      My comment on the first link would only be that competing companies are often suing each other. Here you have two web sites competing for the same business with one calling the other “unethical”.

      The second link has a headline which is as attention grabbing as it is misleading.
      When the FDA was set up in 1906 by Theodore Roosevelt would we have seen a headline “White House threatens private enterprise!” ?
      When Child Pornography laws were enacted would we have seen headlines of “Federal Government threatens freedom of the press!” ?

      • Child Pornography is a great example! If it was for me I’d burn all the abusers alive or torture them till they die! Unfortunately there are 100+ countries that have no laws against it and the only solution the western civilization found was to prosecute the bastards that abuse children in their own countries by making it illegal to their citizens to participate in this “unhuman” activities no matter where the abuse took place.

        If the U.S. or Mr. Horton want to stop the online prescription market they should find another way to block it cause they CAN’T go after websites outside their borders as they are trying to do.

      • Exactly! They are two competing companies and John Horton has not been playing a fair game. Violations of government ethics laws is not something you expect from a person demanding everyone else to follow the law.

        Child Pornography?? You are kidding, right? No one could intentionally post such ridiculous demagogy.
        Did you even bother to read the article? I did read the article and the comments section.

        The comments section is even more interesting.
        http://www.bluemaumau.org/node/9428/talk

        “2010-09-29 21:10

        I’m hopeful that we can handle this professionally and without recourse to a civil lawsuit. However, if the content is not changed by the end of the day, I will feel it necessary to have our attorney formalize our request, followed by appropriate legal action. Because your statements allege criminal behavior on my part, and these are provably false statements, I am confident that we would prevail in a civil action with damages against both you and the operators of BlueMauMau.org.

        Thanks,

        John Horton
        President, LegitScript”

        ” 2010-10-04 19:32
        As to Mr. Horton’s discussion of funding sources, that will make for interesting discovery once he commences his lawsuit and puts the matter in issue.

        Paul Steinberg, Franchisee Attorney, New York City, Ph: 212-529-5400″

        What date is it today? How is the lawsuit going? Or was is just hot air? This really makes me wonder what is the true agenda and funding sources of Legitscript.

        • @Mario
          This report is about fake and illegal pharmacy sites and the attack against Horton by the people running them.

          There are probably more appropriate places to try your case against Horton, justified or not, than on this security blog.

    • There’s no love lost between Pharmacy Checker and LegitScript, that’s for sure. LegitScript’s blog has an entry about a CNN expose’ of a mail order pharmacy that turned out to be a total fraud. The blog points out that they had obtained approval from Pharmacy Checker but been rated unapproved by LegitScript.
      http://www.legitscript.com/blog/72

    • There is a really important fact hasn’t been taken into consideration in this conversation! What if the company that produces the less effective drug isn’t doing anything illegal in the country they operate!? You and ME might not like it but the simple fact is that the U.S. nor Mr Horton has nothing to do there and shouldn’t impose their “rules” into other jurisdictions.

      There are many countries (even California) that allow the phone/online consultations, if an online pharmacy is operating there legally should Mr. Horton or the White House go after them, when what they do is legal in their jurisdiction?

      There are millions of things I don’t like about the Internet but unfortunately as long as there isn’t a real WORLD RECOGNIZED “online/web jurisdiction”, no single individual or private organization should have the right to go after a website. There should be a real investigation and the physical operation should be taken down by the proper authorities if what they are doing is illegal, if it isn’t illegal or allowed by a Judge after a serious investigation a person/organization opinion shouldn’t have the power or right to do absolutely anything more than reporting it to the authorities.

      Mr. Horton has been operating LegitScript for some years now and since then only a hand full of arrests have been made. I’m sure that he reports every “rogue online pharmacy” to the authorities but if out of the 53000+ black listed pharmacies on his website only a few actual ended up in arrests, it probably is because 99% of this reported sites aren’t doing anything illegal he likes it or not. Who do you trust Mr. Horton or the U.S. legal system? Who funds LegitScript.com?

      If we give a private organization such power than what would prevent the “Hardcore Muslin Conservative Organization” to go after Playboy.com, Maxim, FHM for showing “immoral pictures of women”. Should the Las Vegas Casino to go after the UK/Offshore Online Poker Rooms? They already did try to go after the online gambling industry and ended up with a Multi Billion dollar fine from the WTO because of it! (paid by every tax paying citizen)

      For example there are rumors that in a few months Viagra will be sold over the counter in the U.K., if the U.S. or Mr. Horton doesn’t like this they should enforce it in the U.S. customs and not going after the legally operating websites under the U.K. jurisdiction!

      Mr. Horton is talking about a law suit against this “Pill Gangs” but if continues to force his OPINIONS (read the disclaimer in his website) he will probably end up getting sued. ICANN knows this and that is probably the main reason they didn’t attend the White House registrars meeting.

      • @Another
        I understand and sympathize with your concerns. I would like to point out that the white house meeting (ref: http://krebsonsecurity.com/2010/08/white-house-calls-meeting-on-rogue-online-pharmacies/) was for the purpose of “address unlawful activity on the internet, such as illegal downloading and illegal internet pharmacies.” It wasn’t to endorse any individual’s solution to the problem. I don’t know why ICANN didn’t attend but this would have been a good occasion for ICANN to disagree with and propose solutions other than Mr. Horton’s, if indeed that was the reason for them not attending.

        Browser software can subscribe to a service that warns me of “suspect” phishing sites. An individual user can choose to ignore the warning (which I have to do when I’m researching sites). I would think a requirement for a similar service for sites falsely representing themselves or which fail to give accurate “whois” information could be a solution that would address the concerns you expressed.

        More strict solutions which address US federal law could be implemented for US ISPs only.

      • Bot spam researcher

        You forget that these people:

        - infect millions of computers worldwide, including
        in their own countries, in order to send spam advertising it.
        - If they deliver anything at all to the buyer, it invariably turns out to be the wrong drug, contaminated, or no active ingredients whatsoever.

        I can’t think of any countries where such fraud is legal, can you?

  14. Good luck Horton!

    Most of the Canadian Pharmacy emails I’ve been seeing lately have had the ccTld of “ru”. and have been located in St. Petersburg, Romania or Moldova. And as has been mentioned by others here, the domains have been only recently registered.

    Most of the ones I have seen were registered with the infamous registrar NAUNET-REG-RIPN. I say infamous because this has been the most reliable registrar for the Zeus botnet the last few months, keeping the fraudulent domains active for several weeks at a time.

    Unfortunately, the services most browsers use to detect suspicious sites will not report these sites as suspect because technically they are not considered “phishing” sites. They only steal your money and risk your health by making you think you’re taking the drug you ordered, that is, if you get the drug at all.

    • These websites actually aren’t legal in Russia, either. For instance, Eva Pharmacy specifies in their forum announcements, “Мы не принимаем русский трафик” — “We do not accept Russian traffic.”

      They want to sell Americans crap that isn’t good enough for Russians.

  15. I am against spammers and their mischievous ways. However, I can not feel bad about Mr. John Horton. He used to be the associate deputy director at the White House’s Office of National Drug Control Policy and then founded legiscript.com? He took advantage of his government position to gain a competitive edge on his private business. There must be more to this story that we don’t know, but bottom line, this seems a battle between crooks.

    • @Thomas there are serious issues about overpriced drugs and reimportation from legitimate Canadian pharmacies. But that’s not the question here.

      These pharmacies are not in Canada. These spammers are not “mischievous.” They are criminals.

      Would you buy drugs from the operators of an online pharmacy if you found they didn’t pay for their web hosting, but instead installed their website files surreptitiously on other people’s computers, using malware (“bad software,” like computer viruses, trojans, worms, etc.) ? And that they depended on using still more computers with similar infections to mail their spam, again, without the knowledge or permission of the people like you who own them?

      Would you give them your personal information and credit card number if you found they had registered thousands of domain names for their websites using other people’s names and addresses? And that they had paid for them with those people’s stolen credit card numbers?

      Would you actually ingest pills that might arrive from a website that provides photos and biographies of their supposed founders if you found they were really just photographic models in stock photos available for sale at Getty Images? How about if you found their “headquarters” photo was a Hilton Hotel that they had photoshopped, putting their website name on the outside of the building in the photo? Or that their address was a vacant lot? or a sod farm?

      Would you trust them if they displayed logos from Pharmacy Checker even though Pharmacy Checker lists them as frauds? And that they did the same with seals from CIPA and the Better Business Bureau?

      Are you so distrustful of the government that you would rather buy from a website that displays a forged pharmacy license rather than from a real pharmacist?

      And would you consider yourself getting a bargain for your pills when the generic drugs cost far more than they do in your local pharmacy? Or if you learned that multiple people had bought meds from them for analysis and had found they contained no active drugs?

      That’s the group of online pharmacies we’re discussing here. It has nothing to do with any pharmacy in Canada nor any pharmacy that Pharmacy Checker would approve. Despite having Pharmacy Checker, CIPA, The Better Business Bureau, and LegitScript all condemning these websites, people are still being duped into giving them credit card numbers.

      Right now, we need as many outlets as possible to get the word out about rogue pharmacies (and LegitScript does distinguish “rogue” pharmacies from those that are operating within the law in their own jurisdictions.)

      It’s counterproductive to confuse the issues. If anything, the fact that so many people don’t know the difference is used as a justification for prohibiting people from ordering from legitimate Canadian pharmacies.

      • There sure are many online criminals who rely on SPAM and viruses to promote their fake Canadian pharmacy sites, and it is always great to
        hear that spammers are losing their domains.
        However, there are also many online pharmacies that provide their customers a great service and rely on happy returning customers and word of mouth referrals.
        After reading the comments above, I tend to agree more and more that Mr. Horton is a lobbyist of Big Pharma.
        A good example is inhousepharmacy http://www.bilerico.com/2010/09/inhousepharmacycom_stops_shipping_to_the_us.php
        As you can read many people have lost a cheap and reliable source for their meds. I haven’t seen many worried people when a
        fly-by-night fake Canadian pharmacy site gets closed for sending SPAM.. including the owner. He just registers 100 more domains and keeps sending SPAM.
        I wonder what will happen when more sites like inhousepharmacy will get closed. The demand will stay the same, but the number of reliable
        sites will shrink. That hole in the market will not stay empty for long. And who will fill the hole? Who will be able to fill that hole
        quickly? It will be fake pharmacy sites that rely on email SPAM and hacked .edu sites to trick Google will take over the market.
        And who will benefit from it? It will be scammers sending powdered drywall and Big Pharma as people will have no other choice but to buy the overpriced pills once they realize that the only thing they can buy from the fake Canadian sites is drywall.

        • The fact is that it *isn’t* legal to order drugs from Canada, no matter how reputable the pharmacy. And there’s not much interest in congress in changing that.

          There’s an election next week, and the way things are going, it looks like the people who are in favor of the status quo are going to gain seats. Unfortunately, the status quo is in meltdown, as healthy people give up their health insurance due to cost increases, causing the costs for the remaining older and sicker people to spiral even higher. As bad as the status quo is, keeping even that much isn’t one of our choices. And legislators consider the question of having the U.S. government negotiate drug prices — which is how Canada keeps them lower — completely off the table.

          Talk to your friends, neighbors and relatives if you feel that Americans ought to have the same access to affordable prescription drugs as Canadians, so they can tell their representatives and senators that they want that. The people telling them not to reform the system have loud voices and deep pockets.

          • “And legislators consider the question of having the U.S. government negotiate drug prices — which is how Canada keeps them lower — completely off the table.”

            I live in Ontario, Canada to start off.

            I’ve seen somebody else saying this “that the Canadian government negotiate[s] drug prices” but as far as I know, that’s not true. You can only negotiate if you’re buying, and the Canadian government doesn’t buy any drugs – there is no national program for purchasing medication in bulk in Canada.

            A couple of the provinces might do this as they have provincially-funded programs for all their residents, but most provinces don’t, except for seniors and lower-income people.

            Also, pharmacies here are privately run, and that’s where we get our medication. The hospitals are buying in bulk, and any drugs given during a hospital stay *are* covered, but I don’t even know of any provincial hospital program even that buys in bulk.

            The real reason medications are lower priced here are because we don’t let drug patents run as long so generics make it to the market sooner. And generics can be up to 75% cheaper.

          • Bot spam researcher

            No Jason,

            Drug prices are regulated in Canada.

            And I live in Ontario, Canada too.

            The Patented Medicine Prices Review Board (PMPRB) regulates the prices that the manufacturers or licensees of patented drugs can sell to “wholesalers, hospitals or pharmacies”. Which breaks the manufacturer’s monopolistic control over pricing.

            See http://www.whoswholegal.com/news/features/article/27744/ for more of the details.

  16. Another Curious is badmouthing Mr Horton. Wonder why.. He sounds just like the people from Pharmacy Checker.
    Sour grapes much?

  17. “The Patented Medicine Prices Review Board (PMPRB) regulates the prices that the manufacturers or licensees of patented drugs can sell to “wholesalers, hospitals or pharmacies”. Which breaks the manufacturer’s monopolistic control over pricing.”

    Thanks. I was unaware of this so I admit to being ignorant, but not blissfully so. I’m surprised there is no such equivalent review board in the US. Wait, no, I’m not surprised in a country where too many Americans are more worried about government control of healthcare than they are of people not getting any at all. Sigh. Oh, well, that’s another discussion.

    Thanks for the enlightenment, and everybody, ignore what I said.

    • @Jason

      “too many Americans are more worried about government control of healthcare than they are of people not getting any at all”

      Very true. And too many also seem to be more worried about who gets credit for taking down the criminals ripping them off than they are about protecting them from the criminals.

        • Everybody is blaming Big Pharma and Big Insurance Companies. But both know the current situation is untenable. They know there must be change if they are to survive. They just want to be able to shape the change to their own advantage. The main entity that stands to lose from any reform is the traditional print and broadcast media.

          Currently, we have a bizarre system where the people who consume the medications (patients), the people who select the medications (doctors), the people who decide what the patient must pay for the medication (the pharmaceutical benefit management companies), the people who chose the PBM (insurance companies) and the people who choose the insurance companies (employers) are all different. Whatever you feel about free-market forces, they simply can’t have much affect when traditional supply-and-demand is so perverted. Even for conditions where there is an assortment of nearly-equivalent “me-too” drugs, the price to the pharmacist tends to be the same. Instead of lowering the wholesale price to compete with other drugs, the manufacturers and the PBMs negotiate “rebates,” payments the manufacturer gives the PBM based on the number of their members who purchase a particular drug. The real cost to the PBM has no relationship to the wholesale cost nor to the price it would cost a cash-paying patient at the pharmacy.

          Those rebate agreements are confidential business agreements, so they are not reflected in the price the patient pays — every drug in the same “tier” will have the same copay. There is little incentive for a company with a new drug to offer a lower price, because the PBMs will withhold coverage approval until they try to negotiate a rebate anyway, and the patients will pay the same brand-name drug copay as the more expensive products. So instead, they compete by spending massive amounts on marketing.

          Look at all the drug ads on TV, in newspapers, and in magazines. That’s what the cost of those medications is paying for. Do you think the drug firms wouldn’t be willing to advertise less and sell more product at a lower price if the profit were the same? But the traditional media outlets are already losing market share to the internet. They’re going through lots of mergers, downsizings, and bankruptcies. How much worse would it be if they lost nearly all that pharma advertising?

          Is it any surprise they are keeping the teapartiers’ concerns front and center, while ignoring the plight of underinsured people who can’t afford necessary medications?