Fake "My Canadian Pharmacy" domain blackholed after my complaint

About two days ago, on June 15, 2011, I wrote an article on this blog about the re-emergence of the rogue Canadian Pharmacy scam, now using the name: "My Canadian Pharmacy." The pharmacy is a fake, selling counterfeit Asian pills and stealing money from gullible Americans, who are tricked into purchasing fake drugs (without the normally required prescription) and handing over their credit and debit card numbers to criminals, in the process.

Near the end of that article I mentioned BigRock.com, the Accredited Domain Name Registrar on record, who was responsible for providing a connection for that domain, ERGADOYMA dot COM, to the Russian "name servers" inputted into the account, by the owner. The Registrar is a go-between for a domain name and the equipment that provides an IP address that allows them to serve web pages to the World Wide Web. That equipment is referred to as a name server. In the case of the rogue My Canadian Pharmacies, the name servers were Russian (.ru); located in Russia and in China.

The Registrar, BigRock.com, located in Mumbai, India, read my complaint about spamming and illegal activities going on regarding that domain, and looked into the matter. I am happy to announce that they replied to my charges and have terminated the account for ERGADOYMA dot COM, for violating their Terms Of Service, regarding spamming and illicit activity. That domain is now blackholed, to 0.0.0.0 and is no longer responding to requests from spam recipients.

It is almost certain that the cybercriminals who registered that domain name are going to try to find another accredited Registrar with whom they might register their fake pharmacy name again. If or when they do, the domain will resolve to web pages hosted on botted PCs, under the control of the spammers and Bot Masters running this rogue pharmacy.

This victory, for the little guy, may be short lived, but it is significant. My formal complaint and due diligence in my investigation contributed to the takedown of a criminal domain name used to rob and poison gullible people of their money and health. It shows you that one small voice can make a big difference.

If you intend to report spam domains to their hosts or Registrars, make sure you have your facts lined up in an easy to understand outline. Avoid ambiguous words and phrases. Get to the point and provide concrete evidence. Do not assume that the Registrar, or web host, is complicit. In most cases, they are innocent accomplices, duped by seasoned professional cybercriminal spammers and Bot Masters.

NB: I use Trend Micro Internet Security on my PC. It has blocked access to the web pages referred by links to ERGADOYMA dot COM, for a long time. This domain is a known "badware" serving domain, owned by Russian criminals.

Trend Micro Internet Security products,

for home and office users, use in-the-cloud malware definitions that are updated every day, all day, as soon as new or altered strains of viruses and other malware are detected in the wild and analyzed. By offloading the bulk of these ever changing virus definitions to cloud servers, the load on your computers is greatly reduced. All users of Trend security programs are instantly protected from hostile web pages laden with malware exploits and hostile email, by the Trend Micro Smart Protection Network.