NordVPN Promotion

Home / Blogs

Received a Questionable Email From NABP? It May Be Illegal Spoofing

BLACK FRIDAY DISCOUNT - CircleID x NordVPN
Get NordVPN  [74% +3 extra months, from $2.99/month]

Has your organization recently received an email claiming to be from NABP’s Internet Drug Outlet Identification Program (IDOI)? If so, it is possible that someone is trying to trick you.

The NABP IDOI team’s email account has recently been illegally “spoofed” by unaffiliated persons or organizations. Email spoofing involves the forgery of an email header so that the email appears to have originated from someone other than the actual source. To be clear, it is NOT the result of unauthorized access into the spoofed organization’s systems.

In this case, unknown individuals are posing as NABP (masking the real sender’s email address and manipulating the “from” address to appear as if it comes from our [email protected] email address) and sending emails to organizations involved in domain name infrastructure (e.g., domain name registrars, registry operators, ICANN). The spoofer typically provides an official-looking list of internet pharmacies, accompanied by a request to lock-and-suspend these domain names.

Although we appreciate that these unknown individuals care about the issue of illegal internet pharmacies (or so we’d like to think!), the spoofed emails: (1) are not drafted by NABP; and (2) sometimes include websites that are not found on NABP’s Not Recommended List and have not been reviewed by NABP. Why would anyone do this? Well, some illegal internet pharmacies use this tactic to target their competitors’ websites, pretending to be NABP in order to shut down the competition.

A few takeaways:

  • NABP will never issue domain name abuse notifications from [email protected].
  • Spoofing is annoying, potentially illegal, and possibly harmful.
  • Spoofers, if you are reading this: (1) If you’d like to suggest websites for inclusion on NABP’s Not Recommended List, please report the websites here (scroll down to: “Found a suspicious website? Report it.”); and (2) Please stop spoofing. It’s not cool.
By Justin Macy, Digital Health Senior Manager

Filed Under

Comments

Comment Title:

  Notify me of follow-up comments

We encourage you to post comments and engage in discussions that advance this post through relevant opinion, anecdotes, links and data. If you see a comment that you believe is irrelevant or inappropriate, you can report it using the link at the end of each comment. Views expressed in the comments do not represent those of CircleID. For more information on our comment policy, see Codes of Conduct.

CircleID Newsletter The Weekly Wrap

More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

Related

Topics

Threat Intelligence

Sponsored byWhoisXML API

Domain Names

Sponsored byVerisign

Cybersecurity

Sponsored byVerisign

DNS

Sponsored byDNIB.com

Brand Protection

Sponsored byCSC

IPv4 Markets

Sponsored byIPv4.Global

New TLDs

Sponsored byRadix

NordVPN Promotion