Avast uncovers global fake pharmacy scam with 5,000+ domains

Researchers from Avast, a part of Gen, have identified a cybercriminal enterprise operating more than 5,000 domains that pose as legitimate pharmacies, targeting consumers with scam pharmaceutical sites in what Avast terms "PharmaFraud."

Scale of the operation

The Avast investigation unveiled a sophisticated global network where thousands of pharmacy websites, appearing professional and credible, are linked to a single organisational infrastructure. These sites use convincing design elements, fabricated reviews, and even live chat support to impersonate authentic pharmacies.

Analysis by Avast revealed a particular focus on medications that are considered high in demand, associated with personal shame, or are potentially risky. Specifically, these include erectile dysfunction treatments, diabetes and weight-loss medication, antibiotics, steroids, hormones, fertility aids, and drugs associated with COVID-19 misinformation.

Techniques and risks

The illicit network employs advanced methods to avoid detection and prolong its activities. Security researchers note tactics such as hijacking genuine medical websites, manipulating search engine results, exploiting public hosting platforms, and utilising decentralised payment systems. These strategies are designed to obscure the criminal origin of the sites and make it difficult for users and authorities to differentiate scam sites from real ones.

Email spam, digital advertising, and counterfeit review platforms are among the primary tools for drawing consumers to these fraudulent outlets. Once a user is engaged, the sites push for purchases through unsecured methods, frequently encouraging cryptocurrency payments or wire transfers which offer little to no protection for the buyer.

The range of fake offerings

Avast's research documented that the scam network markets a wide array of medications, often prioritising products that individuals may wish to obtain discreetly or without a prescription, or drugs that are subject to shortages and high prices. The following products were highlighted as common offerings:

• Erectile dysfunction drugs such as Viagra, Cialis, Levitra, along with their generic substitutes.
• Diabetes and weight-loss medications, including Rybelsus and Metformin.
• Hormonal treatments like Mircette and Estrace, fertility treatments such as Clomid.
• Common antibiotics and general medications, for example, Amoxil, Zithromax, Doxycycline, Prednisolone, Ventolin, and Lasix.
• Misrepresented or restricted drugs, including Stromectol (Ivermectin), Tretinoin, and Propecia.

The report notes the danger of obtaining medications via these routes: "Many of these substances are dangerous without proper prescription guidance or are outright illegal to sell online in certain regions." This creates not only legal risk but significant health dangers due to the potential for counterfeit or contaminated products.

Health and financial dangers

According to Avast, the consequences of using such sites go beyond financial loss. "Counterfeit drugs can have life-threatening consequences: No active ingredients delay real treatment for serious conditions; toxic substances may contain heavy metals, pesticides, or even animal tranquillisers; intentional contamination that may severely impact your health." The products are often packaged convincingly, with forged labels, manufactured expiry dates, and barcodes, but the actual contents are unregulated and potentially harmful.

PharmaFraud refers to the growing threat of fraudulent online pharmacies – scammers that pose as legitimate pharmacies while distributing counterfeit, contaminated, or entirely fake medications. These websites can steal your money or personal information and may even put your health at serious risk.

Industry vigilance and consumer advice

Avast emphasises that over 95% of online pharmacies are believed to operate illegally, putting significant numbers of consumers at risk. In the first six months of 2025, Avast states it helped protect nearly one million people from harmful online pharmacy operations.

Several warning signs are identified to help users avoid scam pharmacies, including the lack of a prescription requirement, prices that seem unusually low, missing contact details or stated availability of a licensed pharmacist, poor localisation or grammar, non-clickable security logos, insistence on cryptocurrencies, and aggressive sales tactics such as limited time offers.

Consumers are urged to observe best practices when purchasing medication online. Recommended precautions include using only verified and licensed pharmacy services, ensuring a prescription is mandatory for prescription drugs, consulting with a licensed pharmacist, steering clear of suspicious payment methods, and reviewing privacy policies to guard health-related data.

Tools such as regulatory authorities, including Medsafe, are suggested as resources for consumers to check the legitimacy of online pharmacies. Individuals are encouraged to remain sceptical, be aware of online threats, and utilise available security software when navigating pharmaceutical purchases online.