"Click Trajectories: End-to-End Analysis of the Spam Value Chain" is a scholarly research paper reporting on a well-designed study of the way that spam works, from fast-flux DNS to bulletproof hosting to payment processing to order fulfillment. The researchers scraped mountains of spam websites, ordered their pills and fake software, and subjected it all to rigorous comparison and analysis. They were looking for spam ecosystem bottlenecks, places where interdicting one or two companies could have a major impact on spam.
After selecting an item to purchase and clicking on
"Checkout", the storefront redirects the user to a payment
portal served from payquickonline.com (this time serving
content via an IP address in Turkey), which accepts the
user's shipping, email contact, and payment information, and
provides an order confirmation number. Subsequent email
confirms the order, provides an EMS tracking number, and
includes a contact email for customer questions. The bank
that issued the user's credit card transfers money to the
acquiring bank, in this case the Azerigazbank Joint-Stock
Investment Bank in Baku, Azerbaijan (BIN 404610).
Ten days later the product arrives, blister-packaged, in a
cushioned white envelope with postal markings indicating
a supplier named PPW based in Chennai, India as its