With COVID-19 as a threat vector, cybercriminals have devised multiple ways to abuse sensitive medical data and medical services. One such recent example is the selling of fake COVID Vaccination Certificates/ Passports on cybercrime forums and darkweb markets.
The image below is a screenshot from one the cybercrime forums in which a seller has advertised COVID-19 vaccination certificates with deliveries available for specified Russian cities, priced at 6000 Ruble, or approx. 79 USD.
Possessing a vaccination passport allows citizens to avoid going into self-isolation. This certificate also serves as the negative COVID report required when traveling to other countries, which grants holders the license to avoid quarantine upon arrival at the destination. This means the holder will be able to access public areas and attend social events and activities.
As shown in the image below, we have also discovered a post by a buyer willing to pay for a fake COVID-19 Vaccination certificate. It is quite likely for the demand for such inauthentic vaccination certificates to increase along with the easy availability of other spurious document delivery services on cybercrime markets.
The high risk associated with the growing popularity of such fake vaccination certificates is the rapid spreading of the virus, which is sure to defer the process of the complete elimination of the virus. The fake negative COVID test results or vaccination certificates can be misused by individuals seeking to board flights, cross borders, avoid quarantine, thereby creating a big opportunity for cybercriminals to exploit this scenario.
We recommend the following:
- Never share personal information, including financial information over the phone, email, or SMSes.
- Use strong passwords and enforce multi-factor authentication wherever possible.
- Regularly monitor your financial transactions, and if you notice any suspicious activity, contact your bank immediately.
- Turn on the automatic software update feature on your computer, mobile, and other connected devices wherever possible and pragmatic.
- Use a reputable antivirus and internet security software package on your connected devices, including PC, laptop, and mobile.
- Register at AmiBreached.com to ascertain your exposure if you’re concerned about your exposure in the Darkweb.
- Refrain from opening untrusted links and email attachments without verifying their authenticity.
Cyble is a global threat intelligence SaaS provider that helps enterprises protect themselves from cybercrimes and exposure in the darkweb. Cyble’s prime focus is to provide organizations with real-time visibility into their digital risk footprint. Backed by Y Combinator as part of the 2021 winter cohort, Cyble has also been recognized by Forbes as one of the top 20 Best Cybersecurity Startups To Watch In 2020. Headquartered in Alpharetta, Georgia, and with offices in Australia, Singapore, and India, Cyble has a global presence. To learn more about Cyble, visit www.cyble.com.