Beware, cybercriminals have created bots to sell fake vaccination certificates and covid-19 tests

Almost from day one of COVID-19 vaccines on the market, cybercriminals attempted to take advantage of illegal sale of this biologic through the so called Dakrnet (the dark side of the Internet).

According to Check Point Research (CPR), a division specializing in cybersecurity, in December 2020 announcements for the sale of vaccines had increased up to 400% compared to previous months. However, it was only the tip of an iceberg that started to get even more dangerous when it was discovered in March 2021 that the number of offers had tripled, especially in countries like the United States, Spain, Germany, France and Russia.

Now, in the midst of the “denial” that exists among a specific group of people who say they are against vaccination, a new illegal trade has also grown: false vaccination certificates.

According to the CPR report, there are more than 10,000 people identified selling fake vaccination certificates on platforms such as Telegram. At the start of the vaccination processes at the end of 2020 “the prices of the fake ‘vaccine passports’ were $ 250 each, while the false negative results of the COVID-19 tests cost only $ 25”, explains the company through d ‘A declaration.

Today, almost a year after the authorities began to vaccinate their inhabitants, the cost of false certificates has dropped considerably, but it is still a growing business.

“In the latest Check Point Software report, in August 2021, Fake “vaccination passport” certificates sold for $ 100 to $ 120, and that most of these cybercriminals came from European countries. Currently, you can also find the EU (European Union) digital COVID certificate, CDC and NHS covid-19 vaccine cards, and mock covid-19 PCR tests. The number of ad groups and their size have increased 100% since early 2021 ″, adds CPR in its research.

An example of the new forms of fraud that are developing highlights that of a bot in Telegram with which people only have to fill in the relevant certificate data they need (vaccination or negative PCR test) and at the end they will receive a PDF file with the document that would pass perfectly as an original.

Another strategy is the creation of a fake European database; a technique that many people have fallen into thinking that they have acquired a place in the registry that retains the European Center for Disease Prevention and Control.

By ensuring that they can be included in this vaccine database, cybercriminals are showing a fake web address that claims to be the genuine list of vaccines in Europe. “If the buyer is not careful enough to check the data on the website, you might think this is a real website and a real database, and that it is registered as vaccinated, which is clearly not the case. Researchers at Check Point Research have detected a URL embedded in the QR code received from the seller, a QR code that shows a link to the bogus European database, ”explains CPR.

For starters, the cybersecurity company clearly recalls that In no country in the world is the vaccination certificate sold or distributed online. Any person or organization that takes advantage of it does so illegally and any Internet user who does business with one of these criminals can be considered an accomplice.

On the other hand, some tips are shared for government entities such as the possibility of managing in a responsible and transparent way. a “central register of tests and vaccinated persons”, as well as a key encryption system that allows “people to move around using only legitimate certificates and detect fake ones.”

KEEP READING