Dark Web Spotlight: Counterfeit COVID Certificates Part 2
As international travel has resumed, a new market is growing: counterfeit COVID tests and vaccine certificates. Dark web merchants are producing false official COVID certificates with a QR code for $138. They ensure that with this certificate, purchasers can cross borders, work, and avoid getting vaccinated.
Counterfeiters require 22 days to produce the document. The first “vaccination” appears in public services within about three days. The second appears after 21 days. To register, forgers need a clients’: full name, date of birth, medical insurance, telephone given to government services.
As of publishing, it is not clear how counterfeiters are creating the QR code. Forgeries can range from web pages seen in fake Israeli covid records or threat actors adding records to vaccine tracking services such as PharmaOutcomes (also known as Pinnacle) or the UK NHS itself.
Researchers have found evidence of forgeries of vaccine cards from the NHS and the US Centers for Disease Control and Prevention (CDC) alongside fake test certificates, all available for sale on the dark web and through easy-to-access platforms, like messaging apps WhatsApp, Telegram, and Jabber.
The Dark Web is home not only to fraudulent documents but a host of other threats. You can protect your company with CybelAngel Dark Web Monitoring.
Selling falsified health data is an unusual turn for the Dark Web. Typically Dark Web brokers are selling, and threat actors are purchasing healthcare data in preparation for a cyberattack against healthcare facilities.
Since March 2020, the arrival of the pandemic, hospitals in France have seen a 500% increase in cyberattacks. Several hospitals have been affected by ransomware straining medical resources during a health crisis. CybelAngel analysts have examined this trend and collected solutions in their report Healthcare Data Actively Targeted and Sold on the Dark Web.