COVID-19 Vaccine Syringe MedicalCybersecurity

Kaspersky discovers selling of COVID-19 vaccines, vaccination records in the Darknet

As governments fast-track inoculation of their citizens against COVID-19, can scammers and sellers on the dark market be far behind?

Kaspersky researchers examined 15 different marketplaces on the Darknet and found advertisements for three major COVID-19 vaccines: AstraZeneca, Moderna, and Pfizer/BioNTech. The cybersecurity firm also found sellers advertising unverified “COVID19” vaccines.

The majority of sellers came from France, Germany, the United Kingdom, and the United States, and the prices per dose ranged from $250 to $1,200, with an average cost of about $500. Communications are made via encrypted messaging apps like Wickr and Telegram, while payments are requested in the form of cryptocurrency, primarily Bitcoin.

Kaspersky discovers nearly 3 million phishing attempts on SMBs in SEA in 2020

APT group Lazarus targets the defense industry with ThreatNeedle backdoor

“You can find just about anything on the Darknet, so it’s not surprising sellers there would attempt to capitalize on the vaccination campaign,” Dmitry Galov, security expert at Kaspersky. “Over the past year, there have been a whole host of scams exploiting the COVID topic, and many of them have been successful. Right now, not only are people selling vaccine doses, but they’re also selling vaccination records — pieces of paper that can help you travel freely. It’s important for users to be cautious of any ‘deal’ related to the pandemic, and, of course, it’s never a good idea to buy a vaccine from the Darknet.”

The majority of these underground sellers have made between 100 and 500 transactions, indicating that they’ve been completing sales but what exactly Darknet users are purchasing remains unclear. With the information available to Kaspersky experts, it’s impossible to tell how many of the vaccine doses being advertised online are actual doses (many medical facilities have found themselves with leftover doses) and how many advertisements are a scam.

Kaspersky reminded people that even if they did receive something in the mail, most likely it would not be an effective, valid dose. More importantly, obtaining such doses is illegal.

To stay safe from scammers at the time of COVID, Kaspersky experts recommend:

  • Never buy products — including vaccine doses — on the Darknet
  • If you see an advertisement for something related to COVID-19, look carefully at the URLs of the sites that you visit. If just one letter looks out of place, or if the usual .com has been replaced with .com.tk or something along those lines, your gut should tell you it’s phishing. Never enter personal information on such a site.
  • Pay attention to grammar and layout on both the sites you visit and the emails you receive. If something smells fishy, it probably is