fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Telegram Channel Admins Who Sold Fake Vaccine Cards Arrested

Telegram Channel Admins Who Sold Fake Vaccine Cards Arrested

The Italian financial crime agency (Guardia di Finanza – GdF) has announced the arrest of several individuals suspected of managing Telegram channels to promote fake vaccine certificates, aka ‘Green Passes.’

The operation was supported by evidence collected by investigators at Group-IB’s high-tech crime unit, who managed to unmask the criminals despite measures to keep their identities hidden.

The searches and arrests took place in Veneto, Liguria, Apulia, and Sicily and all arrested suspects admitted to the illegal activity.

Also Read: How does ransomware happen? Here are 7 ways to prevent them

Selling fake Green Passes

The actors operated at least 35 Telegram channels that had a combined audience of 100,000 users, promising “authentic” and valid vaccination certificates for €100 ($113).

Although the sellers claimed they had accomplices in the health department who could add false entries in the national database, thus rendering the generated QR codes valid, their Green Passes were fake.

As such, those who paid in Bitcoin, Ethereum, PayPal, or Amazon gift cards, were all scammed, getting a fake card that would fail to pass any COVID-19 vaccination checks.

Fake documents presented as examples of Telegram
Fake documents presented as examples of Telegram
Source: Group-IB

Blackmail risks

Circumventing the regulations around vaccination or COVID-19 testing carries a dire risk relevant to the virus itself, but this is not the only risk that arises from these cases of fraud.

In this case, the users who bought fake green passes from the scammers provided their full names, dates of birth, addresses, and tax code identifiers.

While this information would be required to create a realistic context for the scam to work, this data is valuable in its own right and can be resold to other cybercriminals.

Moreover, it can be used as an extortion lever, threatening the buyers of fake vaccination cards with public exposure if they don’t pay a ransom.

Also Read: Ways to protect HR data and avoid penalties for data breaches

Details requested by the scammers on the post.
Details requested by the scammers on the post.
Source: Group-IB

“Numerous users of the network who – in order to circumvent the regulations for the protection of the community issued by the legislator to counter the evolution of the pandemic in progress – attracted by the idea of ​​being able to purchase a green pass without qualification for a cost of 100 Euros.” – Guarda di Finanza (translated)

“In addition to having lost the agreed sum, they also superficially shared their identity documents, exposing themselves to high risks regarding their illicit use.”

This coercion is precisely what Russian scammers are doing, following a very similar modus operandi to their Italian counterparts, selling fake vaccine cards on Telegram channels for around $120.

Instead of sending the promised cards to the buyers, they deliver threats to alert the authorities of the buyer’s identity unless they receive an additional amount.

Purchasing fake vaccination certifications entails criminal liability for the buyers in most countries, so the chances of finding trouble one way or another are overwhelmingly high.

No matter what burdens decrees may have imposed on you, you should keep in mind that conducting business and sharing personal data with suspicious entities online is like voluntarily registering for phishing, scams, and blackmail.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us