Fraudulent cures and treatment place both personal health and wealth at risk

Fake Covid-19 vaccines pose 'serious health hazard', warns Interpol

Interpol and US Homeland Security Investigations (HSI) have issued a joint warning about the “serious health hazard” posed by the sale of fake Covid-19 vaccines and treatments online.

Amid an uneven global vaccine rollout, criminal groups are capitalizing on huge demand for coronavirus inoculations by selling supposed vaccines without either regulatory oversight or safety tests, the European and US law enforcement agencies warned.

Snake oil

Interpol and HSI said on Wednesday (24 March) that these counterfeit vaccines provide no protection against Covid-19 and could pose “a serious health hazard if ingested or injected”.

Legitimate vaccines cannot be bought online, they continued, since they “are strictly administered and distributed by national healthcare regulators” through healthcare systems and national providers.

READ MORE The age of Covid-19: Lockdowns and cybersecurity, 12 months on

“From the very beginning of the pandemic, criminals have preyed on people’s fears in order to make fast cash. Fake vaccines are the latest in these scams, which is why INTERPOL and HSI are warning the public to be extra vigilant,” said Interpol secretary general Jürgen Stock.

“Anyone ordering a vaccine online rather than obtaining it from their national provider, will be buying a fake product.”

HSI assistant director Steve Francis added: “HSI and its law enforcement partners will vigorously investigate and seek prosecution for criminals taking advantage of the public’s quest for COVID-19 vaccinations and those who endanger the lives of the very people the vaccines are intended to protect”.

Law enforcement fightback

The warning follows Interpol’s announcement on March 3 that South African authorities had made four arrests following the seizure of 2,400 doses of fake Covid-19 vaccines. Elsewhere, a raid conducted by Chinese police resulted in the arrest of 80 suspects and seizure of more than 3,000 counterfeit vaccines.

Submitting pre-orders for vaccines, and paying for them with bitcoins among other payment processing methods, can also put victims’ finances and personal data at risk, the agencies warned.

In December 2020, for example, HSI seized two phishing websites parading as the legitimate domains of biotechnology companies involved in developing Covid-19 treatments.

And in August, the US Department of Justice shut down 300 fraudulent websites that failed to fulfil orders for scarce products such as hand sanitizer and disinfectant wipes even after taking payments.

Read more of the latest coronavirus security news

The UK’s National Cyber Security Centre (NCSC) has also played a pivotal role in the law enforcement fightback against Covid-themed scams, disrupting more than 15,000 coronavirus-themed phishing campaigns between March and August 2020.

Interpol secretary general Jürgen Stock said the law enforcement response must be transnational if criminal networks with “global ambitions” are to be dismantled. In recognition of this, Interpol created a Global Financial Crime Task Force (IGFCTF) last year.

Fake test results

A report released yesterday (March 25) by threat intel firm Intsights warned of a burgeoning black market for fake test result documents that could be used to dodge quarantine restrictions when travelling or before returning to work.

“It is unclear if these criminal vendors are abusing the legitimate access of malicious insiders, breaching networks to gain unauthorized access to infrastructure that produces legitimate testing documents, or using some other unidentified means,” said the report.

Intsights also noted that businesses offering Covid-19 tests or demanding proof of customers’ testing or vaccination status as a condition of travel or entry to premises were seeing an “increase in the volume of protected health information (PHI) stored in or transiting through their networks”.

Health-related data is often more sought after by cybercriminals than payment card information, it warned.

DON’T FORGET TO READ EU cybersecurity strategy: Coronavirus, supply chain attacks highlight ‘lack of coordination’ among member states