Thriving Dark Web Trade in Fake Security Certifications


Security researchers have discovered underground cybercrime sites selling cheating services, leaked courses and fake certificates to help unscrupulous individuals gain security qualifications and/or a leg up in their careers. 

Dov Lerner, head of threat research at Cybersixgill, said in a new report out today that his team found fake CompTIA CySA+ diplomas, among other security-related certifications on the dark web. Given each legitimate cert possesses a unique serial number, these counterfeits should be easy to spot, he added.

However, other cheats may be more difficult to discern. Lerner said some dark web sellers offer buyers a way to cheat on exams from CompTIA, Cisco, Microsoft, Google, AWS and others, which allow candidates to take tests at home via webcam.

“In a post offering a cheating service, an actor explains that during exams, test-takers’ audio and video streams are directed to them so they can listen to and watch exams in real-time, bypassing the [invigilator],” he explained.

Cybersixgill also recorded a 73% increase in the number of leaked courses advertised on underground markets compared to 2021. Some of these are even available via free downloads, although the average price ranges from $5-200 depending on the quality and quantity of course content, course level and date.

While the market for these services is relatively small compared to other cybercrime offerings, the threat intelligence firm urged test and course providers for security certifications to monitor for attempts to game the system.

“Fake cybersecurity certificates pose a significant risk to employers who accidentally hire unqualified candidates misrepresenting their training,” Lerner concluded.

“Ultimately, the organizations that employ such individuals may discover their sensitive data in the wrong hands. Therefore, employers must take a few minutes to verify a prospective employee’s certifications to prevent such circumstances.”

Products You May Like

Articles You May Like

U.K. National Crime Agency Sets Up Fake DDoS-For-Hire Sites to Catch Cybercriminals
WooCommerce Payments plugin for WordPress has an admin-level hole – patch now!
Bitcoin ATM customers hacked by video upload that was actually an app
CISA Unveils Ransomware Notification Initiative
Windows 11 also vulnerable to “aCropalypse” image data leakage

Leave a Reply

Your email address will not be published. Required fields are marked *