As countries around the world prepare to roll out the Covid-19 vaccine, scammers are making up to Sh60 million by selling the 'doses' on the black market.
And Interpol also announced today that South African authorities had seized hundreds of fake Covid-19 vaccines following a global alert it had issued warning vaccines would be a prime target for criminal networks.
According to global cyber security firm, Kaspersky, the vaccines are sold through the dark web with pricing per dose ranging from Sh25,000 to Sh120,000. On average, one dose goes for Sh50,000. Some of the dealers have completed 500 transactions, raking in over Sh60 million.
The dark web is a hidden part of the internet that requires special software to access. It is a notorious market for drugs, firearms and other illicit goods.
Most of the sellers are located in Germany, France, the United Kingdom and the United States. They communicate via encrypted messaging applications, such as Wickr and Telegram.
They mostly target people in countries that are yet to acquire the vaccines. To hide any financial traces, payments are requested in form of crypto currency, primarily bitcoin.
The common vaccines being advertised by these fraudsters are Pfizer/BioNTech, AstraZeneca and Moderna. With the entire business being conducted purely online via the dark net, it has proven an onerous task to verify the vaccines being sold. What exactly users are purchasing remains unclear. However, what Kaspersky could verify is that the scammers complete their sales.
Some are reportedly dealing with medical facilities. However, those interviewed by Kaspersky said they were duped after finding themselves with left-over doses.
In South Africa, according to an Interpol statement, some 400 ampoules -- equivalent to around 2,400 doses -- containing the fake vaccine were found at a warehouse in Germiston, Gauteng, where officers also recovered a large quantity of fake 3M masks.
Three Chinese nationals and a Zambian national were arrested.
The statement added that in China, police had successfully identified a network selling counterfeit Covid-19 vaccines. Authorities raided the manufacturing premises, arrested 80 suspects, and seized more than 3,000 fake vaccines.
The investigation was supported and facilitated by Interpol's Illicit Goods and Global Health (IGGH) Programme.
Interpol Orange Notice warning
The arrests came just weeks after Interpol issued an Orange Notice warning law enforcement to prepare for organised crime networks targeting Covid-19 vaccines, both physically and online.
"Whilst we welcome this result, this is only the tip of the iceberg when it comes to Covid-19 vaccine related crime," said Interpol Secretary-General Jürgen Stock.
"Following our warning that criminals would target the distribution of Covid-19 vaccines, both on and offline, Interpol continues to provide its full support to national authorities working to protect the health and safety of their citizens."
"Since Covid-19 reached the shores of South Africa, the government has adopted an integrated multi-disciplinary law enforcement approach. This, together with our association with counterparts from all Interpol member countries, is proving to be very effective as we have seen in the arrests for foreign nationals attempting to peddle fake vaccines to unsuspecting people within South Africa," said Brigadier Vish Naidoo, South African Police national spokesperson.
The Interpol statement quoted a spokesperson for the Chinese Ministry of Public Security saying: "The Chinese government attaches great importance to vaccine security. Chinese police are conducting a targeted campaign to prevent and crack down on crimes related to vaccines, proactively investigating and combating crimes related to vaccines in accordance with law. We will further strengthen the constructive cooperation with Interpol and law enforcement agencies of other countries to effectively prevent such crimes."
Trace ends up with nothing
In January, researchers from another cyber security firm, Checkpoint, tried to trace the dealers and ended up with nothing on their hands. They placed an order for a vaccine dose from a vendor that they contacted on Telegram. They were offered a vaccine, reportedly manufactured in China for USD750 worth of bitcoin.
Shortly after making the payment and giving their delivery address, the seller's account was deleted and the package is yet to be delivered.
Another vendor who was contacted even offered to sell an unspecified Covid-19 vaccine for around USD300 worth of bitcoin and claimed 14 doses were required. So far, medical experts say only two doses are needed for the vaccine.
Greed and malice
"Unfortunately, while most of us are watching with hope, there are some watching with greed and malice in their minds, with the intent of capitalising people's concerns about Covid-19 and desire to be protected against the risk of catching it," Checkpoint said in its blog post.
Dmitry Galov, a security expert at Kaspersky, has cautioned that the dark web can offer nearly everything one would ever need and thus making it a perfect spot for sellers to capitalise on the Covid-19 vaccination campaign.
"Over the past year, there have been a whole host of scams exploiting the Covid topic, and many of them have been successful. Right now, not only are people selling vaccine doses, but they're also selling vaccination records -- pieces of paper that can help you travel freely," said Mr Galov, before adding, "It's important for users to be cautious of any "deal" related to the pandemic, and, of course, it's never a good idea to buy a vaccine off the Darknet."
To avoid being scammed, Kaspersky recommends that one should never buy anything, including vaccine doses, from the dark market. One should also carefully analyse the URLs of the sites that have Covid-related advertisements.
"If just one letter looks out of place, or if the usual .com has been replaced with .com.tk or something along those lines, your gut should tell you it is fake," Kaspersky said.
They also caution against entering personal information on such sites.
"Pay attention to grammar and layout on both the sites you visits and the emails you receive. If something smells fishy, it probably is," the cyber security firm stated.