Another instance of fake vax certificates in Mr David Brownbill v O&M Pty Ltd [2021] FWC 6635, with the Fair Work Commission noting that on 8 December Brownbill made an application to the Commission under section 526 of the Fair Work Act 2009 (Cth) alleging he had been unlawfully stood down from employment with O&M Pty Ltd.
The hearing was via Microsoft teams. O&M raised the question of Brownbill’s COVID-19 vaccination status, arguing that Brownbill was a casual employee, Brownbill had not been stood down and that as result of a Direction of the state's Acting Chief Health Officerit could not place its employees on a certain client site unless they had proof of vaccination or a first vaccination dose or had a booking to receive a first vaccination dose. O&M asserted that Brownbill had not supplied the requisite proof; accordingly it was unable to use his services from 14 October 2021.
[3] During the conference, it was asserted by Mr Brownbill that he had supplied proof of having been vaccinated to the Company on 22 November 2021. The Company held some concerns about the vaccination certificate produced by Mr Brownbill. I requested a copy of the email Mr Brownbill had sent to the Company on 22 November 2021. It was provided.
[4] The email dated 22 November 2021 contained within it the following hyperlink: [omitted here]
[5] Having clicked on the hyperlink, it appeared to me that the means by which the vaccination certificate had been procured by Mr Brownbill may have been fraudulent and that the certificate he produced may be a fraud.
[6] I expressed this view to the parties.
[7] If the vaccination certificate is a fraud and has been fraudulently obtained via an illegitimate hyperlink on the internet, this would be a matter of extremely serious public policy concern. I invite the relevant public authorities to investigate further.
[8] During a further exchange with Mr Brownbill about a separation certificate he says he was sent to him by the Company, he terminated his involvement in the conference by stating: “[expletive], I’m not wasting any more time with you corrupt idiots.”
Brownbill left the conference.
[9] From this, I have taken Mr Brownbill to have discontinued his application pursuant to Rule 10(2)(c) of the Fair Work Commission Rules 2013. The Commission’s file will now be closed.
The 'gimme a fake vax cert' site states "Welcome to the Medicare vaccine pass generator. Please input the data needed to make the pass here", with users needing to input their name and date of birth and fake vaccination details, alongside guidance (“Make sure your dose dates add up. Remember, 12 weeks between AZ and 5 (give or take 1) between Pfizer") about how to make the fake certificate appear more authentic.
'COVID-19 Vaccination Certificates in the Darkweb: A Preprint' by Dimitrios Georgoulias, Jens Myrup Pedersen, Morten Falch and Emmanouil Vasilomanolakis comments
COVID-19 vaccines have been rolled out in many countries and with them a number of vaccination certificates. For instance, the EU is utilizing a digital certificate in the form of a QR-code that is digitally signed and can be easily validated throughout all EU countries. In this paper, we investigate the current state of the COVID-19 vaccination certificate market in the darkweb with a focus on the EU Digital Green Certificate (DGC). We investigate 17 marketplaces and 10 vendor shops, that include vaccination certificates in their listings. Our results suggest that a multitude of sellers in both types of platforms are advertising selling capabilities. According to their claims, it is possible to buy fake vaccination certificates issued in most countries worldwide. We demonstrate some examples of such sellers, including how they advertise their capabilities, and the methods they claim to be using to provide their services. We highlight two particular cases of vendor shops, with one of them showing an elevated degree of professionalism, showcasing forged valid certificates, the validity of which we verify using two different national mobile COVID-19 applications.
The darkweb has been actively serving as a platform where cybercriminals can carry out their operations, since the founding of the Farmer’s Market (2010) (18) and Silk Road (2011) (4). Both of these marketplaces, operated via Tor hidden services, which is still the most popular anonymization network to this day. While these marketplaces started off with a heavy focus on drugs, though the years such platforms have evolved, providing a large variety of products and services (e.g. firearms, botnet services, malware, stolen bank credentials). The COVID-19 pandemic has had a great impact on millions of people around the globe, affecting many different aspects of their lives. In order to reverse the worldwide disruption that the virus has caused, vaccines were developed, aiming towards protecting the population and halting the spread of the virus.
Trading platforms on the darkweb were very quick to take advantage of the pandemic situation. Vendors started offering vaccines on several marketplaces, or on their own independent vendor shops (2). After the vaccine development, the next step was monitoring the vaccination status of the population, which was achieved through the issuance of vaccination certificates, in physical or digital form. In several countries, not being vaccinated is bound to cause implications in people’s social and work life, often excluding them from some activities, and making daily tasks harder to carry out. For example, the non-vaccinated population needs COVID tests frequently, might be denied indoor access to restaurants, or have challenges while traveling. Since vaccinations can play such an important role in certain countries, a new market has emerged on the darkweb. Marketplaces and vendor shops are currently offering both physical and digital certificates, from a variety of countries, or fake PCR test results as an alternative, with non-vaccinated people as the target client group. Individuals that do not wish to be vaccinated, but want the convenience of owning a vaccination certificate, can visit the darkweb and purchase one on a number of different platforms.
In this paper, we focus on the COVID-19 vaccination certificate darkweb market, with an emphasis on the EU Digital Green Certificate (DGC). We investigate 17 marketplaces and 10 vendor shops that list physical or digital proofs of vaccination as available products, with the purpose of documenting the different aspects that compose this specific type of illegal trading. This includes elements such as countries of origin, countries that the certificate is valid in, shipping, means of communication with the vendors, as well as how these items find their way to the sellers. We then demonstrate examples of such sellers and emphasize on two interesting cases in which the vendors provide valid EU digital certificates as proof of their service’s legitimacy. Notably, one of the shops presents a very high degree of professionalism. We confirm the validity of these certificates, and examine their details.
The remainder of this paper is structured as follows. In Section 2, we give an overview of the methods used to carry out our research for the purposes of this paper. Section 3 provides background information on the issuance and the verification of vaccination certificates, and discusses the related work. In Section 4, we dive into the mapping of the certificate market of the darkweb. Section 5 is dedicated to investigating the legitimacy of the listings we found. Lastly, Section 6 concludes this paper.