Cyber certification deceit.
N2K logoFeb 1, 2023

Cybersixgill researchers have discovered dark web shortcuts for scammers to cyber certification.

Cyber certification deceit.

Researchers at Cybersixgill this morning described the small, but pervasive group of threat actors shilling fraudulent cybersecurity certification services, from falsified diplomas and certificates to cheating services and leaked courses.

Falsified diplomas and certificates.

Diplomas and certificates abound on the dark web for many fields. Cybersecurity is no exception, with researchers discovering underground souks containing fake certificates and diplomas for CompTIA, CISSP, and the like. Though the appearance of legitimacy can be feigned, however, verification cannot — every legitimate certificate contains a serial number confirming its authenticity.

Threat actor-provided cheating services.

Though not applicable for every exam, some certification providers offer remote examinations with a virtual proctor monitoring webcam feeds at testing time, as opposed to an in-person testing center. Some scammers claim to be able to bypass the remote monitoring and answer the questions themselves, while others offer to be the middleman, with the audio and visual feed streamed to the scammer rather than a genuine proctor.

Cyber certification course leaks.

Various cybersecurity certification courses are seeing an increased presence on the dark web, with researchers citing a 73% increase in advertised underground courses from 2021 to 2022. The courses hackers are selling online are from a variety of providers, and are offered at a steep discount. The average cost of cyber training courses varies, but can be upwards of $5,000, while many dark web scammers are offering courses for a maximum of around $200, based on course content. Some actors have also been seen giving the courses away in free downloads.