Fake Cybersecurity Certifications to Avoid

0
2328

It is an unspoken fact that fraud is the only constant factor in this ever-evolving world. Employers and professionals constantly fall victim to fake certifications. This can lead to undesirable consequences, especially when dealing with certified” cybersecurity professionals. It dawned upon me that not all credentials are created equal when I was building my company’s training plans in Bangalore, which included programs in diverse fields of Big Data, Cybersecurity and even AI. The ensuing research led me to many fake organizations that were simply unrecognized and most of them claimed to be US organizations, when sadly, they are all not!

This made me realize that many had been fooled into thinking that these fake credentials will help them in their career. The truth is, they do not. I am sharing this research for the community so that innocent cyber enthusiasts are not hoodwinked into pursuing any of these worthless “certifications” when it is not even worth the paper it is printed on.

In my research, I found that what separates real certifications bodies from the “look-a-likes” are 10 Key Factors. Anyone that wants to pursue a certification, should look at these criteria before deciding to pay a single dollar:

  1. Accreditation Standard – Are they self-accredited or is there a global body accrediting them? Such as ANSI/IEC/ISO 17024. Any company that does not have this is simply dishing out paper without a global standard, period!

  2. Real Jobs – Do any of these “certs” have real jobs associated with them? Do a simple search on major job portals before you pay a single penny.

c) Recognition – Does the United States Department of Defense recognize them? They are one of the few military organizations that actually select world class certification providers. Check out the vendors approved under the Department of Defense Directive 8570/8140.

  1. Global Followers – How many (real) people actually display their credential on Social Media – like LinkedIn. Just look at how many people follow the company.

  2. Real” Global Training Calendar – Do they have a real calendar or are they dreaming up global cities and just adding them to their website to make them look global? Are they guaranteed to run? Are there real testimonials? Speak to some of the past attendees so that you know these are real people.

  3. Global Partners – Do they have global partners that will deliver the classes? Are they properly licensed to do so from the respective authorities in their regions? Are they real or are they “virtual” providers?

  4. Program Outline – Do they have a clear program outline that can be evaluated on their website? Do you actually learn anything from it?

  5. Continuing Education Program (CPE) – Do they have a recognized CPE program? Almost all quality certification providers have comprehensive systems and programs to manage their CPE credits.

  6. Global Workforce – Do they have a real global workforce or are they based in just one country? This is one of the best test to determine if they are a global company.

  7. Do they have qualified Instructors? Who are their instructors? Are they qualified? Do they have real world experience? What about their evaluation score?

There is also another good article on this topic that you can read here.

With these criteria in mind, I am listing the most bizarre of all, fake cybersecurity certification businesses that are completely fake. (Feel free to research this and come to your own conclusions)

Top 3 Fake Cybersecurity Certifications in 2020

  1. Rocheston Accreditation Institute

For example, while doing my research I came across an institute named Rocheston Accreditation Institute which offers courses in cyber security. Their profile attracted me and they looked very genuine to me, at first. But this did not last long. When I started digging more I found some weird stuff. The institute was also in the business of awarding awards to restaurants! When I started to look at the accreditations the company held, I couldn’t find anything. They call themselves as an Accreditation institute, but they are not accredited by any government agency in the world to do that.

I also found this company selling these certifications while having a side business of selling donuts, coffee, free pirated movies (via their Rocheston TV).

If this was not ludicrous, I came across one of their videos online where they showcase their courseware. It was nothing but graphically plagiarized content from the internet and a free 52 deck gold plated playing cards for the students ! I am not sure if they were truly expecting cyber security professionals to learn poker, but I felt that this was done in poor taste.

I think the leadership that is running this business is clearly outright crazy.

The courseware doesn’t have real cyber labs or technically comprehensive courseware either. Their video showcased a iphone like boxed casing for their book which had an “IOT Kit” purchased from the internet and slapped with their sticker and of course, not to forget their free playing cards! See the video for yourself here.

In case you are robbed of laughter in your life, don’t forget to see the playing cards at 9:27 as it might be a cure

The courseware seemed to emphasize on its packaging (which I must admit, is nice) rather actual content for the technical folks.

It seems that fake Companies like Rocheston will do anything to make money, issuing worthless distinguished CEO awards, distinguished restaurant awards, distinguished company awards, distinguished lawyer awards and even a distinguished doctor award!!!!!

OMG!!!!

2. Rocheston Accreditation Institute

Rocheston Accreditation Institute

Care for a Free Coffee and Donuts, with your Cyber Certification?

Perhaps some plagiarized Movies with that certification of yours?

Rocheston Accreditation Institute

 

This company is clearly operated out of Madras ( Now known as Chennai, India).
This certification company awarded a native language movie director a certification too !

Watch it yourself!

10 Key Factor Score
(to qualify for a valid certification body):

0/10


Bogus Test Result: Certified Bogus (and [email protected] too!)

 

 

Rocheston Accreditation Institute

After all this, it appears that one academic institution fell prey to this scam – APIIT of Asia! Apparently, it is an accredited institute but it is obvious, no one in their school actually did any due
diligence whatsoever
as this is such a disservice to their students!

 

  1. Ankit Fadia Certified Ethical Hacker (AFCEH)

Here is another individual who is preying on poor, uneducated citizens. He is famous for being a plagiarist and here is yet another example of him passing of his “so-called” certification as a Certified Ethical Hacker. A quick google search showed that this certification belonged to another global certification body, EC-Council that is based in Albuquerque, USA.

 

The most damming example of his exposè is when Charles Assisi (who was editor of CHIP India at the time when it was “apparently” defaced by Ankit Fadia and who supposedly offered Ankit a job, denied that such an incident ever took place after verifying with his predecessor and successor at the magazine as well) wrote a piece about him with a “tongue in cheek” writing format. I doubt there is anything else to say.

http://www.forbesindia.com/article/beyond-business/ankit-fadia-revealed/34793/1

Ankit should perhaps get out of the business of selling certificates and focus on selling his plagiarized books that he is great at doing.

10 Key Factor Score
(to qualify for a valid certification body):

0/10


Bogus Test Result: Certified Bogus

 

3. Star Certification

The first thing that this company sells you is how big they are!

Question: How do call yourself the largest (with an L) software programming language, cyber security & disruptive technology certification body in the world without offering any evidence of this? A call to many of my associates and contacts yielded no results as to who they were and what they do. You may want to read this.

The simple “Litmus Test” to determine if a Certification is bogus or real will tell you that these guys are fake. Literally no real companies are asking for their cert, they do not have the IS0 17024 Accreditation, and neither does any real government recognize them (like the DoD 8570 directive)

A quick research on the internet show that the person behind this scam is non other than the founder of IANT – A low cost provider of technology training in India. STAR always claimed that they were “American” until one of their students that was cheated published an article on LinkedIn. With some research, I found an article from a victim. Read it and make up your own mind. They have probably “borrowed” (stolen?) STAR from a real certification body called the Cloud Security Alliance which has a real STAR certification!

It was only after this outcry of their ex-student that Mr. Kherani finally admitted to being the founder of STAR out of Ahmedabad, India while passing on the baton of IANT to his wife.

Would any legitimate certification “body” in the world plan to hoodwink its customers by claiming it to be “American” when it is not? This is nothing more than family business. Why would he not come clean and admit that this is an indian company that wants to sell its paper certs? Why call yourself American?

Star owner Mr.Kherani claims to he’s an Indian entrepreneur who has a certification body, then why is he trying to project his certification business as an American one.. Is it the famous “American hangover”?

Just like Rocheston, they too seem to be opening an office in
London soon 

It seems like all these guys want an office in London for some
reason!

A good bedtime read is the response of the CEO of Star Certification to the victim. It is a MUST READ !

His “American” English is pathetic, and his response should make you truly sick to your stomach. How can these guys actually make anyone believe that they are a “US Based” certification company?

10 Key Factor Score
(to qualify for a valid certification body):

1/10


Bogus Test Result: Certified Bogus

 

10 Pointer Checklist to identify FAKE CERTIFICATIONS

FAKE CERTIFICATIONS

 

AFCEH

STAR

ROCHESTON

ACCREDITATION STANDARDS ANSI/IEC/ISO

Nil

Nil

Nil


DoD 8570

Nil

Nil

Nil


Real Jobs Available

Nil

Nil

Nil


Recognition

Nil

Nil

Nil


Genuine Global Followers

Nil

Nil

Nil


LinkedIn Followers

Nil

1954

600

Global Training Calendar

Nil

Nil

Nil

Global Partners

Nil

Nil

Y

Continuing Education Program (CPE)

Nil

Nil

Nil

Real Certified Instructors

Nil

Nil

Nil

Program Outline

Nil

Y

Nil

Global Workforce

Nil

Nil

Nil

Conclusion

There are many other fake market players – HackersEra, Seed Infotech Ltd., Ecademy, Ucertify, Cyber Warfighters Group Inc are just a few in a long list of business that are trying to prey on those who are unaware! The list was long, but none of them were recognized or reputed ones. I realized that these marketers truly know the nerves of people who get attracted by their attractive schemes and discounted educational program. They failed to realize that at once they can obtain this certification at a lesser cost, but the certification they hold is of no value. It will not fetch them good jobs.

None of them have any accreditations to their credit, no certifications to match with known cyber sec titles in the job market.

Cyber Warfighters claims to have Federal Certifications like HUBZone (Historically Underutilized Business Zone, SBA WOSB – Women owned small business, but no relevant cybersecurity accreditation.

The risk with these providers is that they lack serious standards and frankly, most of them are not worth the paper they are printed on!

I will continue to do my research to ensure only the best programs are identified for our company.

LEAVE A REPLY

Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.