A new report
from Privacy Affairs says that cybercriminals on the Dark Web will pay on
average $1,000 for a full range of stolen documents and account details that
enable them to conduct sure-fire identity theft. Your hacked Facebook account
alone goes for $75.
Researchers
went on a data-gathering mission into the dark web to scan marketplaces,
forums, and websites and create an index of the average prices for a range of
specific products. According to the authors, they were only interested in
products and services relating to personal data, counterfeit documents, and
social media.
Highlights
from their findings include:
- As
far as Credit Card Data is concerned, researchers found that a cloned Mastercard
with PIN goes for as low as $15, regardless of the victim’s current balance.
Stolen online banking logins, however, with a minimum $2000 on the account,
sell for $65. - Hacked
payment processing services will fetch a handsome dollar for the seller – up to
$320. - Forged
documents like driving license, national ID cards and passports cost anywhere
between $500 and $1,500. - To
gain access to someone’s social media account, the buyer can spend anywhere
between $49 (for a hacked Twitter account) and $155 (for a hacked Gmail
account). Facebook accounts sell for around $75. Offers to hack accounts or
sell them are also available. - PayPal
account details are the cheapest, and the most common items listed - Malware
for activities like spyware, ransomware or cryptocurrency mining is sold based
on quality and success rate. A low-quality ‘product’ that may not work as
intended and has a low success rate costs around $70. Premium malware, on the
other hand, sells for up to $6,000.
“For the
average person, underground market data isn’t necessarily going to provide much
use as they most likely aren’t shopping around for stolen card data or PayPal
accounts. Though this is true, the prices at which these items sell provide a
powerful perspective. If someone gets their hands on your financial details or
social media credentials, the prices mentioned above is basically what it’s
worth to them. There’s a good chance that you value these things much more than
they do, as to them you’re just another mark for a quick buck,” according to
the report.
To stay out
of harm’s way, don’t give sensitive information over the phone or SMS
(especially if the call/message is unsolicited), check the ATM for any
potential skimming devices before you proceed to use it, don’t recycle
passwords across different accounts and, of course, use a
trusted security solution on all your Internet-connected
devices.