Top10VPN has been monitoring how much your personal data is worth to a cybercriminal. The
results are astounding.
Top10VPN has the full report here. Personal data is gold – it is an interesting read. Following is a curated version.
Amazon has shot up to $30.36, a 237% increase y-o-y. Hackers with stolen Amazon accounts can
lock out the legitimate owners and go on spending sprees with the stored credit
card, and often buy gift cards which they can then redeem on their personal accounts. We can only speculate that the
personal information it gathers is now more invasive and pervasive.
Price depends on what that personal
Email addresses allow spoofing. But there are billions of compromised email addresses and passwords, so Collection #1 and Collection #2-5 are free as most of the gold is long gone.
Hacked accounts from Apple, Airbnb, Fortnite, Netflix and
Uber go for under US$15 each. There is little gold there.
Credit Card numbers allow monetisation and can go for up to
$260 for an active card. Cybercriminals pay well for PayPal, Western Union and Moneygram.
Passport numbers ($18.45) start to enable identity theft and
illegal immigration. So to do other forms of ID like drivers licences ($27.62)
or other proofs of identity ($16.52) are
Entertainment hacks range from $1.53 to $15.04 if they work –
most entertainment accounts allow multiple logins.
“Just any like other marketplace, dark web markets are susceptible to the ebbs and flows of supply and demand. Last year’s serious security breaches involving Facebook and Best Buy customers led to vast quantities of personal data flooding these black-market sites. The high-profile nature of these hacks has also created quite the appetite for these stolen account details, meaning that prices have notably jumped since last year too.
Migliano says this is a highly – and understandably –
worrying situation for customers who might have been
caught in these hacks. Storing payment information across a whole range
of online accounts – even social media – is now par for the course for most
consumers as it’s simply so convenient.
The downside is that if a fraudster gains access to one account, they then have the
keys to the kingdom.
Games and entertainmetn are a huge target
Streaming services and online multiplayer games continue to
dominate our leisure time. Hacked Fortnite accounts are actually more appealing for using stored credit cards to splurge on
highly desirable in-game perks than for broader fraudulent schemes.
Get a good VPN – this will protect your personal data on public networks
Use a password manager – These are a cheap and
effective way to make sure your accounts have unique (and therefore stronger)
Delete your old accounts – these accounts are
useless to you but a treasure trove to hackers
GadgetGuy’s take – stop sharing – think!
Anyone with an email address has a dark web profile. Its value
depends on how much personal data is in there and how regularly it is updated.
Cybercriminals use machine learning and AI to correlate data from various sources
and provide rankings on what profiles to exploit next.
Believe me – my name was on the Sheraton/Starwood breach and its taken me perhaps a hundred hours to recover and change all passwords and regain use of my web-mail account. Now that is done I am ever vigilant.
I would go one step further and reissue a warning in the strongest
terms to stop oversharing data. Facebook,
LinkedIn, Instagram, Twitter and hundreds more social media sites collect and monetise
or sell user data.
How to stop oversharing or #DeleteFacebook
Think, or more specifically, think ahead.
Why is someone asking for that data? If it’s not necessary to the ‘transaction’ then go elsewhere.
What is the ripple effect of the piece of information you are about to share?
Would you like your mother, children, partner/spouse, boss and any other relevant person knowing what you are about to divulge?
Think about your information in the public domain today, and think about its impactt decades from now.
Still OK with it? Then wait and think again. Time, consideration and reflection are the antidotes to oversharing – use all three.