Data breaches are often in the news. But what does this mean for the individual and how much are you at risk if your data is stolen?
Annual fraud against individuals in the UK is estimated by Experian to be worth £6.8bn and, as we increasingly move our most valuable information online, savvy fraudsters are following suit.
Research from the personal finance experts at Money Guru shows that the cost of personal data on the dark web has reduced significantly following Facebook’s recent data breach.
Hacked Facebook account details are now being sold on the dark web for as little as £0.77 ($1) which is £2.23 ($2.90) down from Money Guru’s previous findings earlier in 2018. Hacked Instagram accounts are available for as little as £1.91 ($2.50), down £2.89 ($3.80) and hacked Twitter accounts are also available for as little as £0.61 ($0.80), a reduction £1.89 ($2.50).
Facebook
Money Guru discovered tools and guides to help people hack into Facebook accounts available for as little as £1.29 ($1.70) on the dark web.
Instagram
Tools to help people hack into Instagram accounts available for as little as £0.87 ($1.15) on the dark web.
Twitter
Tools to help people hack into Twitter accounts available for as little as £0.87 ($1.15) on the dark web.
Money Guru also found a plaintext database of Twitter account details with millions of emails and passwords available for £31.86 ($41.60).
LinkedIn
All three marketplaces that Money Guru searched (Wall Street Market, Dream Market and Burlusconi Market) were offering ‘164m LinkedIn user records’ i.e. separate pieces of information such as email addresses, names, passwords for only £7.65 ($9.99).
However, it seems that as more data breaches occur, the more aware the general public are becoming of the issue which could be causing the significant price drops of personal data on the dark web. Our research into personal data and how much it's actually worth on the black market is shocking to say the least. It just goes to show how vital it is to protect your data where possible to avoid facing costly consequences.”
A scammer could buy your credit card and debit card details, all your online banking logins, passwords as well as your PayPal account information. This puts you at risk of having your money and even your identity stolen.
Online shopping (Amazon prime, Groupon, eBay, Tesco)
These details could be used by someone to make a purchase on your accounts. They could use the information as a stepping stone to finding out more about the owner of the account to acquire more lucrative information.
Travel (Airbnb, British Airways, Uber, Expedia)
Accounts like Expedia and British Airways use points which can be used to redeem air miles and travel bonuses which could be transferred to the criminal’s account. As with online shopping, these accounts act as a start-point to find out more about the owner for nefarious purposes including identity theft.
Entertainment (Apple ID, Netflix, Spotify, Tidal, Steam
Understandably, the most expensive of these examples is an Apple ID which contains a whole host of information valuable to fraudsters. As for the rest, it enables access to free entertainment as well as password clues to other accounts associated with these accounts.
There are few better ways to gain insight into someone’s life than their social media accounts. These details are frequently stolen to sell to companies with little scruples about targeted advertising. It’s also a fast track to identity theft as they can take control of your accounts, lock you out and cause serious reputational damage in a short space of time.
Email and communication (AOL, Gmail, Hotmail, T-Mobile)
Being able to access emails and communications data provides fraudsters with a huge amount of information about their target. This is especially true of business accounts where confidential information could be being shared. It also offers a jump off point for a spear-phishing – where a malicious actor tries to gain the credentials to more valuable accounts via social engineering and malware.
Annual fraud against individuals in the UK is estimated by Experian to be worth £6.8bn and, as we increasingly move our most valuable information online, savvy fraudsters are following suit.
Research from the personal finance experts at Money Guru shows that the cost of personal data on the dark web has reduced significantly following Facebook’s recent data breach.
How Much Is Your Data Worth Now?
Your data, which can include everything from banking details to social media logins, is worth less than you might think to hackers and scammers.Hacked Facebook account details are now being sold on the dark web for as little as £0.77 ($1) which is £2.23 ($2.90) down from Money Guru’s previous findings earlier in 2018. Hacked Instagram accounts are available for as little as £1.91 ($2.50), down £2.89 ($3.80) and hacked Twitter accounts are also available for as little as £0.61 ($0.80), a reduction £1.89 ($2.50).
Money Guru also found a plaintext database of Twitter account details with millions of emails and passwords available for £31.86 ($41.60).
Gmail
Money Guru found tools to help hack Gmail, commit phishing attacks and bypass phone verification available on the dark web for as little as £0.87 ($1.15).Using Your Data Against You
Deborah Vickers, channel director at MoneyGuru. said; “Our social media accounts put our lives under a microscope and these details are frequently stolen and sold to unscrupulous companies so they can target you with advertising. By using your data against you, criminals can lock you out and take control of your accounts, which could cause serious reputational and financial worry.Related: How Secure is Social Media Really?Rather concerningly all three dark web markets that we researched (Wall Street Market, Dream Market and Burlusconi Market) are currently offering ‘164m LinkedIn user records’ including separate pieces of information such as email addresses, names, passwords for only £7.65 ($9.99).
However, it seems that as more data breaches occur, the more aware the general public are becoming of the issue which could be causing the significant price drops of personal data on the dark web. Our research into personal data and how much it's actually worth on the black market is shocking to say the least. It just goes to show how vital it is to protect your data where possible to avoid facing costly consequences.”
So What Data Can Criminals Buy On The Dark Web, And How Much Are You At Risk?
The marketplaces Money Guru searched were ‘Dream Market’, ‘Burlusconi Market’ and ‘Wall St Market’ (three of the most popular current markets since the fall of the Silk Road) all of which provide goods including:- Personal Data
- Fraud Kits & Instructions
- Counterfeiting Supplies & Services
- Illicit Drugs
- Weaponry
A scammer could buy your credit card and debit card details, all your online banking logins, passwords as well as your PayPal account information. This puts you at risk of having your money and even your identity stolen.
Online shopping (Amazon prime, Groupon, eBay, Tesco)
These details could be used by someone to make a purchase on your accounts. They could use the information as a stepping stone to finding out more about the owner of the account to acquire more lucrative information.
Travel (Airbnb, British Airways, Uber, Expedia)
Accounts like Expedia and British Airways use points which can be used to redeem air miles and travel bonuses which could be transferred to the criminal’s account. As with online shopping, these accounts act as a start-point to find out more about the owner for nefarious purposes including identity theft.
Entertainment (Apple ID, Netflix, Spotify, Tidal, Steam
Understandably, the most expensive of these examples is an Apple ID which contains a whole host of information valuable to fraudsters. As for the rest, it enables access to free entertainment as well as password clues to other accounts associated with these accounts.
Also Read: Tech Hacks - How to Stay Invisible OnlineSocial media (Facebook, Reddit, Instagram, Pinterest, Twitter)
There are few better ways to gain insight into someone’s life than their social media accounts. These details are frequently stolen to sell to companies with little scruples about targeted advertising. It’s also a fast track to identity theft as they can take control of your accounts, lock you out and cause serious reputational damage in a short space of time.
Email and communication (AOL, Gmail, Hotmail, T-Mobile)
Being able to access emails and communications data provides fraudsters with a huge amount of information about their target. This is especially true of business accounts where confidential information could be being shared. It also offers a jump off point for a spear-phishing – where a malicious actor tries to gain the credentials to more valuable accounts via social engineering and malware.
