Verizon’s annual data breach report states that 86% of personal data breaches are about money, and 55% are committed by organized criminal groups. And with the amount of money they can make, they are not going anywhere anytime soon.
After stealing your personal information, hackers organize it in a database that they monetize in various ways.
They can use the data themselves.
Hackers could profit from your stolen personal information by exploiting it to make transactions or perpetrate fraud, such as:
Withdrawing money from your bank account
Obtaining new credit cards
Making online purchases
Borrowing money from the bank or your friends and family
Making fraudulent health insurance claims
Paying off their debts
Hackers may sell your personal information to other criminals
Another way hackers profit from stolen personal data is by selling it in masses to other criminals on the black market for thousands of dollars. Buyers can purchase the stolen data they are interested in and use it for their malicious activities.
For instance, personally identifiable information such as names of breach victims, their Social Security numbers, home addresses, and dates of birth can be used to make fraudulent transactions.
Buyers can also clone credit card numbers and security codes and use them for identity theft. The buyer can, for example, apply for loans in the victim’s name or file false tax reports. And they can use stolen emails in phishing attacks, social engineering tactics, and DDoS (distributed denial of service) attacks.
How Much Do My Hacked Accounts Cost?
According to the Dark Web Price Index 2021 by Privacy Affairs, cybercriminals can make quite a profit from hacked personal data.
Everything from credit cards to Netflix accounts is up for sale on the dark web.
Financial Accounts
To get stolen credit card details with an account balance up to $1,000 costs $150. Credit card details with an account balance up to $5,000 cost $240.
A bank account with a minimum of $2,000 will only cost a cybercriminal $120 to obtain the login details. And stolen PayPal account details with a minimum of $1,000 also cost $120.
To transfer money from a stolen PayPal account with a balance of $1,000 – $3,000 will cost a cybercriminal $340, while to transfer money from a stolen PayPal account with a balance of $3,000 only costs $180. And to obtain the login information from 50 hacked PayPal accounts costs $200.
Western Union transfer from stolen accounts above $1,000 costs a mere $45. A verified Stripe account with a payment gateway goes for $1,000.
One of the most valuable accounts on the dark web is crypto accounts. A hacked and verified Kraken account goes for $810, a hacked and verified Coinbase account goes for $610, while a hacked and verified Cex.io account costs $410.
Social Media Accounts
Social media and email accounts vary between $35 and $80.
A hacked Twitter account costs $35, while you can pay up to $80 for a hacked Gmail account.
To get a thousand followers, likes, or shares for your social media accounts varies between $1 and $25. For instance, hackers ask for as little as $5 to buy 1000 followers for your Instagram account, and the same following costs $2 for Spotify.
The price of an email database with up to 4.78 million emails can go for as low as $10. Private USA dentists database with 122k emails goes for $50. And the USA Voter database from various states costs $100.
Scans of Documents and Physical Copies
Passports are also one of the most expensive items listed on the black market index. The highest physical (Maltese) passports can fetch a whopping $6,500, while the lowest (Lithuanian) passports go for $1,500. For a physical forged national I.D., hackers ask as low as $50 (Newjersey ID), but in some cases, up to $500 (Latvian ID).
Prices for forged copies of driver’s licenses of different states vary between $20-$100. A U.S. driver’s license goes for $100, while an Australian driver’s license only fetches $20.
Hackers ask for $8 for a hacked Uber account and $14 for a hacked Uber driver’s account.
U.S. valid social security number goes for $2.
An eBay account with a high reputation (1,000+ feedback) might reach $1,000. While a fake U.S. Green Card sells for $150.
What You Can Do to Protect Yourself
To prevent your personal information from ending up on the black market, follow these basic guidelines.
Use a Strong Password
Use a password manager to help generate strong and unique passwords for each one of your social media accounts.
Generic passwords such as your birth date or the name of your first pet are easy to crack.
Make sure your passwords are long (at least 16 digits) varied with letters, numbers, and symbols.
Enable multi-factor authentication
Enabling multi-factor authentication on your accounts means that if hackers can access your login details, they’d not be able to access your account with just the passwords.
This is because multi-factor authentication requires a password plus something only you have access to — like a backup code, tapping a number on your screen, or a text message sent to your phone.
Be wary of public WiFi.
Avoid accessing sensitive accounts while you are on public WiFi. According to a study conducted by Kaspersky Security, nearly a quarter of the world’s public WiFi hotspots don’t use any encryption.
We found our personal data on the dark web. Is yours there, too?This is why hackers often target users on public WiFi to steal their login details. Suppose cybercriminals can access the login information of one of your online accounts. In that case, they can use brute force to crack the passwords of your other accounts and steal money or sensitive personal information.
Always use a VPN and a robust antivirus with a firewall while browsing on public WiFi so your data can be encrypted while in transit.
Be careful while browsing online.
Change the default privacy settings on your devices. And always clear or disable your browser cookies. You should also limit the information you share on social media. For instance, don’t use your full names on your social media accounts. And always read the terms and conditions before using an application or service.
Conclusion 👨🏫
As discussed earlier, data breaches are about money which means hackers are here to stay.
Cybercriminals will continue to target remote employees. And the growth of 5G will expand the bandwidth of connected devices, making them more vulnerable to cyber-attacks.
These reports show the importance of keeping your valuable data and personal information private and secure.