Posted by Mumbai: Data and identity theft is among the most common form of cybercrime over past many decades. And its a known fact, cybercriminals and hackers sell these stolen information and data in the Dark Web.
But not many people know what could be cost of such stolen data remains. A new Dark Web study has found that although the digital identity is an important asset for cybercriminals but it actually doesn’t fetch much real value in terms of dollars. The stolen digital identity of users could be sold in less than a $50, according to Kaspersky Lab research.
It also uncovered an appetite among cybercriminals for data stolen from popular services – including via social media accounts and remote access to gaming websites.
User confusion about what their data is worth could result in a haphazard approach to security, making it all too easy for thieves to steal data and commit crime. Data stolen due to people’s lax security may have limited resale value, but can be put to many uses.
This can cause huge problems for an individual victim, who may lose money and their reputation, find themselves being chased for debt that somebody else has incurred in their name, or even suspected of a crime that somebody else has committed using their identity as a cover.
Kaspersky Lab investigated Dark Web markets to find out how much personal data is worth, and how it is used by criminals.
The company’s researchers found that criminals can sell someone’s complete digital life for less than $50; including data from stolen social media accounts, banking details, remote access to servers or desktops, and even data from popular services like Uber, Netflix and Spotify, as well as gaming websites, dating apps, and porn websites which might store credit card information.
Meanwhile, researchers found that the price paid for a single hacked account is lower, with most selling for about $1 per account, and with criminals offering up discounts for bulk-buying.
The most common way criminals steal this sort of data in the first place is via spear phishing campaigns or by exploiting a web related security vulnerability in an application’s software.
After a successful attack, the criminal gets password dumps which contain a combination of emails and passwords for the hacked services. And, with many people using the same password for several accounts, attackers might be able to use this information to access accounts on other platforms too.
Interestingly, some criminals selling data even provide their buyers with a lifetime warranty, so if one account stops working, the buyer will receive a new account for free.
It is clear that data hacking is a major threat to us all, and this applies at both an individual and societal level, because stolen data funds many social evils, said David Jacoby, Senior Security Researcher – Kaspersky
Fortunately, there are steps we can take to Your digital identity could be on sale for less than $50 – new Dark Web research from Kaspersky Lab shows prevent it, including by using cybersecurity software, and being aware of how much data we are giving away for free – particularly on publicly available social media profiles, or to organizations, added Jacoby.
(Image source – Flickr.com)