Tag Archives: payment

How much is your stolen data worth on the dark web?

A new report reveals how much cyber criminals are willing to pay for stolen data on the dark web

Ever wondered how much your stolen data could be worth? A new report reveals the market value of all the most common types of stolen data available for sale to criminals on the dark web.

The “Hidden Data Economy” report by Intel Security Group’s McAfee Labs draws on years of close work with law enforcement, and ongoing monitoring of online platforms, communities and marketplaces where stolen data is hidden and sold – such as Alphabay and Crypto Market.

The report provides examples of how different types of stolen data are being packaged, and offers an illustration of average prices for different types of data. A few examples include:

  • Average estimated price for stolen credit and debit cards: $5 to $30 in the US; $20 to $35 in the UK; $20 to $40 in Canada; $21 to $40 in Australia; and $25 to $45 in the European Union
  • Bank login credentials for a $2,200 balance bank account: $190
  • Bank login credentials plus stealth funds transfers to US banks:from $500 for a $6,000 account balance, to $1,200 for a $20,000 account balance
  • Bank login credentials and stealth funds transfers to UK banks:from $700 for a $10,000 account balance, to $900 for a $16,000 account balance
  • Login credentials for online payment services such as PayPal:between $20 and $50 for account balances from $400 to $1,000; between $200 and $300 for balances from $5,000 to $8,000
  • Login credentials to hotel loyalty programs and online auction accounts: $20 to $1,400
  • Login credentials for online premium content services such as Netflix: as little as $0.55

Payment card data is perhaps the most well-known data type stolen and sold. A basic offering includes a software-generated, valid number that combines a primary account number, an expiration date, and a CVV2 number.

Valid credit card number generators can be purchased or found for free online. Prices rise based on additional information that allows criminals to accomplish more things with the core data.

This includes data such as the bank account ID number, the victim’s date of birth, and information categorised as “Fullzinfo”, including the victim’s billing address, PIN number, social security number, date of birth, the mother’s maiden name, and even the username and password used to access, manage, and alter the cardholder’s account online.

Online payment service accounts – like PayPal accounts for example – are also sold on the open market, with their prices determined by additional factors.

The report claims that illegal sellers list adverts in the same way as any legitimate seller would – offering guarantees on stolen credit cards – and forums name and shame “bad sellers” who have sold stolen cards that don’t have offer up what was promised

“Like any unregulated, efficient economy, the cybercrime ecosystem has quickly evolved to deliver many tools and services to anyone aspiring to criminal behaviour,” said Raj Samani, chief technology officer for Intel Security in Europe, the Middle East and Africa.

“This ‘cybercrime-as-a-service’ marketplace has been a primary driver for the explosion in the size, frequency, and severity of cyber attacks. The same can be said for the proliferation of business models established to sell stolen data and make cybercrime pay.”

A selection of credit cards in a fan.

The news coincides with the publication of new figures from the Office for National Statistics, showing that cyber crime is now the UK’s most common offence, with 2.5m incidents in the last year.

Cyber crime was previously excluded from official statistics but its inclusion in this latest report has resulted in an overall surge in crime rates of 107 pc – over double.

The most common cyber crimes, offences committed under the Computer Misuse Act, were where the victim’s device was infected by a virus.

Tagged , , , , , ,

Facebook Messenger is toying with a digital assistant that will help you shop

You can already use Facebook Messenger to pay your friends and chat with certain retailers, but the social network may soon also let you order products and research local services from inside the app.

Facebook Messenger is reportedly developing a digital assistant, according to a report in The Information on Monday. It would allow users to connect with “real people” inside the service, who would research and order products, as well as perform other tasks. The service is currently being called Moneypenny inside Facebook, according to the report, named after the reliable secretary from the James Bond franchise.

Little else is known about Moneypenny at the moment, but its apparent reliance on people on the other end to assist Messenger users means it would operate differently from Siri and Cortana, which may offer several similar features but are far more automated in their approach.

The Messenger team is trying to find ways for people to spend more time in its app. Last year, Facebook frustrated some users when it made Messenger a mandatory download as part of what Mark Zuckerberg calls a “family of apps.”
Messenger currently reports more than 700 monthly active users — up from 500 million last fall — but that figure could be much higher still, given 1.5 billion or so people currently engage with Facebook proper.

Assuming that Facebook launches Moneypenny, it will join the slew of tweaks and updates rolled out over the last eight months, including peer-to-peer payments, chatting with retailersand third-party development.

Tagged , , , ,