For less than $20 cybercriminals could siphon off all the money in your bank account.
Vital personal information hacked from unknowing Australians, which could be used for a variety of crimes, is available right now on the dark web for not much more than a McDonald's Big Mac meal, researchers claim.
Cybercriminals can snap up someone's fullz - the term used on the dark web to describe someone's full credentials - and use it to commit identity fraud, including opening up new lines of credit in the victim's name, taking over accounts, withdrawing cash from banks and other crimes.
READ MORE: Is the dark web really a 'safe harbour' for criminals?
Researchers from Comparitech, a UK-based online security firm, analysed more than 40 dark web marketplaces to see how much identities and bundles of fullz were being sold for.
A complete fullz bundle would typically include some kind of national identity number, name, date of birth, a driver's license number, bank account statements, utility bills and sometimes even scans of passports or licenses.
Americans had the cheapest fullz, averaging just $10.50 per record.
Australians were middle of the table, coming in just under $20, alongside Canadians, Chinese and Singaporeans.
Identities of New Zealanders sold for a little higher, $26 on average.
Japan, the UAE, and many European nations had the most expensive identities at an average of $32.
Comparitech researchers also found stolen credit card data being sold individually or in bulk on the dark web.
Some credit card listings contained "dumps" of data – typically hundreds, or even thousands of credit card numbers, usually from the same source.
READ MORE: Australian accused of running world's biggest darknet site
The details could have all have been collected from a single data breach, or from a criminal operating a scam, like setting up a card skimmer placed on a petrol pump.
The cost of a stolen Australian credit card on the dark web cost on average just over $9.
Most data bought and sold on dark web marketplaces is stolen through phishing, credential stuffing, data breaches, and card skimmers, Comparitech found.
The dark web is an encrypted network that uses the internet, but requires specific software to access. It is designed to ensure the user's anonymity.
How to protect yourself
There's not much you can do about data breaches except to register fewer accounts and minimise your digital footprint.
Watch for card skimmers at points of sale, particularly unmanned ones such as those at petrol stations.
Learn how to spot and avoid phishing emails. Use strong, unique passwords on all of your accounts.
Words: Mark Saunokonoko
Interactive graphics: Orla Maher
from 9News https://ift.tt/3oE2d3n
via IFTTT
0 Comments