• Fri. Aug 18th, 2023

How Much Does Your Personal Data Cost on the Dark Web?

Aug 10, 2023
Dark Web Price for Personal Data
Harper Stewart

The dark web is a vast market for stolen data and personal information, yet not everything there is unlawful. 

The Most Common Information That is Being Sold

How much is your information, though, really valuable to criminals? You might not expect the response. According to a number of variables, certain bits of information may be more useful to thieves.

Here are the top 12 data items traded on the dark web along with a basic idea of its value or potential value:

  • Identification number: $1
  • $5 to $110 with a credit or debit card (credit cards are more common).
  • $5 with CVV number
  • With bank information: $15 Complete info: $30
  • Login information for online payment providers (like Paypal): $20 to $200
  • $20 for loyalty accounts
  • $1 to $10 for subscription services
  • Certificates: $100-$400
  • License to drive: $20
  • US passports cost $100 to $200.
  • Health records: $1 to $1000
  • Logins for non-financial institutions generally: $1

Prices are an assessment and aggregate based on reference materials and the hands-on expertise of Experian cyber analysts over the past two years. Prices can change over time.

Cloned Credit Cards and Cardholder Data

Despite the rising availability, prices for duplicate credit cards and the cardholder information they contain appeared to rise uniformly. The rising hazards of obtaining the information, the growing value of using the report for consumers, the improved quality and accuracy of the card data, or plain old inflation are all plausible causes of the price increase.

Vendors of stolen credit card information typically provide a guarantee of 80%, which means that two out of every ten cards are either wrong or have a balance lower than what is stated. Typically, credit card information and cardholder data are sold in the following formats: 

[CC|MM|YY|CVV|HOLDER_NAME|ZIP|CITY|ADDRESS|EMAIL|PHONE], the first four sections are card details, and the following five sections show the cardholder information.

  • Mastercard clone with PIN – $25
  • American Express copy with PIN costs – $35
  • VISA copy with PIN costs – $25
  • Details of the credit card, a balance of up to $1,000 – $15
  • Transfers from a stolen PayPal account totaling $1,000–$3,000 – $340
  • Verified Western Union account – $45.00

Crypto Accounts

Hacked crypto accounts seem to be one of the most valuable items for purchase. Due to the skyrocketing prices of BTC and other cryptocurrencies, hacked accounts may hold large sums of coin-based currency and cash, protected by simple security measures after the initial verification process.

The high-value accounts matched with abundant BTC ATMs for anonymous cash-out make crypto accounts a very valuable item for hackers.

  • Hacked LocalBitcoins verified account – $350 
  • USA Coinbase verified account – $650

Social Media

Prices for compromised social media accounts appear to be declining on all platforms, whether it’s due to an increase in the supply of stolen data or a decline in the value of a single account. There were also a few offers to hack specific accounts or sell them, though they weren’t common.

Due to the recent increase in security measures implemented by social media platforms (such as MFA, account locks on too many failed password attempts), hackers are forced to use social engineering techniques, which is a very time-consuming process with a low success rate.

The incredibly low cost of social engagement, such as likes and follows, is also important to note. This demonstrates how simple it is for some people to use social proof to gain influence for just a few dollars.

  • Hacked Facebook account – $65
  • Hacked Instagram account – $45
  • Hacked Twitter account – $35
  • Hacked Gmail account – $80
  • Instagram followers x 1000 – $5

Hacked Services

For customers willing to assume the risk, vendors offer access to paid online subscription services at a lower price.

  • Uber driver account hack $14
  • Bet365 account – $50
  • Uber account – $8
  • ZipCar account – $12

Forged Documents – Scans and Physical

Physical and digital copies of forged papers are both readily available. Depending on the manufacturer, they may be manufactured with whatever specifics the customer desires and are very customisable. A crook may produce a whole file of counterfeit official-looking documents with just a few authentic bits of information.

Another worthwhile investment is document scans with a selfie since they may be used in California and the EU for SIM swap attacks and demands for access to personal data.

In addition to the papers indicated in the list below, counterfeit money, particularly in amounts of 20 or 50 USD, is very common. The purported “high-quality” fake currency often costs 30% of the real currency. The most prevalent currencies that we observed were USD, EUR, GBP, CAD, and AUD, some of which also came with a UV pen test guarantee.

  • Minnesota Driving License – $39
  • Utility Bill templates – $20
  • US Business cheque templates – $15
  • NSW (Australia) drivers license – $20
  • Russian passport scan – $100

Email Database Dumps

Due to their widespread availability and poor accuracy, email dumps are highly prevalent and affordable. The majority of email dumps are compilations of prior email hacks.

  • Fake US Green Card – $150
  • 600k New Zealand emails – $10
  • 350k Czech emails – $10
  • 2,4 million Canada emails – $10
  • 4,78 million Mexico emails – $10
  • 380k Austria emails – $10

Malware

Malware grants hackers complete control of the machine once it has been installed on infected systems (such as Windows, Android, and others), which may be used to utilize ransomware to seize control of computer resources or steal user data.

Be cautious while downloading anything from unreliable sources such as warez websites, bogus online casinos, FB/social networks, and other websites.

Hackers have the potential to steal tens of thousands of dollars for every 1,000 installs.

  • Global low quality, slow speed, low success rate x 1000 – $50
  • Europe low quality, slow speed, low success rate x 1000 – $320
  • USA, CA, UK, AU low quality, slow speed, low success rate x 1000 – $900

DDOS Attacks

A distributed denial of service (DDoS) assault sends thousands of connection requests per second to the target website in an effort to overwhelm and crash the server, putting the website down. These assaults often don’t result in data theft, but they can dox a website or mask other hacking activity.

  • Unprotected website, 10-50k requests per second, 1 hour – $15
  • Unprotected website, 10-50k requests per second, 24 hours – $50
  • Unprotected website, 10-50k requests per second, 1 week – $500

How Do Identity Thieves Purchase Stolen Information?

Personal data is often purchased and sold in one of three ways on the dark web:

  • Buy information once, such as a Social Security number.
  • Purchase large quantities of the same sorts of data in bulk.
  • Purchase bundled data; this is the “premium” product for identity thieves because it combines several sorts of information.

What Determines the Price of Personal Data on the Dark Web?

On the black web, the price of information is primarily determined by four factors:

Data type and the need for that data As was already indicated, different kinds of information might have various financial worth.

Data supply: The thieves who acquire and sell stolen information do so in accordance with the economic concept of supply and demand. Particular information is more useful to thieves if it is harder to obtain and so less readily available.

The balance of the accounts: Whether a value in dollars or points, the bigger the amount that can be executed, the more expensive the data will be once it has been stolen.

Limits or reusability: For fraudsters, anything is more valuable if it has a larger limit or can be utilized more than once. Information that can only be used once and has minimal usage or theft limitations is, on the other hand, less valuable.

How to Safeguard Your Accounts and Yourself 

As you can see, it’s becoming more and more crucial for you to secure your online life in the same way that you do your real one. This obstacle could appear to be insurmountable, but with the correct tools and attention to a few guidelines, it’s actually not that tough. Here are three quick ideas to help protect you and your information from hackers: 

1. Never divulge private information over the phone or by email when prompted to do so. A trustworthy company’s employees would never request passwords, credit card information, or anything like. 

2. Steer clear of unsecured public WiFi networks. It is advisable to connect using a VPN and follow our instructions if you still need or want to utilize one. 

3. Use a password manager. It would be beneficial for you to develop strong passwords for each of your accounts and store them so that you never lose track of them again.