Your Data is for Sale

If data theft is on the increase lately, it’s because there is a market for it


Houssem Sadki

2 years ago | 3 min read

Photo by Clint Patterson on Unsplash

I douted writing about this particular subject, maybe because I am afraid of how people are going to take it or even the fact that I might be accused that I have done it myself.

Rest ensured that it’s not the case, I was a victim just a month ago as I was hacked and almost went broke if I hadn’t coughed it on time of course with the assistance of a friend of mine that works in cybersecurity.

Had this not been the case, I could’ve ended up losing all my savings cause Mr.hacker felt the urge to buy the services of a stripper and an iPhone 12 among other things.

The Dark Web is full of personal information offers for sale.

From stolen credit card numbers to hijacked Paypal accounts to hacked social media access, all sensitive data attracts hackers and most often resells for a fistful of dollars online.

Today, many bad guys hire cyber mercenaries to launch a denial of service (DDoS) attack, buy malware, forged documents, or even commit identity theft.

But how much of your personal information is being exploited on the Dark Net?

Privacy researchers sifted through lists of what lies in the internet’s slums and created an overview of the average prices on the internet’s dark sides for stolen personal data.

Promos on bank cards

The Dark Web Price Index 2020, which is the price list of various types of personal information stolen, shows that an American Express card, for example, cloned with a PIN code is at the top of the list of payment cards at 35$.

Credit card information typically only sells for 12–20 $, while online bank account information with a minimum balance of US $ 2,000 can sell for an average of 65$.

Social networks do not pay

Surprisingly, offers to hack social media accounts are not a commonly cited item according to the report which attributes this to the security measures reinforced by social media platforms, as well as low demand.

Indeed, it can be said without too much doubt that the price of your information on underground markets is governed by the age-old diktats of supply and demand. And when they are offered, prices rarely exceed tens of dollars.

The Lowest Cost & Most Effective Path to Better Cybersecurity | Data Driven Investor
Among the many challenges organizations face in 2020, cybersecurity (or the lack thereof) has dominated the news cycle…

Paypal and Gmail: the hacker’s grail

On the contrary, when it comes to payment processing services, PayPal accounts are by far the most popular.

However, stolen accounts are cheaper than actual transfers from compromised accounts.

It’s interesting enough that a transfer between 1,000$ and 3,000$ costs an average of US $ 320, while transfers over 3,000$ cost about half that,156$.

On the other hand, Gmail accounts have a relatively high resale value, averaging $ 156.

This can be explained by the fact that many people use single sign-on options, which means that a compromised email account could open up a whole trove of data and access to various other services.

This is how the one that hacked(ish) me had access to my bank account and started treating himself as he pleases and thank god I called up my friend to stop him or her from going deeper into my pockets.

Pirate for hire

More surprisingly, cybercriminals also offer their services for hire.

Prospective buyers can compare DDoS attack prices based on the size and duration of the attack, starting as low as 10$ and going up to over 800$.

Hackers also offer various forms of malware for sale at prices ranging from 70$ to 6,000$ depending on various factors.

Some tips to protect yourself as well as possible

While the bulk of sensitive data spoofed comes from large-scale data breaches that have plagued countless businesses over the years, there are many simple steps you can take to protect yourself.

For example, beware of phishing attacks that target your login credentials or bank details. Instead of using easily remembered passwords, opt for an entire passphrase: strong and unique, different for each account.

It is fundamental to adopt multi-factor authentication whenever it is available.

Never use an unsecured Wi-Fi network to access accounts where your sensitive data is located. Use data breach notification services to find out if your data has been stolen in a known data breach.

Finally, never underestimate the value of a multi-layered security solution and make sure it is up to date …

Gain Access to Expert View — Subscribe to DDI Intel

First published here.


Created by

Houssem Sadki

Navy Hydrographic Engineer and GIS Specialist and looking to become adata scientist







Related Articles