Stolen Online Account Info Now More Valuable than Stolen Credit Card Details

March 2, 2016

You should be aware that criminals are now less interested in your credit cards and other “personally identifiable information” and more keen on exploiting your online accounts. As security firm Tripwire informs us in their State of Security blog, “Stolen Uber, PayPal Accounts More Coveted than Credit Cards on the Dark Web.” Writer Maritza Santillan explains:

“The price of these stolen identifiers on the underground marketplace, or ‘the Dark Web,’ shows the value of credit cards has declined in the last year, according to security firm Trend Micro. Last week, stolen Uber account information could be found on underground marketplaces for an average of $3.78 per account, while personally identifiable information, such as Social Security Numbers or dates of birth, ranged from $1 to $3.30 on average – down from $4 per record in 2014, reported CNBC. Furthermore, PayPal accounts – with a guaranteed balance of $500 –were found to have an average selling price of $6.43. Facebook logins sold for an average of $3.02, while Netflix credentials sold for about 76 cents. By contrast, U.S.-issued credit card information, which is sold in bundles, was listed for no more than 22 cents each, said CNBC.”

The article goes on to describe a few ways criminals can leverage these accounts, like booking Uber “ghost rides,” or assembling personal details for a very thorough identity theft. Pros say the trend means service providers to pay closer attention to usage patterns, and to beef up their authentication processes. Specifically, says Forrester’s Andras Cser, it is time to move beyond passwords; instead, he proposes, companies should look for changes in biometric data, like phone position and finger pressure, which would be communicated back to them by our mobile devices. So we’re about to be even more closely monitored by the companies we give our money to. All for our own good, of course.

 

Cynthia Murrell, March 2, 2016

Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph

Comments

Comments are closed.

  • Archives

  • Recent Posts

  • Meta