Cyber criminals are selling unsuspecting web users’ login details for less than £1 on the dark web.
Account details for big brands have flooded dark web marketplaces in recent months, following a series of data breaches last year.
Now some of these account details are being sold to scammers for pocket change, allowing them to commit identity theft on a massive scale.
Login details for Tesco and Argos accounts are among the cheapest, going for an average of 98p each, according to the research by Virtual Private Network comparison service Top10VPN.com.
Hacked online shopping accounts are mostly used for credit card fraud, as criminals can exploit the stored card details.
Stolen Facebook accounts are considered more valuable, costing criminals an average of £6.96 each.
The value of these login details has increased by 86% in the last year, due into heightened potential for fraud as its users increasingly tether payment details to the site to play in-app games and use the Marketplace.
Netflix logins go for an average of £8.19 – more than the cost of a legitimate subscription. These accounts can be used for identity theft, but are also widely used to stream content cheaply.
But at £31.94 a pop, the most valuable of all are British Airways account details, which allow fraudsters to siphon off points that can be used on multiple airlines.
"Just any like other marketplace, dark web markets are susceptible to the ebbs and flows of supply and demand," said Simon Migliano, head of research at Top10VPN.com.
The biggest tech punishments
"Last year’s serious security breaches involving Facebook and British Airways customers led to vast quantities of personal data flooding these blackmarket sites.
"The high profile nature of these hacks has also created quite the appetite for these stolen account details, meaning that prices have notably jumped since last year too."
He added that storing payment information across a whole range of online accounts – even social media – is now par for the course for the majority of consumers, as it’s simply so convenient.
"The downside is that if a fraudster gains access to one account they then, essentially, have the keys to the kingdom."
He advised web users to use a unique password for each site they use, and use encryption when connecting to public Wi-Fi networks.
Source: Read Full Article