Growing up, my mother always told me that you can’t put a price on love. And while that may still hold true, you can certainly put a price on the illegal obtainment of personal information on the dark web. With the influx in cybercrime activity both before and since COVID-19 and the increasingly online presence of everyday citizens, identity fraud has surged as the costs of stolen information drop.
Privacyaffairs.com lists some of these prices in their Dark Web Price Index:
- Online banking logins cost an average of $40
- Full credit card details, including associated data, cost $14-$30
- A full range of documents and account details allowing identity theft can be obtained for about $1,000
For a long time now, the dark web has been a prime e-commerce location for fraudsters looking to purchase credentials. Brian Riley, Director of Credit Advisory Service at Mercator Advisory Group, explained that “Technology makes our life more comfortable, but it brings risk. Identity theft is a perfect example. As we open doors for e-commerce and online banking, new opportunities for criminals come simultaneously.”
For criminals looking to really take on a new identity, they can spring for the forged documents package, which includes items such as passports, auto-insurance cards, and driver’s licenses. After all, matching credentials are all the rage in criminal couture this season.
So, what is your total net worth to these criminals? Let’s tally it up:
- Stolen online banking logins with a minimum of $100 in the account ($40)
- Hacked Facebook account ($45)
- U.S. Driver’s License, high-quality ($400)
- Stolen credit card details ($25)
- Europe national ID card, high-quality ($500)
- Total: $1,010
With many people living paycheck to paycheck, they may be worth more to these fraudsters than what is in their personal bank accounts. For $1,010, a fraudster can take on a brand new identity. If the criminal wants to get a little fancy, they can even switch the European ID for a U.S. passport, costing them an additional $4,000. This brings the worth of the identity theft victim up to $5,010 and gives the cybercriminal enough data and documents to complete most fraudulent transactions.
“When you tie several of these items together, you have more than just access to personal financial data,” warned Riley. “You have the ability to create a synthetic identity that can not only disrupt the life of the victim but challenge the irrefutability of the payment network.”
This warning should not be taken lightly, as stolen information is surprisingly easy to obtain. In a recent PaymentsJournal article, Andrew Shikiar, Director & CMO of FIDO Alliance, explained that “automated at scale on a range of websites and applications, fraudulent log-in attempts are growing rapidly in no small part due to a reported 15 billion stolen user credentials from 100,000 breaches. The exposure could be any of a number of accounts in the online payment process.”
It is more important now than ever for the general public to be aware of just how prevalent the threat of identity theft is. But more importantly, they must understand how they can mitigate that threat through due diligence in all aspects of their everyday lives.