The Dark Web Economy: Where Your Leaked Data Ends Up

Online security is a concern for most modern consumers, and even those who follow best practices and only use reputable sites are still under threat of having data stolen and sold on the dark web.

Most modern consumers are aware of the importance of protecting their personal information online, with security software playing a crucial role in this process.  Only interacting with trusted sites is another key aspect of online safety, but it can be difficult to determine which sites to avoid.

The online gambling industry in the US is a prime example of how consumers can fall into the trap of visiting dangerous sites, with licensed online operations limited, and alternatives offering massive incentives.

While there is a selection of secure and licensed offshore betting sites, many consumers are beginning to play sweepstakes casinos as a safer alternative. Players can enjoy legitimate sites where they can win sweeps coins that can then be exchanged for prizes. Many consumers also look to sites like Trustpilot or independent review sites for advice on the safest sites to search.

The Dark Web

Unfortunate consumers who find they have had data stolen through hacking, data leaks, or other fraudulent attacks often discover that their information has been sold on the dark web. 

The dark web is a side of the internet that works independently from standard search engines, with users accessing it by using specialist software. The anonymity and privacy of the dark web make it a fertile breeding ground for illegal activities, and criminals can buy and sell stolen information there.

How Data is Stolen

There are a number of ways that consumer information can be targeted, with consumers and online operators all carrying the burden of having to operate as securely as possible. The following techniques are commonly used by cybercriminals to obtain secure information that can be used to access accounts and carry out identity fraud.

Data Breaches

Data breaches occur when hackers infiltrate the information stored by online businesses and steal the information of millions of users. This can cover everything from passwords and account details to personal information.

The top sites maintain robust security procedures to minimize the risk of data breaches that not only put customer information at risk but also cause reputational damage to the companies involved.

Malware and Phishing Attacks

Consumers are most at risk from phishing and malware attacks, with criminals attempting to trick them into providing information. This can be done in a variety of ways, including setting up fake sites and tricking people into entering their login details for the genuine site.

Malware can also be used to spy on what consumers are doing, with malicious software being surreptitiously added to devices and allowing cybercriminals access to accounts and to see what users are entering.

Insider Activity

Insider activity is when an employee goes rogue and compromises company security procedures to provide information to outside parties for profit. 

Targeted Data and Its Value

Cyber criminals will target different information for different purposes, with some more valuable than others.

Credit Card Information

Credit card data can be sold for as little as $5 up to around $50, depending on the issuer and available balance. Cyber criminals can then use these cards to buy items online, which can then be sold, to purchase gift cards, or to clone the cards for use in person or at ATMs.

Bank Details

Online banking information can be worth hundreds of dollars to the right people, with prices varying from $200 to $1,000. This information can be used by criminals to transfer funds and make purchases directly from the bank account.

SSNs

Social security numbers can cost as little as $1 to $4, but can gather higher amounts when packaged with other personal information that can then be used to create false identities.

Social Media

Social media accounts can be hacked and sold on for prices varying between $25 and $100, with the fraudsters using them to gain trust and push phishing scams or carry out identity fraud.

Medical Data

Medical record theft is a lucrative business that can earn sellers between $200 and $1,000. This information can be used to carry out insurance fraud, to purchase prescription medication, or to create false identities.

Emails and Subscriptions

Email logins and subscription-based services can earn cyber criminals anything from $1 to $50, depending on what they are selling. Low-value information will typically be packaged in larger bundles, offering better value to those buying it and ensuring a bigger payday.

The Criminals Buying Your Data

There are many uses for stolen information, with different types of criminals lining up on the dark web to purchase packages from the latest data leaks. Criminals who carry out identity theft will commonly purchase information from the dark web before setting up new accounts with the details they receive. This can make it possible for them to open credit accounts, commit tax fraud, and obtain loans in the victim’s name.

Scammers who want to carry out Malware attacks or phishing scams can benefit from using hacked social media accounts, as messages posted and sent to other users will appear to come from a legitimate source. Other ways that sensitive information can be used are by blackmailers to contact the user directly to demand payment to stop them from sharing private or personal information, conversation, or photos.

Money launderers are also able to use stolen financial data to carry out money laundering schemes and evade authorities

Conclusion

The impact the dark web has had on online security cannot be underestimated, with criminals now having an anonymous platform to carry out transactions and deals with other criminals.

This has made it a significantly more dangerous environment for the common consumer, and operators and service providers must channel millions of dollars into maintaining their security procedures.

While there is a risk from internal employees trusted with sensitive data, cybercriminals hacking major organisations and leaking information, or consumers being targeted directly, maintaining best practices will help to minimize the risk of falling victim to fraudulent activity.