Buy A Dark Web Passport Scan For $15

Uploaded on 2018-10-11 in NEWS-Cybersecurity News, GOVERNMENT-Law Enforcement, FREE TO VIEW

A digital passport scan costs an average of $14.71 on the Dark Web, but a scan is all you'll get for that price. Cybercriminals up the cost for scans accompanied by identity verification documents, and you'll pay more than $13,000 for a legitimate physical passport. 

That's the average price of a digital passport scan, and it goes up with proof of identification, a new study finds

Researchers at Comparitech combed the Dark Web in late September to learn more about the selling prices of passport scans. Their search took them across several illicit marketplaces, including Dream Market, Berlusconi Market, Wall Street Market, and Tochka Free Market.

A wide range of vendors are selling passport scans, but only a few specialize in them. There are several ways to sell a passport. The cheapest is an editable Photoshop template, which can be used to create a fake scan by dropping in a photo and passport number. Since passport numbers are sequential, it's not hard to guess a real one, and most companies don't check if the passport number matches its holder, anyway.

Digital passport scans, which are fairly common and available for many countries, are more expensive and are often sold in bulk. Then there are the physical passports, both counterfeit and legitimate.

Consider digital passport scans: It's common for both counterfeit and legitimate scans to come with various forms of identification: a selfie, utility bill, and/or a driver's license, for example. If proof of ID is added to a passport scan, the average price jumps from $14.71 to $61.27.

"The reason for this is because multiple forms of ID are usually required to pass proof-of-address and proof-of-identification checks on websites," said Comparitech editor Paul Bischoff in a blog post.

"These checks are often part of the account recovery process in which a user has somehow lost access to their account and must prove who they are to regain access."

Researchers primarily looked at digital scans and photos of legitimate passports, he wrote. In total, they discovered 48 unique listings for real passport scans, 38 of which did not come with proof of ID. Listings spanned 20 countries, and they learned nationality plays a role in price.

The most frequently listed passport scans came from Australia and the United Kingdom, and Australian passport scans were the most expensive at $32, on average. There was no consistent price correlation between country and cost, Bischoff noted; however, the price did not seem to be based on either the scarcity or power of the country's passport.

Physical passport forgeries are also available; researchers found fake passports for a number of European countries in their search. Most fraudulent passports cost above $1,000. Real, physical passports are both rare and expensive. Most are at least $12,000; the average cost is $13,567.

Why Steal a Passport?
A counterfeit passport could be useful to a cybercriminal in several ways, Bischoff pointed out. Some banks only require two proofs of identification to open a new account. Someone with a stolen passport and driver's license could open an account, access sign-up bonuses, or use it to cash out on different illicit transactions in a "bank drop" scam, he explains.

These forms of ID can also be used to bypass two-factor authentication on websites that require a photo of a physical ID to prove identity. Some companies require account holders to snap a selfie while holding their IDs, which is why digital passport scans cost more with a selfie of the legitimate owner.

Bischoff provided some guidance for people to keep their passports secure. Among his tips: Travel with black-and-white copies of your passport in case you need to provide it (most criminals prefer color scans). Never post photos of the inside of your passport to social media, and refrain from storing it in checked luggage. Don't store passport scans on your device, and don't store it with other documents that could be used to compromise your identity.

Dark Reading:

You Might Also Read:

What Europe Can Do To Catch Dark Web Criminals:

New US Biometric Passport Regulations Will Prevent Entry To Millions:

 

« China Compromises Tech Companies With Malicious Microchips
Oil And Gas Cyber Attacks Soaring »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

SSH Communications Security

SSH Communications Security

SSH Communications Security is a leading provider of enterprise cybersecurity solutions for controlling trusted access to information systems and data.

Seclore

Seclore

Seclore is the most advanced, secure, and automated Enterprise Digital Rights Management (EDRM) solution available.

Cryptus Cyber Security

Cryptus Cyber Security

Cryptus Cyber Security is an Information Security Training company providing advanced training and services to IT Professionals.

Cyberwatch

Cyberwatch

Cyberwatch is a Vulnerability Scanner & Fixer software that helps you to detect and fix the vulnerabilities of your Information System.

Security Network Munich

Security Network Munich

Security Network Munich brings together leading players in the field of information and cyber security through joint research and innovation projects.

Riscure

Riscure

Riscure is a global test lab and tools leader for device security. Core expertise in side channel analysis, fault injection and embedded device software.

Truepic

Truepic

Truepic provides technologies that prevent fraud, identity theft, misinformation, and disinformation caused by generative, manipulated, or deepfake digital content.

Secude

Secude

SECUDE is an established global security solutions provider offering innovative data protection for SAP users.

Redshift Consulting

Redshift Consulting

Redshift is an information management and information security consulting company offering a full range of services from infrastructure design to security assessments and network monitoring.

Corvus Insurance

Corvus Insurance

Corvus' mission is to create a safer, more productive world through technology-enabled commercial insurance.

MENAInfoSecurity

MENAInfoSecurity

MENAInfoSecurity is a regional leader in information security solutions, assurance services and managed services.

Beazley

Beazley

Beazley are a specialist insurer with three decades of experience in providing clients with the highest standards of underwriting and claims service worldwide.

eMazzanti Technologies

eMazzanti Technologies

eMazzanti Technologies provides IT consulting services for businesses ranging from home offices to multinational corporations throughout the USA and internationally.

BlackFog

BlackFog

BlackFog is a leader in device data privacy, data security and ransomware prevention. Our behavioral analysis and anti data exfiltration technology stops hackers before they even get started.

CYDEF

CYDEF

CYDEF provides comprehensive, state-of-the-art cybersecurity protection that is accessible and affordable to organizations of any size.

Department of Homeland Security (DHS)

Department of Homeland Security (DHS)

The Department of Homeland Security has a vital mission: to secure the nation from the many threats we face. Our duties are wide-ranging, but our goal is clear - keeping America safe.

Kubus Hitam

Kubus Hitam

Kubus Hitam are a research-based company focused on cyber security. we strongly believe that innovation and safety are the two keywords for the future business market.

Cambridge International Systems

Cambridge International Systems

For more than 25 years, Cambridge has been fighting bad actors in both the cyber and physical worlds.