What's Your Digital Data Worth?

Your complete digital life, including data from your social media accounts, banking and credit card details, can be sold by cyber criminals for less than $50.

Researchers at Kaspersky Lab, a leading cybersecurity company in Russia, found that while our identity may not be worth a lot in terms of dollars, it is a significant asset to criminals in other ways. The research uncovered an appetite among cybercriminals for data stolen from popular services, including via social media accounts and remote access to gaming websites. 

User confusion about what their data is worth could result in a haphazard approach to security, making it all too easy for thieves to steal data and commit crime.

Data stolen due to people's lax security may have limited resale value, but can be put to many uses.
This can cause huge problems for an individual victim, who may lose money and their reputation, find themselves being chased for debt that somebody else has incurred in their name, or even suspected of a crime that somebody else has committed using their identity as a cover. 

Kaspersky Lab investigated Dark Web markets to find out how much personal data is worth, and how it is used by criminals.
The dark web, also referred to as the darknet, is an encrypted portion of the internet that is not indexed by search engines. These networks use the internet but require specific software, configurations, or authorisation to access. 

The researchers found that criminals can sell someone's complete digital life for less than $50; including data from stolen social media accounts, banking details, remote access to servers or desktops, and even data from popular services like Uber, Netflix, and Spotify, as well as gaming websites, dating apps, and porn websites which might store credit card information.
Meanwhile, researchers found that the price paid for a single hacked account is lower, with most selling for about USD 1 per account, and with criminals offering up discounts for bulk-buying. 

The most common way criminals steal this sort of data in the first place is via spear phishing campaigns or by exploiting a web related security vulnerability in an application's software.

After a successful attack, the criminal gets password dumps which contain a combination of emails and passwords for the hacked services. With many people using the same password for several accounts, attackers might be able to use this information to access accounts on other platforms too.

Some criminals selling data even provide their buyers with a lifetime warranty, so if one account stops working, the buyer will receive a new account for free.

"It is clear that data hacking is a major threat to us all, and this applies at both an individual and societal level, because stolen data funds many social evils," said David Jacoby, Senior Security Researcher at Kaspersky Lab. 

"Fortunately, there are steps we can take to prevent it, including by using cybersecurity software, and being aware of how much data we are giving away for free, particularly on publicly available social media profiles, or to organisations," said Jacoby.

People can avoid such risks by taking several easy security steps, which should become an integral part of any Internet user's digital life. 

To stay safe from phishing, always check that the link address and the sender's email are genuine before clicking anything. A robust security solution will also warn you if you attempt to visit a phishing web page. 

To avoid one data leak harming all your digital identities, never use the same password for several websites or services, researchers said.

Economic Times

You Might Also Read:

Buy A Dark Web Passport Scan For $15:

« Are Bank-backed Cryptocurrencies The Real Future Of Blockchain?
Hackers Are Targeting Young Video Gamers »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

FireMon

FireMon

FireMon is the only agile network security policy platform for firewalls and cloud security groups providing the fastest way to streamline network security policy management.

Usenix

Usenix

Usenix brings together the community of engineers, system administrators, scientists, and technicians working on the cutting edge of computing.

Wireless Logic

Wireless Logic

Wireless Logic delivers a range of secure and resilient value-added M2M/IoT managed services that empower remote devices to communicate cost-effectively, two ways.

CyberGuarded

CyberGuarded

CyberGuarded are an accredited vendor independent information security testing and auditing company.

National Centre for Cyber Security (NCCS) - Pakistan

National Centre for Cyber Security (NCCS) - Pakistan

National Centre for Cyber Security (NCCS) undertakes cyber security research and plays a leading role in securing Pakistan’s Cyberspace.

DigiSec360

DigiSec360

DigiSec360 is a technology firm focused on the human element of cybersecurity.

Help AG

Help AG

Help AG provides leading enterprise businesses and governments across the Middle East with strategic consultancy combined with tailored information security solutions and services.

Smoothstack

Smoothstack

Smoothstack is a technology talent incubator whose immersive training program kick starts IT careers and delivers a fresh source of IT talent.

Spinnaker Support

Spinnaker Support

Spinnaker Support is a premier global provider of on-premise and cloud-based enterprise software support services.

ClosingLock

ClosingLock

ClosingLock is the leading provider of wire fraud prevention software for the real estate industry.

TempoCap

TempoCap

TempoCap is a European growth-stage technology fund with offices in London and Berlin. We invest across a variety of high- growth sectors including cybersecurity.

Zama

Zama

Zama - pioneering homomorphic encryption. We believe people shouldn't care about privacy. Not because it doesn't matter, but because it shouldn't be an issue!

Elastio

Elastio

Elastio's cloud-native platform safeguards cloud data from the risks posed by ransomware, application failures and storage security vulnerabilities.

Nerds On Site

Nerds On Site

Nerds On Site provide on-site & in-home IT and technical support, managed IT services, and cyber security through our collaborative team of highly-trained IT and Security professionals.

Barrier Networks

Barrier Networks

Barrier Networks are a Cyber Security Managed Service Provider that specialises in Network and Application security.

Lenze

Lenze

Lenze are an experienced partner for automation systems, digitalization and cyber security.