Social security and medicare concept with social security card and pile of money.
GettyA two-year study reveals the cost of fake passports, compromised bank accounts, and DDoS attacks on the dark web.
A new investigation conducted by Atlas VPN based on Flashpoint Intelligence research findings between 2017 and 2019 has uncovered the approximate cost of popular goods and services on the dark web.
Social Security Numbers, despite being widely regarded as outdated and insecure, particularly in the wake of the 2018 Equifax hack, are still used as the primary means of identity verification. As with Equifax, cyberattacks are often targeted at sites that will yield millions of SSNs at a time, allowing cybercriminals to steal “in bulk.”
Which helps explain the revelation that any individual SSN can retail for as little as $4 on the darknet.
And for that low cost, buyers often receive more than just somebody’s Social Security Number. According to Flashpoint, services sold on the dark web can be divided into four primary categories:
- PII (personally identifiable information)
- Stolen financial information
- Forged documents
- Hacker services
For $4, in addition to the SSN, PII packages typically include the victim’s full name, driver’s license number, passport number, and email address.
Financial information tends to be slightly more expensive than PII. Atlas VPN found that access to:
- Compromised bank accounts with a $10,000 balance cost $25.
- Credit cards with $1k-5k balance cost $10.
Notably here: a victim’s credit score also impacts the price, with better scores going for higher price tags. A good credit score makes it easier for cybercriminals to commit fraud without financial institutions cutting them off.
More like this on Forbes:
Google Data Reveals 350% Surge In Phishing Websites During Coronavirus Pandemic
New Survey Finds 22% Of Americans Have Been Targeted By Digital Fraud Related To COVID-19
Interestingly, the price also depends on the victim’s credit score. The better the score, the higher the rate. Financial institutions view a good credit score favorably, which makes it easier to commit fraudulent transactions.
Forged documents command the highest asking prices, with physical passport prices ranging from $2,980 to $5k. Meanwhile, the report found that a one-hour Distributed Denial-of-Service (DDoS) attack, in which targeted servers are overwhelmed and effectively shut down, cost approx. $165. That cost increases by 2-5x when it involves attacking a government or bank website.
This chart indicates the approximate cost of popular goods and services on the dark web.
Atlas VPNWhile these types of hacks and sales are ultimately impossible to prevent, individuals can take critical steps to safeguard accounts and information. Obviously, be as careful as is humanly possible with SSNs and passwords, and try to select security questions that involve answers that aren’t easily discoverable on the web.
But two of the best steps you can take to secure your accounts that are often overlooked are freezing credit lines and securing your mobile devices.
Credit accounts can be frozen for free at the three major reporting bureaus (Equifax, Experian, and TransUnion). This restricts access to your records so new credit files cannot be opened in your name until your account has been unfrozen.
Mobile devices, meanwhile, are notorious sites of scamming. There are simple techniques that will make you more difficult to hack, and to make it easier for you to identify if you’ve become the victim of identity theft.
- Be sure to have a password on your phone and consider using a PIN to access your account.
- Be vigilant with Bluetooth, public Wi-Fi, and downloading free apps—all of which can be used to gain access to your device.
- Enable two-factor authentication (2FA) whenever possible, with preference toward 2FA apps, such as Authy and Google Authenticator rather than SMS texts.
These steps are especially important amid an increase in cybersecurity threats as a result of the COVID-19 pandemic.
The full investigation can be found here.
Follow me on Twitter or LinkedIn. Check out my website or some of my other work here.
Reddit and its partners use cookies and similar technologies to provide you with a better experience.By accepting all cookies, you agree to our use of cookies to deliver and maintain our services and site, improve the quality of Reddit, personalize Reddit content and advertising, and measure the effectiveness of advertising.By rejecting non-essential cookies, Reddit may still use certain cookies to ensure the proper functionality of our
platform.For more information, please see our Cookie Notice and our Privacy Policy .