Personal data of people available online for only ₹3,500
Personal data of people is up for sale at ₹3,500 on Dark Web. It includes stolen social media accounts, banking details, credit card information from different websites, a cyber security firm warns
Your personal data may be up for sale on Dark Web for as low as ₹3,500 that includes stolen social media accounts, banking details and credit card information from sites like Uber as well as gaming and porn websites, a new research has warned.
According to cyber security firm Kaspersky Lab that investigated Dark Web markets to find out how much personal data is worth, cyber criminals can sell someone's complete digital life for less than $50 (nearly ₹ 3,500).
"This can include data from stolen social media accounts, banking details, remote access to servers or desktops, and even data from popular services like Uber, Netflix, and Spotify, as well as gaming websites, dating apps, and porn websites which might store credit card information."
The Dark Web, also referred to as the Dark Net, is an encrypted portion of the internet that is not indexed by search engines.
The Kaspersky researchers found that the price paid for a single hacked account is lower, with most selling for about $1 per account and with criminals offering up discounts for bulk-buying.
"It is clear that data hacking is a major threat to us all, and this applies at both an individual and societal level, because stolen data funds many social evils," said David Jacoby, Senior Security Researcher at Kaspersky Lab.
With many people using the same password for several accounts, attackers might be able to use this information to access accounts on other platforms too
Data stolen due to people's lax security may have limited resale value, but can be put to many uses.
"This can cause huge problems for an individual victim, who may lose money and their reputation, find themselves being chased for debt that somebody else has incurred in their name, or even suspected of a crime that somebody else has committed using their identity as a cover," said researchers.
The most common way criminals steal this sort of data in the first place is via spear phishing campaigns or by exploiting a web related security vulnerability in an application's software.
After a successful attack, the criminal gets password dumps which contain a combination of emails and passwords for the hacked services.
"With many people using the same password for several accounts, attackers might be able to use this information to access accounts on other platforms too," said Kaspersky Lab.
Interestingly, some criminals selling data even provide their buyers with a lifetime warranty, so if one account stops working, the buyer will receive a new account for free.
"There are steps we can take to prevent it, including by using cybersecurity software, and being aware of how much data we are giving away for free - particularly on publicly available social media profiles, or to organisations," Jacoby noted.