Recently we reported about a massive data breach scandal that hit Facebook and led to the exposure of private data of 50 million users. The data is reportedly is available on the Dark Web for pretty low rates.
It was indeed disheartening for Facebook users that their private information was being sold on the Dark Web. However, what’s probably more depressing is the fact that such vital personal data such as the Social Security Number or Driver’s License is on sale for just $5.20 each. That’s true!
According to a new report from Fractl, the price of user privacy is pretty nominal on Dark Web. Fractl is a content marketing firm that assesses fraud related listings uploaded in the past month on the three mainstream dark web marketplaces namely Dram, Point and Wall Street Market.
“We found listings featuring individuals’ name, billing address, mother’s maiden name, social security number, date of birth and other personal data,” reported Fractl.
The Dark Web is an intriguing phenomenon per se; it is although part of the World Wide Web but users can only access it through specific software. Fractl accessed the dark web via the Tor browser. It is a great platform for cyber-crooks, pirated content sellers, smugglers, pedophiles and drug-lords as they are allowed to sell all sorts of stolen stuff. For instance, pirated movies or music, stolen credit card data and drugs can be easily sold.
Fractl identified that on the Dark Web Facebook credentials are on sale at just $5.20 each; once bought cyber-criminals can hijack the account easily and carry out a variety of scams. Comparatively, PayPal account credentials with high balance value more with each sold for $247 on average. This means someone’s complete online identity including financial account information and personal identification numbers can be bought under $1,200 at this sneaky marketplace.
Food delivery website login IDS such as GrubHub can be bought for only $9 and used by cybercriminals to order expensive food or alcohol on someone else’s behalf. On the other hand, lodging site Airbnb’s IDs are bought for $8 only but buyers can use them for countless types of scams such as carrying out identity theft and stealing money. Uber and Gmail credentials are even cheaper with Gmail user ID and password being sold at $1 and Uber account logins priced at $7 each.
Buying someone Facebook credentials for so low a price is quite troubling for security experts, as they believe that crooks would be getting a freeway into hundreds and thousands of third-party Vampire Apps that Facebook grants access to. Once they access the apps, they can siphon off data from unsuspecting Facebook users. Perhaps, everything from Spotify to Airbnb and even online games like Farmville can be accessed simply through Facebook credentials since the majority of users opt to log in to these apps using Facebook login IDs.
To address the issue of a data breach, Facebook announced to notify affected users of the Cambridge Analytica data exposure and any other incident where user’s personal data was mismanaged. Although the social network is trying to address the issue of private information being sold to third-parties including advertisers and research firms when it comes to the Dark Web, even Facebook has no clue how to resolve the crisis.
- Two-factor authentication made easy for hundreds of services
- Smart card (PIV), Yubico OTP, OATH-TOTP, OATH-HOTP, FIDO U2F, OpenPGP, Challenge-Response
- USB Type A compatible
- Crush resistant and waterproof
- Designed for semi-permanent placement in USB port
To prevent the risk of data theft, it is important that users enable 2FA (two-factor authentication) wherever it is possible. This involves using a password and a biometric login such as a fingerprint or a security question to access an account. It is also important to sign up for security alerts to keep track of transactions if they are made in real time.