Your Data, Their Profit: How Information is Stolen and Sold
According to the Federal Trade Commission (FTC), 1 person becomes a victim of identity theft every 4.9 seconds, over 6 million per year. Still, many people assume that their information can never be stolen. How do cybercriminals actually steal information? What do they do with data once they have it? For Identity Theft Awareness and Prevention Month, we’re breaking down how fraudsters collect and sell your stolen data. Then, we’ll explore steps you can take to protect your information and identity.
What is Identity Theft?
Identity theft is when someone uses your personal or financial information without your permission. For example, a common identity theft scheme sees cybercriminals opening a new credit account under a victim's name, ringing up dozens of transactions, then vanishing.
How do Fraudsters Steal My Information?
Fraudsters use multiple tactics to access and steal sensitive information. First, criminals will physically steal information they can get ahold of, even resorting to dumpster diving. Lost or stolen wallets, mail, checks, and tax documents can be leveraged for future scams or bribes.
Next, cybercriminals can collect data from social media. Personal information that is publicly posted on social media, such as one’s place of work or the name of a loved one, could be used against you. Though these small bits of info may seem unimportant, they can be used to craft sophisticated, personalized scams that are more effective in tricking unsuspecting victims.
Also, fraudsters commonly use special kinds of malware called “infostealers.” Infostealers are unknowingly installed on a victim’s device after clicking on phishing links or visiting malicious websites. Once installed, infostealers quickly gather data from your device, such as passwords and browser cookies. Once collected, the stolen data is transmitted to the fraudster in seconds.
What do Criminals Do With My Information?
According to Deepstrike - a penetrative cybersecurity testing organization - stolen information goes through 5 stages:
Compromise
Occurs when a person or company’s security is breached by a cybercriminal. For example, when a victim clicks a phishing link, installing an infostealer on their device.
Exfiltration
Stolen information is extracted from the victim into the criminal’s hands.
Initial Sale
The stolen information is packaged into “logs”. Logs are then sold on dark web forums at a relatively low cost.
Purchase & Refinement
Logs are purchased by a buyer, who then begins to validate the data. For example, buyers will test stolen passwords to see if they grant account access. Once verified, the information is repackaged and sold at a higher price.
Resale & Weaponization
The refined data is resold on the dark web where it can be purchased by ransomware groups. These groups use illegally obtained information to conduct cyberattacks on corporations, wealthy individuals, and even governments.
How Much is My Information Really Worth?
The price of your stolen data depends on multiple factors. The most important factor is the type of information. A hacked social media account may only be worth $10 to $20 on the dark web; this info is unlikely to yield a high return when weaponized. However, bank logins, complete medical records, or crypto account credentials can be worth thousands of dollars. Highly sensitive information can be used to conduct fraudulent transactions or sophisticated blackmail schemes. Other factors include how current and complete the data is. A comprehensive list of 30 new logins is worth far more than a single, outdated login.
How Do I Protect Myself?
Take preventative steps to avoid putting yourself at risk:- Avoid clicking suspicious links in unsolicited emails or messages. Always hover your computer mouse over links to reveal their actual destination.
- Shred documents containing sensitive information before discarding.
- Verify a person’s identity before sharing sensitive information.
- Be cautious of messages that create a sense of urgency. Real bank officials will never communicate using fear tactics.
- Regularly examine bank statements and credit reports. Investigate unusual bills and unfamiliar transactions.
- Activate fraud alerts on your financial accounts and get notified of suspicious activity as soon as possible.
- Place a fraud alert and comb through your credit reports and bank statements.
- Contact companies where any fraudulent charges were made.
- Report the identity theft to the FTC and file a police report.
- Contact your financial institution. Together, we can freeze, change, or close accounts that have been fraudulently opened or tampered with.
Identity theft is a growing threat in the digital era. Your information is highly valued by cybercriminals who work tirelessly to make a profit at your expense. Knowing how fraudsters buy and sell your data is the first step in protecting yourself from identity theft. With a few preventive measures and the help of a trusted financial institution, you can greatly reduce the risk of identity theft.
Sources:
Identity Theft | Department of Homeland Security
Dark Web Data Pricing | Deepstrike
The Growing Threat from Infostealers | Secureworks