Understanding the Dark Web: Protect You Business Information

Published: October 3, 2019

How Much is Your Business Information Worth on the Dark Web?

Today, let’s discuss what your business information is worth on the Dark Web.

The Dark Web is known for the illegal activities conducted there, and while not everything on the dark web is illegal, its most appealing factor is its anonymity.

It’s often a place where stolen data and personal information are bought and sold following a data breach or hacking incident.

An article on TechRepublic takes a look at what your personal information is worth on the dark web and how you can help protect yourself from being exposed.

Here’s the going rate, if you can believe it, for what data sells for on the Dark Web.

●      Social Security number: $1 per
●      Credit or debit card (credit cards are more popular): $5-$110
●      Credit card numbers with CVV number: $5
●      Credit cards with bank info: $15
●      Fullz info: $30

Yes, “Fullz” info is a thing. It’s a bundle of information that includes a “full” package for fraudsters: name, SSN, birth date, account numbers, and other data that make them desirable since they can often do a lot of immediate damage. Here’s some more going rates of what this info sells for:

●      Login credentials to online payment services (like PayPal): $20-$200
●      Loyalty accounts: $20
●      Subscription services: $1-$10
●      Diplomas: $100-$400
●      Driver’s license: $20
●      Passports (US): $1000-$2000
●      Medical records: $1-$1000 (depends on how complete they are as well as if it’s a single record or an entire database)
●      General non-financial Institution logins: $1

Note: Prices can vary over time and prices listed below are an estimation and aggregation based on reference articles and hands-on experience of Experian cyber analyst the last two years.

How Are Criminals Purchasing This Information on the Dark Web?

Information can be purchased and sold in a variety of ways on the Dark Web. Here are the most common methods:

  1. Purchasing data as a single item, such as a Social Security number
  2. Purchasing bulk data, such as batches of the same information
  3. Purchasing bundled data containing various types of information bundled together

The Cost of Personal and Business Information on the Dark Web Fluctuates, but What is Responsible for the Change?

There are four main factors driving the cost of personal information on the dark web:

  1. The type of data and the demand for it. The cost often depends on the type of data and the need or ability to use that data.
  2. The supply of the data. If there is less data available for a cybercriminal to purchase, the value of that data increases.
  3. The balance of the accounts. The higher the balance in the stolen account, the higher the cost of the data. The balance could be the amount of money in a particular account as well as points value (i.e., a loyalty account).
  4. Limits or the ability to reuse the data. If the data being purchased can only be used once, the value of that data is worth less to a cybercriminal than data that can be reused multiple times or across various platforms.

How Can You Protect Yourself?

Data breaches are becoming increasingly common and are often outside of your control.

It is important to help minimize your risk of a hacker gaining access to your accounts by utilizing healthy password practices and by keeping your personal information private unless it is absolutely necessary to share. Keeping antivirus software and all other software up to date will also play a crucial role in protecting your information, as these updates could contain security patches to fix potential vulnerabilities that could expose your information.

As a managed IT consultant we recommend running a dark web scan on your business email addresses, utilizing a dark web monitoring tool, and monitoring your credit report for potential red flags that your identity may have been compromised.

The staggering rates at which stolen information is bought and sold reflect the lucrative nature of identity theft. While you cannot entirely control data breaches or hacking incidents, you can take proactive measures to protect yourself. By practicing robust password best practices, limiting the sharing of personal information, and regularly updating your antivirus software, you can fortify your defenses against cybercriminals. Moreover, employing tools such as dark web scans, monitoring services, and credit report checks allows you to stay vigilant and detect potential threats. Remember, the value of your business information lies not just in its monetary worth but also in preserving your identity and peace of mind. Stay informed, stay protected, and stay one step ahead of those who seek to exploit your valuable data.