Be Afraid of the Dark
Is your credit card information floating around the dark web, waiting to be sold to an enterprising criminal? That’s increasingly likely. According to the cybersecurity research group IntSights, black-market credit card information for sale has increased by almost 150% over the last 18 months – surpassing 4,000 credit cards per bank.
To limit the chances of your data reaching the dark web, you must take a three-pronged approach – protect your data on a personal level, limit the number of places that your information is stored, and use secure, encrypted transfer methods whenever possible. You should also monitor your accounts for any sign of identity theft or fraudulent charges in case your measures fail.
Don’t Be Fooled
IntSights finds that so much credit card data is available on the black market that a classic free-market economy has developed around stolen data. Sellers of stolen data have to offer larger packages of information and lower prices to maintain a profit margin. Individual card information can range in value from $20 to $1,000 each, with package deals available.
At the same time, a “supply chain” has been established where more sophisticated hackers sell large data packages as well as tools like easy-to-use phishing kits to give less experienced hackers the capability to do major damage. Phishing kits now come with simple instructions allowing hackers to easily create and load realistic fake websites. Follow the instructions, send out e-mails, and you’re in the cybercriminal trade.
Expect a growing number of attempts to trick you into giving up data through fake websites and apps, false authorization requests, and other deceptions. You should protect your personal data with updated anti-virus software, strong passwords that you change frequently, secure Wi-Fi connections, and use of encryption where possible – but personal preventative measures are useless if you inadvertently give your data away.
Mobile apps are a particularly lucrative area for hackers, as mobile users don’t always take the time to verify that they are using the correct app – and can’t always tell the difference when they do. A survey from Avast found that 36% of mobile banking app users incorrectly identified a fake interface as real, while 58% incorrectly identified real banking apps as fake.
Phony social media accounts are another lucrative tool for thieves. IntSights reported a 49% increase in these versatile hacking tools. You may be directed to fake app downloads or phishing sites or asked for information as part of an alleged promotion or giveaway.
Make sure that you only download apps from trusted sources and avoid downloads from social media accounts. We suggest using sites and apps with two-factor authentication whenever possible to add an extra level of difficulty to any thief attempting to steal or use your data.
Make Them Work to Get Your Data
Professional hackers see benefits through efficiency, just as legitimate businesses do. A phishing e-mail that reaches a million inboxes can pay off at a success rate of a fraction of a percent. Taking this analogy to the next level, a hacker who succeeds in breaking into your home network gets one set of useful personal data, but a hacker who successfully cracks into financial institutions has many thousands of sets of data to sell.
You can’t completely control your data – the Equifax data breach is a prime example – but you can try to limit access to your data. It may be convenient to allow your favorite online shopping sites to store your credit card information, but every storage spot is another opportunity for hackers to steal your data.
Be equally cautious with giving out your Social Security number as an identifier. It’s a headache to close out compromised credit card accounts, but it’s another level of pain to deal with identity theft and multiple accounts that you didn’t know existed.
Of course, if you check your credit report on a regular basis, you’re likely to find out about the fraudulent accounts soon enough to limit the damage.
It Pays to Check
Even if you manage to keep your information off of the dark web, identity thieves may still steal your personal information in other ways – for example, through stolen mail. You must be vigilant for any signs that your information has been compromised.
Thieves with your account information often test the waters with small purchases to see if you are paying attention. If not, they know they can probably max out your account. It’s important to check your credit card statements regularly for any unexplained charges (and don’t forget to check bank accounts for any unexplained withdrawals).
Identity thieves will simply open new accounts in your name and max them out as soon as possible. As mentioned above, you should check your credit report and credit score regularly for any rogue accounts in your name – but you can apply an extra level of security with a credit freeze and the free Identity Protector by MoneyTips.
Expect the amount of personal data for sale on the dark web to continue to grow as hackers get more sophisticated tools and the technological and economic barriers to cybercrime get lower. Do everything you can to make sure your data isn’t among them – and be diligent enough with your account maintenance to limit the damage if your data is compromised.
If you would like to monitor your credit to prevent identity theft and see your credit reports and scores at no charge, join MoneyTips.