Fraudsters can buy your identity on the dark web for as little as £820 with your banking logins, passport details and even your Netflix password all worth money to criminals.
Ever wondered what criminals are prepared to pay in order to get their hands on all your personal and financial details?
While it may come as no surprise to know that your personal information is sought after, what may surprise you is how little criminals actually pay for it.
Your entire life – covering everything from your bank details to your Instagram log-in – is worth only £800 on the Dark Web, according to Virtual Private Network (VPN) comparison service Top10VPN.com.
“It might come as some surprise that on the dark web your entire personal identity can be bought for significantly less than the price of a new iPhone X,” says Simon Migliano, head of research at Top10VPN.com.
“There’s a real concern that with such valuable information changing hands so cheaply, there’s nothing to prevent would-be fraudsters from buying up as much as they can in the hope of striking it lucky and draining victims’ bank accounts and credit lines.”
Check your credit report to see if you've been a victim of identity theft
What your details are worth
If a hacker manages to gain access to any of your online accounts, even if it’s just for a takeaway service like JustEat or Deliveroo, they can still sell that information on the Dark Web.
A Deliveroo login is worth an average of £3.74, while a Gmail password is worth just 75p.
Your bank details are worth far more, fetching £168 on average, many other passwords are so easy to get hold of, and therefore available in such huge quantities they sell for peanuts.
For example, an eBay log-in, despite the potential for fraud that such info provides, is sold for just £26.
A Skype or email password can be sold for just £3 despite the fact the criminal can then use that info to send messages containing phishing links to your friends.
Category |
Average Value on Dark Webb |
Sales Price Explained |
Paypal login |
£279.74 |
By far the most commonly listed items. Sale prices tend to be worth around 10% of the available credit balance. |
Online banking details |
£167.81 |
|
Passport |
£39.76 |
Digital proof of identity can be used to set up lines of credit |
eBay login |
£26.20 |
Allowing fraudsters to dupe buyers into sending them money for fake listings, and also buy expensive goods with the owner’s funds to intercept and sell on. |
Netflix login |
£5.99 |
A route to identity fraud, giving criminals the bonus of being able to stream content for free. |
Uber login |
£5.02 |
There have been reports of Russians using hacked Uber accounts to run up big bills on Uber journeys the true owner has never taken, sometimes on the other side of the world. |
Deliveroo login |
£3.74 |
Fraudsters can use hacked food delivery accounts to order takeaways and drink |
Skype login |
£3.00 |
Compromised Skype accounts allow scammers to send ‘phishing’ links to trusted contacts |
Match.com login |
£2.24 |
Stolen details can be used for ‘catfishing’, where you mimic a person’s identity to engage in a relationship to exploit them financially |
Instagram login |
£0.92 |
Instagram can provide a good backdoor to identity theft. |
Head this way to see the full release
Why your Argos log-in has a price
One of the surprising things about the research is how seemingly innocuous log-ins such as your Argos password or H&M details, have a price.
“Everything seems to have a price on the dark web,” says Migliano.
“This is because it’s not just hacked Paypal accounts and credit cards that represent opportunities for fraud.
“Many other online accounts contain enough personal info to enable identity theft. It’s also increasingly normal to store payment details in online shopping accounts.
“Some of the accounts we found for sale open the door to even more ingenious scams.
"A hacked Airbnb account, for example, could allow a scammer to pocket hundreds in booking fees or even stay at high-end properties as a guest and burgle the hosts. At less than £6 initial outlay, that’s very appealing to a cybercriminal.”
How to protect yourself
This evidence shows how keen cybercriminals are to get hold of any of your online passwords – not just the ones connected to your financial accounts.
It shows that we all need to take better care of any and all of our online accounts.
“Our research is a stark reminder of just how easy it is to get hold of personal info on the dark web and the sheer variety of routes that fraudsters can take to get hold of your money,” says Migliano.
“This really undermines the importance of two-factor authentication and more generally, secure use of websites and apps.”
If an account offers two-step authentication – where you enter a password as well as a code that is sent to your mobile or email address for example – then make sure you use it.
Also, use complicated passwords that aren’t easy for hackers to guess and use different passwords for all your accounts. Don’t let a criminal buy your Asos password for £1.50 then find it also logs them into your bank accounts.
For some expert safety tips, have a read of these suggestions from an ethical hacker.