Consumers are getting better at protecting basic credit card and bank information, and cyber criminals know it. So, the hottest thing on the dark web these days? Accounts you may not give a second thought.
Kat Weinberger, an analyst at security firm Flashpoint, says, “Cyber criminals are definitely still going after bank accounts, tax documents, but they’re also going after accounts that maybe you wouldn’t think of as vulnerable,” things like ride sharing or food ordering apps, even retail cards and dating site accounts.
She says sometimes thieves just want to use the accounts to order whatever product or service is offered, but sometimes bad guys are playing a long game.
“These apps don’t necessarily have a full credit card statement in them, but they can give cyber criminals information about you for example that can be used in phishing schemes.”
Weinberger says they can take the information in the account– like name, address, email and account activity and use it to contact you to get you to give over the credit card linked to the account.
“You’re going to end up trusting people who appear to know more about you and are coming from a position of authority,” she says.
Once thieves steal some of the accounts they can resell them on the black market, in shops complete with pricing and shopping carts. Some sites even have dropdowns where you can search by seller, domain, even locations. Weinberger says, “They really want to make the experience similar to shopping at an online retail shop.”
Cybercrime is expected to cost the world six trillion dollars annually by the 2021, according to Cybersecurity Ventures. To protect yourself, Weinberger suggests multiple layers of authentication. Of course, use complex passwords.
And, even on smaller accounts, she says, “A lot of people treat them as these throw away things of,’ Oh, if I get locked out it’s fine; they can’t get out my credit card number. But, it’s really necessary for people to monitor their own accounts .”
Experts say another reason criminals are targeting smaller accounts is because they try to sneak in fraudulent activity without setting off the anti-fraud red flags that often come with credit cards.