Mark Pribish

How Much Is Your Identity Worth On The Dark Web?

By Mark Pribish
Vice President and ID Theft Practice Leader

With all the headline news about the "Dark Web," have you ever wondered about how much your identity is worth?

Or have you ever wondered about the dollar amount for your personal credentials (e.g. user names and passwords) to your bank, PayPal, Amazon, Uber, or Netflix accounts, along with other online accounts?

Believe it or not, ID theft criminals are buying and selling your personal information on the dark web (please see here https://www.top10vpn.com/privacy-central/privacy/dark-web-market-price-index-feb-2018-us/) - where a Dark Web Market Price Index was published in February by Simon Migliano, Head of Research at Top10VPN and Editor-in-Chief of Privacy Central to show that there is an underground economy in which almost everything has a price on the dark web.

Top10VPN - How much are you worth on the dark web?

Whether it is your entire online identity that could be worth nearly $1,200 or individual pieces of your personal information ranging from $1.00 to $10.00 such as credit card details, to online travel, entertainment, food delivery, social media, dating, and email accounts - ID theft criminals will find a market for your personal information.

Think about it, the average consumer has 10 to 20 online accounts with unfortunately, the same username and password for most of their online accounts.

In addition to usernames and passwords, the Dark Web includes individual names, billing addresses, mother's maiden names, Social Security numbers, dates of birth, and other personal data.

To make matters worse, over 145 million US citizens had their Social Security numbers stolen, thanks to the Equifax data breach last September. The stolen Equifax data is exactly the type of personal information hackers can use to commit identity theft through the sale of your and my personal information on the Dark Web.

In addition to the above, Symantec Corporation released its annual Internet Security Threat Report just last week (please see here https://www.symantec.com/content/dam/symantec/docs/reports/istr-23-executive-summary-en.pdf) with another reminder that digital security threats can come from new and unexpected sources while the threat landscape has become more diverse, with attackers working harder to discover new avenues of attack and cover their tracks while doing so.

In last year's (2017) report, Symantec researchers found that credit card and personal information were hot commodities, with an increasing interest in media accounts such as Netflix and Spotify. This year's report stated that mobile and app users face increased privacy risks from grayware.

As its name suggests, grayware is a category of software that sits in that 'gray area' - a sort of no-man's land - between outright malware and legitimate conventional software.

Grayware - which is sometimes referred to as potentially unwanted programs (PUPs) - is not obviously malicious and is not classified as a virus, but it can still be irritating and even harmful. It includes files or applications that can carry out unwanted actions, such as tracking your behavior online or sending you a barrage of pop-up windows. Grayware can be annoying, but - more importantly - it can affect your computer or mobile device's performance and expose it to security risks.

I highly recommend small business owners/executives along with interested consumers to read the Symantec report as this is a valuable resource for any business and anyone looking to understand the threat landscape and plan effective defenses.


To learn more about these threats and how to protect yourself and your family from Identity Theft, you can read my past newsletters at the Merchants Identity Theft Educational Website at www.idtheftedu.com.


Calling for Help? Watch Out for Fake Support Phone Numbers

By Better Business Bureau. March 2, 2018.

Almost every large business offers customers a support line to call for help. Locked out of your account? Broken computer? Smartphone won't switch on? Help is typically just a phone call or a chat window away.

However, scammers have taken notice and developed a crafty con around this. They create fake customer support numbers and post them online. When frustrated customers call, scammers fool them into granting access to their devices or purchasing unrelated products and services.

How the Scam Works:

You are having trouble with your account or product. It could be anything ranging from a tech gadget to an online shopping account. You search online for customer support and find a phone number that seems legitimate. Often, it will be a toll-free number (1-888 or 1-844 number). When you call, a "customer service representative" answers and offers to assist you with your account.

In one version of this scam, the person will give you some bad news: your account has been hacked. Since you have seen no evidence of being hacked prior to your call, the "representative" says they can prove your account was hacked if you grant them remote access to your computer. If you give them access, you make yourself extremely vulnerable to identity theft. Con artists can install malware that records passwords or hunts for personal information, such as bank account numbers.

According to reports to BBB Scam Tracker (BBB.org/ScamTracker), many people have been faced with a second version of this scam. The supposed representative attempts to sell the customer some kind of vaguely related product or service, such as computer security software or printer drivers. The product or service they offer does nothing to fix your problem, despite it being quite expensive. Victims report paying between $200 and $900.

Protect yourself from tech support scams:

  • Be careful when searching for support phone numbers: Unfortunately, scammers love to post phony customer support numbers online. This means you need to use extra caution when you get in touch with customer service. Double check the URL on the website when looking up a number, or look for a tech support number on your bill or online account.
  • Never give a stranger remote access: It is never a good idea to grant someone remote access to your computer. Scammers can install malware on your computer that searches for your passwords or other personal information.
  • Don't pay for services or products you aren't sure you need. Use your good judgment. If a product or service doesn't make sense to you, don't authorize a payment.

For More Information

See BBB.org/techsupportscam for more advice on how to avoid tech support scams.

For more tips on how to avoid scams, check out BBB.org/scamtips. In addition, if you've fallen victim to this type of scam, you can help others avoid being scammed by filing a report BBB.org/scamtracker.

If you have been the victim of identity theft, go to identitytheft.gov for a personalized recovery plan from the Federal Trade Commission.

Courtesy of the Better Business Bureau - for more information visit: http://www.bbb.org/phoenix/news-events/.

To learn more about scams, go to BBB Scam Tips (bbb.org/scamtips). To report a scam, go to BBB Scam Tracker (bbb.org/scamtracker).

If you believe your identity has been stolen, call 866.SMART68 today!