According to data from Terbium Labs, fraud guides account for nearly half (49%) of the total sales data on the dark web, followed by personal data, accounting for 15.6%.
The study mainly investigated three dark web markets: “The Canadian HeadQuarters-Canadian Headquarters”, “Empire Market-Empire Market” and “White House Market-White House Market”, which divided all data lists into six categories: personal data, Payment cards, financial accounts and vouchers, non-financial accounts and vouchers, fraud guides, fraud tools and templates.
Darknet market imitates large retailers
With the passage of time, cybercriminals have changed the operating structure of the dark web market. At present, they are mainly beginning to imitate large retailers, such as Amazon and eBay, to provide services such as search functions, e-commerce, and seller ratings.
Especially in the three dark web markets mentioned above, due to the sale of cheap personal and financial data, coupled with the provision of straightforward “operation guidance” (fraud guide), cybercriminals can easily carry out attacks and bring enterprises There are huge security risks.
According to the survey results, fraud guides are the most commonly sold data category (49%), followed by personal data (15.6%), non-financial accounts and credentials (12.2%), financial accounts and credentials (8.2%), fraud tools and templates (8%) and payment cards (7%).
The harm of fraud guides is often overlooked
On the one hand, the fact that cybercriminals can get value for money exacerbates the risks facing companies. The average cost of a single fraud guide is only $ 3.88, while the cost of a set of guides sold under a single list is $ 12.99. On the other hand, organizations often ignore the negative impact of fraud guidelines and also bring greater digital risks to businesses, such as phishing, corporate email leakage, account takeover, credential collection, and fraud.
The contents of the fraud guide enable most novice cybercriminals to cause damage to individuals and organizations, turning commodity data into financial crimes.
Value of personal data: $ 1.00
The second most common type of data found in these markets is personal data, which makes organizations vulnerable to phishing attacks, corporate email leaks, and account takeovers, allowing criminals to more accurately target individuals and impersonate victims.
Currently, the average price of a single personal record is $ 8.45, while the minimum cost of a single personal record is only $ 1.00.
Tyler Carbone, Chief Strategy Officer of Terbium Labs, believes: “While thinking about the huge losses caused by stolen data to organizations, we usually see stolen data at surprisingly low prices in these markets.” For organizations, It is important to detect and respond to stolen data as early as possible (at the “raw material” stage), as this can reduce damage and prevent data from being purchased by cyber attackers and effectively used as cybercrime weapons.