High-profile, large-scale data breaches have underlined the far-reaching consequences of a breach. Cybercriminals aren’t just looking for access to the accounts they’re currently hacking, which may offer little or no immediate financial reward. Relying on the fact that many people use the same username and password pair on multiple sites, they are looking for account credentials that can be used to target those account holders elsewhere—on popular e-commerce, money transfer or gaming sites, for example.
Once stolen credentials have been tested and verified (another abuse of your website), hackers will use them to make fraudulent purchases or transfers, or sell them on to other cybercriminals to do the same. Our 2018 Cybercriminal Shopping List infographic shows how much account credentials are worth on the dark market. Prices range from mere cents up to $15 per account depending on a number of factors including the consumer brand, type of service, and whether there is a payment card saved on file.
Five Simple Steps to Sanity
What this means is that one organization’s data breach can soon become an issue for other businesses too. In order to take protection of your customers’ accounts to the next level, follow our ‘five simple steps to sanity.’
· Understand the market for stolen data
The dark web works in the same way any other market does: it’s highly competitive and market forces influence the price of goods and services. Each type of credential has a price, and cybercriminals will diversify when (Read more...)
*** This is a Security Bloggers Network syndicated blog from RSA Blog authored by Heidi Bleau. Read the original post at: http://www.rsa.com/en-us/blog/2017-11/2018-cybercriminal-shopping-list.html