investigations

Dark Web Market Price Index 2019 (June UK Update)

Big changes in the dark web market landscape have driven up prices for hacked consumer data. This update to the Price Index shows how PayPal, Airbnb and Facebook log-ins are being sold for up to six times as much as earlier this year.

Dark Web Market Price Index 2019 (June UK Edition) - Main Illustration
Simon Migliano
By Simon Migliano
  • Surge in value of hacked log-ins on the dark web: up 200% on average since the start of 2019
  • Price spikes for PayPal (£84.50), Facebook (£14) and Airbnb (£20)
  • Increases mean an individual’s entire identity could now be worth three times as much as £2,400

Introduction

This June 2019 update of the Price Index comes at a unique time, following the takedown of two major dark web markets in quick succession by the authorities and a sharp spike in prices.

In order to assess the potential impact of this on consumers, we have reviewed a selection of the most important hacked log-ins and accounts to track their changing value to identity thieves.

Alarmingly, the prices have increased on average by almost three times compared to the start of the year, meaning that someone’s entire identity could potentially now be worth £2,400, up from around £800 in February.

Stolen consumer data is more lucrative for hackers and cybercriminals than ever before. This should serve as notice for everyone to be on their guard against identity theft, or risk becoming a victim.

Notable price surges include Airbnb (£20), Facebook (£14) and PayPal (£84.50) due to the sheer scope of potential fraud that can be committed by scammers in possession of these accounts.

The average person has dozens of accounts which form their online identity, all of which can be hacked and sold. Our team of security experts reviewed tens of thousands of listings across three of the most popular dark web markets – Berlusconi, Tochka and Nightmare. These sites deliberately obscure themselves from the public and can only be accessed through the Tor browser. They are used to buy and sell personal data, along with other contraband including illicit drugs and hacked software.

Protect Your Data: Quick Tips

We created the Price Index to help the UK public understand the value of their personal data and why it’s worth protecting. Here’s some tips on how to do that:

  • Use a VPN – this will protect your personal data on public networks. Make sure you only use legitimate VPN services.
  • Check if you’ve been hacked – Use Have I Been Pwned to see whether any of your accounts have been breached
  • Use a password manager – A free and effective way to make sure all accounts have unique (and therefore stronger) passwords
  • Enable two-factor authentication – This requires a code to be entered as well as password to access your accounts. The codes are generated by free apps like Google Authenticator or Authy and refresh every 30 seconds
  • Delete your old accounts – these accounts are useless to you but a treasure trove to hackers

More details on how to protect yourself from scammers

Dark Web Market Price Index

Stolen ID, personal data and hacked accounts for sale

Item for Sale Avg. Price Avg. Price Change
Airbnb £19.78 +314%
Amazon £22.09 +52%
Bank Accounts £1,025.99 +195%
British Airways £133.55 +318%
Credit Cards £32.74 +31%
Debit Cards £45.92 +707%
Drivers Licenses £955.58 N/A
eBay £25.20 +81%
Facebook £13.93 +100%
Netflix £13.59 +66%
Ocado £4.27 +137%
Passport £2,049.58 N/A
Passport Scan £21.87 +120%
PayPal £84.48 +501%
Spotify £5.05 +108%
The Economist £13.03 +311%
The Times £10.13 +133%
Uber £8.90 +17%
Yahoo Email £3.89 +192%

Analysis

Airbnb

The value of hacked Airbnb accounts is soaring as the 2019 holiday season approaches.

The accommodation marketplace is perennially popular with fraudsters, however, thanks to the range of scams that compromised Airbnb accounts represent. They can be used to create bookings for houses which criminals then burgle, while hacked hosts on the same app can be used for phishing. Fake listings for luxury properties can also be used to defraud consumers of large sums.

Airbnb has introduced two-factor authentication, but that hasn’t stopped horror stories from continuing to mount.

Back to the Index

Amazon

Amazon accounts (£22.09) continue to grow in popularity with fraudsters thanks to the prevalence of multiple stored payment methods, typically both credit and debit cards. Not only can they buy a huge range of costly items for resale but also high value gift cards to redeem on their own accounts.

The sheer scale and impersonal nature of Amazon’s operations also make it appealing for scams.

Back to the Index

Bank Accounts

The value of bank accounts on the dark web has almost tripled in just six months. This increase is likely driven by a range of factors. The fall of two big markets in such a short time, along with the likely subsequent arrest of key vendors, has caused a major – if temporary – reduction in easy availability of all accounts. Those sellers still active can therefore charge a premium.

We are also seeing in increase in listings that not only offer online banking credentials and relevant personal information but also full packages including debit cards, PINs, and for mobile banking services such as Monese, a burner phone and SIM to access them.

We are also currently seeing more hacked accounts for sale that have high balances, giving criminals access to thousands of pounds instantly.

Back to the Index

British Airways

Criminals are even able to travel internationally, as Avios siphoned off from hacked BA accounts can be used on multiple airlines to book discounted flights.

The value of accounts increase in line with the total number of air miles available. Double the points typically equals double the price tag. The current rate is just 18p per 100 air miles. Prices have increased since the mega breach the airline suffered last year, where the payment and passport details of 380,000 customers were stolen.

Back to the Index

Credit & Debit Cards

Hacked credit cards are the bread and butter of the dark web economy in stolen data and prices remain stable at around £33 per account. Our data focuses solely on genuinely hacked accounts, as opposed to fraudulently-opened new credit cards using stolen identities.

Debit cards are similarly priced at around £46. The higher value is because it’s easier to realise the value of debit cards into cash, and because accounts with high balances are being put up for sale more often.

Back to the Index

Identity Documents

Genuine physical identity documents, such as passports and drivers licenses, are incredibly valuable for identity theft. Typically this means fraudulently opening lucrative lines of credit in the passport-holder’s name, which is then swiftly drained, leaving the unwitting victim with a huge debt.

Stolen documents of this nature – intercepted in the mail, for example, or stolen and sold to criminals by corrupt officials – fetch very high prices. UK passports, marriage and birth certificates all trade for around £2,000, but can fetch as much as £5,000.

Passport scans sell for only a fraction of the price due to their digital nature and the greater risk of not being accepted. They are typically sold in batches of ten scans or more for around £22 each.

Back to the Index

eBay

Hacked eBay accounts are also particularly attractive as not only do they allow criminals to dupe buyers into sending them money for fake listings but also to buy expensive goods with the account owner’s funds to intercept and sell on.

Fraudsters also buy eBay accounts in the hope of gaining access to associated PayPal accounts and indeed we are seeing vendors offer the two accounts together as a value bundle.

Back to the Index

Facebook

Prices for hijacked Facebook accounts continue to enjoy a resurgence as it becomes increasingly clear that the platform’s 2.38 billion users aren’t abandoning it any time soon.

Hacked Facebook accounts offer three routes to profit for cybercriminals. First, they are an incredibly rich source of personal information that can be used to facilitate identity theft, helping criminals answer security questions for example.

Compromised accounts may also provide access to stored payment information used for Facebook game and marketplace transactions.

Finally, as for most online accounts, fraudsters will be banking on the fact that many people still reuse passwords across multiple accounts, especially those they use often like Facebook. By gaining one set of valid credentials, hackers use software to automate checking that log-in against thousands of other online services. The results will either be used for identity theft or sold on the dark web for a profit.

Back to the Index

Streaming

As with Facebook, Netflix and Spotify log-ins offer a route into potential identity theft. An added bonus is that opportunistic criminals can also stream TV shows and movies, and music for free, at least until the true owner notices their account has been compromised. The continued growth in the value of these accounts reflects just how ubiquitous they have become.

Back to the Index

Online Shopping

Ironically, stolen accounts for budget supermarket Morrison’s (£16) are more expensive than those of its more upmarket competitors due to the potential for exploiting its rewards system.

This is four times the cost of Ocado (£4) for example, while Tesco accounts are least appealing, priced at less than a £1 each.

All these accounts offer a route to profit via stored cards and other personal information, such as home address, along with password re-use.

Given that pricing reflects demand, Ocado and Tesco accounts have proven less profitable for scammers in the past, likely due to better security, less lucrative rewards schemes or fewer vulnerable stored payment methods.

Back to the Index

Paypal

Paypal has long been the scammer’s favourite. High balance accounts can be siphoned off directly, however as PayPal accounts are also often connected to multiple cards and bank accounts, thieves may also have access to significantly greater funds. This functionality also means that PayPal accounts are also typically used as “middleman” accounts to facilitate all sorts of online scams.

Fraudsters in possession of a hacked PayPal account can also try to double their money by using the account funds to run various well-established chargeback scams on merchants who accept PayPal.

The recent surge in pricing for these accounts to around £84.50 each is likely due to the squeeze in supply caused by the disappearance of two major dark web markets (see Bank Accounts above for more info), along with the growth of PayPal Credit. Hacked PayPal personal and business accounts can be used to set up PayPal Credit accounts with high credit limits, which are then either drained or sold on for a huge profit. PayPal Credit accounts with high limits in the tens of thousands that have been created in this way sell for an average of £3,000, and as much as £12,000 each.

Back to the Index

News/Magazines

As with hacked streaming services, these accounts give the buyers access to high-quality media that’s otherwise locked behind a paywall. Prices have increased significantly in a short space of time, suggesting that there is strong demand for these accounts – although it does remain a niche offering on the dark web markets.

Back to the Index

Uber

There have been frequent reports of scammers using hacked Uber accounts for expensive trips, often in Russia. This cheeky scam is made simple thanks to the requirements for a credit card or PayPal account to be stored in the account.

Back to the Index

Email

Hacked email accounts tend to be sold either in massive dumps from large scale data breaches or as small batches of, or even individual, verified emails. For the purposes of the Price Index, we disregard big dumps as unit prices work out at tiny fractions of a penny each, and accounts are not guaranteed to be accessible or even valid.

Verified emails, such as Yahoo and Gmail, on the other hand, trade for a few pounds each. That may not seem much for an account that can act as a skeleton key to your online life, however increasing adoption of two-factor authentication keeps overall prices relatively low.

Back to the Index

Protect Your Data: Detailed Guide

Check If You’ve Been Hacked

The short, scary answer is that some of your personal data is almost certainly already for sale on the dark web. The first step is to find out which of your accounts have been stolen. Have I Been Pwned should be your first port of call, as it’ll help you find out which of your email accounts and old passwords have been compromised. If you have been breached, change your passwords.

Get a Good VPN

Once you know what’s broken and sorted your passwords, your first proactive step towards browsing more safely online should be to get a good-quality virtual private network (VPN). These secure your browsing everywhere – meaning that nobody, not even your internet service provider or the government, can get at your internet history. VPNs also allow you to use public WiFi without having to worry about hackers or other bad actors. We recommend that all consumers research the VPN market to find a reliable and trustworthy option that’s best for them.

Get a Password Manager

You should also consider getting a password manager. A password manager helps to secure your online life by generating cryptographically strong and unique passwords for every site that you use, which they then autofill into login pages as you browse. This allows you to forget all the individual passwords, as all you have to remember is the password to get into the manager. The market leaders in this area are 1Password and LastPass, both of which have free versions or cost less than £5 per month for a premium account.

Enable Two-factor Authentication (2FA)

All the biggest online services allow you to set up 2FA. It’s very simple, secure and you should do it right away.

With 2FA switched on, crminals will not be able to hack into your account even if they have your log-in details. This is because, a further step is required to gain access after entering your password.

Typically, this will require entering a security code generated in an app on another device, such as your smartphone. Services like Authy allow you to generate codes for multiple services in a single app. Google offers a range of 2FA methods (also known as two-step verification). While receiving codes via SMS might be tempting, this is best avoided, as messages can be hijacked.

Delete Old Accounts

Finally, close down any old accounts you have that you don’t use anymore. Old social media accounts and the videogames of years gone by don’t hold any use to you, but are useful attack vectors for hackers and other bad actors. If these accounts are no longer important to you, you should delete them.

Methodology

Our team reviewed fraud-related listings three of the largest remaining active dark web markets: Berlusconi, Tochka and Nightmare. Relevant listings were collated and categorised in order to calculate average sale prices. We excluded large-scale ‘dumps’ to maintain the integrity of the data. Dark Web Market Price Index – June 2019 UK Update Source data.

Average prices per item for digital items only (ie excluding physical documents) were compared to the relevant entries from the most recent previous edition of the index to calculate the price change as percentage difference. The average of these latest percentage changes was applied to the most recent price index total to provide an estimated new price index total.


About Us

Top10VPN.com is the world’s largest VPN review website. We recommend the best VPN services to help protect consumers’ privacy online. We also aim to educate the general public about digital privacy and cybersecurity risks through our free online resources and research.

For more original privacy and security research, take a look at our Free Android VPN Risk Index, Free VPN Ownership Investigation, or our report into UK ISP Website Blocks published in collaboration with the Open Rights Group.