Dark Web Market Price Index 2020: Covid-19 Edition

Our latest analysis of the dark web trade in hacked accounts reveals the impact of Coronavirus. Credentials for lockdown boom brands such as Peloton, Instacart, and Amazon now command some of the highest prices.
Dark Web Market Price Index 2020 header
Simon Migliano

UPDATED 1 Sep 2021 to reformat for improved user experience.

Key Findings

  • Lockdown boom brands: Over 50% of accounts in Index were not being traded on dark web the year before. Instacart ($22), Peloton ($18), Postmates ($15) and Amazon ($14.50) hacked credentials currently have some of the highest price tags.
  • Health & wellness: Daily Yoga ($9.50), Ten Percent Happier ($8.50), Aaptiv ($8.50) and Headspace ($7) accounts are more valuable than those of many streaming services and online stores
  • Streaming: Hacked Netflix accounts ($6) have dropped over 40% in value since last year. While Disney+ ($7) and Hulu ($5.50) logins sell for similar amounts, Amazon Prime Video ($13.50) credentials are worth double that.
  • Personal finance: Cash App ($47) and Venmo ($14) accounts are selling for more than PayPal ($11)

How Did Covid-19 Impact Dark Web Prices?

This August 2020 update to the Price Index reveals the landscape of the dark web market trade in hacked accounts has significantly transformed once again since we last published the Index a year ago.

See all our dark web price data for online account log-ins from 2018 onward

The two main drivers of these changes are:

  1. The dark web markets bouncing back after major busts in 2019
  2. Major shifts in consumer behavior due to the global pandemic

The emergence of new markets and vendors[1] has prompted a correction to prices that spiked due to successive closures of major markets by law enforcement.[2]

The global pandemic has caused profound shifts to consumer behavior around the world, with significant knock-on effects for the illicit trade in stolen data.

Locked-down populations have been forced to change their habits and this has been reflected in the types of accounts being hacked and the prices they are able to command.

With the illicit trade in stolen data very much in flux, this edition of the Dark Web Market Price Index focuses its analysis on the brands made popular by lockdowns and longer-term social restrictions. We also map out the broader landscape as it stands mid-way through 2020.

We continue to periodically carry out this research to help make the public aware of the true value of their personal data in the hope that they will improve their day-to-day information security.

EXPERT ADVICE: Use a VPN (Virtual Private Network) to help prevent fraudsters from stealing your identity. If you don’t know which service is best for you, read our unbiased, expert VPN reviews.

Lockdown Boom Brands

The following table presents highlights from the Dark Web Market Price Index relating to hacked accounts for services that have enjoyed a surge in popularity since the start of the global Covid-19 pandemic.

Where available we show the average USD price for the same item in the most recent Index, published in Feb 2019, and calculate the percentage difference.

Just as locked-down populations around the world have increasingly turned to a range of different online services in order to try to maintain a degree of normality in their lives, so too has the nature changed of what’s being traded on the dark web.

What really stands out when looking at the 25 services above — which we have highlighted based on their soaring popularity as a result of the pandemic — is that 19 of them weren’t being sold on the dark web last year.

Looking over our findings as a whole, well over half of the entries in the Index are for services that weren’t available for sale last year, which underscores just how profound the recent changes have been.

Hacked log-ins for health and wellness accounts like Peloton ($22), Daily Yoga ($9.50) and Ten Percent Happier ($8.50) are commanding premium prices, well above those of dark web market mainstays like Netflix or even Apple (both $6), as scammers eye up the potential of stealing the identities of their more well-heeled user bases.

It’s notable that hacked log-ins for Amazon Prime Video ($13.50) are worth almost double to scammers than those of hugely popular services like Disney+ ($7) as it’s often part of the broader Amazon Prime account package with all the lucrative opportunities for fraud that come with it.

Stolen credentials for food delivery apps has been another major growth area due to lockdown with Instacart ($22), Postmates ($15) and Drizly ($13.50) all changing hands for sums well above the average for accounts outside of personal finance items.

Interestingly, even hacked accounts for ostensibly niche services such as online learning platform MasterClass ($6) are popping up for sale, as lockdowns swell their membership with new users looking to alleviate the tedium.

Dark Web Market Price Index 2020

Stolen ID, personal data and hacked accounts for sale

Dark Web Price Analysis

This section analyzes current dark web prices for hacked accounts and examines why the credentials for individual brands command their price tag. Our analysis is organized by category.

Find out more about how different types of hacked credentials can be used for fraud in the common scams section of our Dark Web Prices research hub.

Personal Finance

Stolen credit and debit card data, along with bank and online payment account details, remain the most popular items for sale on the dark web markets. The lure of high account balances to cash out and access to new lines of credit understandably allows these items to always command the highest prices.

The vast majority of debit card details are now part of expensive bundles, unlike in previous years, ratcheting up the average price ($1,307).

At the very highest end of the pricing spectrum, hacked debit card data for high-balance accounts bundled with SIM cards and cryptocurrency accounts change hands for up to $4,600 compared to just $17 for standard debit card details.

The value of hacked PayPal accounts ($11) continues to drop due to the scarcity of high balances compared to previous years amid the overall glut in listings for this venerable brand.

Instead, hacked account details for newer instant cash transfer services such as Cash App ($47) and to a lesser extent, Venmo ($14) have become more appealing as they become increasingly popular with small businesses and consumers.

Regardless of the individual service, hacked web wallets remain a mainstay of the dark web markets as they are central to so many scams.

Communication

Hacked Verizon accounts ($102.50) are almost ten times more expensive than last year as they are currently being bundled with associated personal data, such as Social Security Number (SSN), Zip Code, and date of birth, and therefore tailor made for identity theft and account takeovers.

Prior to the pandemic, Skype accounts ($7) were worth little more than a dollar. However, with the newfound reliance around the world on video calls, Skype log-ins are suddenly much more appealing to cybercriminals.

The longstanding scam where phishing links are sent via hacked Skype accounts to the account holder’s entire contact list, has more potential to be lucrative given the increased use of the platform during the pandemic.

Shopping

With the world population in varying states of lockdown since March 2020, online shopping activity has soared, with two-and-a-half times more orders than before the pandemic.[3]

This increased activity is a boon to would-be fraudsters, with consumers more likely to create accounts with individual retailers and store payment details for more frequent orders. With more overall activity, fraudulent orders are less easy to spot, especially if account holders are less experienced online shoppers forced into new behavior by the pandemic.

Online retail accounts are currently selling for between $4 and $15, with the most expensive being Wowcher ($15), eBay and Amazon (both $14.50).

The 53% drop in price of hacked Amazon accounts compared to last year may well be due to Amazon tightening its controls following the discovery of a massive fraud last year. Despite this, Amazon accounts remain valuable to would-be fraudsters due to the high likelihood of stored payment details and sheer scope for scams.

Note the average price for Amazon accounts in general is slightly higher than for Amazon Prime Video ($13), as a number of cheaper listings for the streaming-only version of the service (ie lacking the full Prime membership benefits) brought down its average.

Travel

The collapse of the international travel industry due to the global pandemic may have killed off the trade in hacked airline accounts, however the rise in staycations in its place means that compromised Airbnb ($13.50) accounts have actually increased in value to scammers.

Health & Wellness

Unable to visit gyms and stuck at home for months on end, locked down populations around the world have increasingly turned to a range of apps and services to maintain their physical and mental health.[4]

High-end subscriptions, such as increasingly popular Peloton[5] ($18) that also requires a $2,000 exercise bike, mark out the owner as a potentially lucrative target for fraud and are priced accordingly on the dark web markets.

Wellness apps like Headspace ($7) are proving popular with scammers, partly because they are “fresh blood” but also due to the demographic of their users, who have the disposable income to pay for such services even during these economically uncertain times, making them appealing targets for identity theft.

Food

Food delivery is another category of stolen log-ins now commanding higher prices on the dark web as usage of these services soars due to the coronavirus pandemic keeping people indoors.[6]

Instacart ($22) accounts are the most expensive, which could be due to shoppers being more likely to store payment details for convenience’ sake when they are making multiple orders per week, as well as the range of stores from which it delivers.

Services like Drizly ($13.50) give scammers free alcohol as well as users’ personal data.

Social Media

Despite a major breach earlier this year,[7] the price of hacked individual Facebook accounts is relatively stable at $8 on the dark web marketplaces.

Entertainment

Hacked streaming and gaming accounts continue to proliferate on the dark web with prices correcting to around the $7 mark after the temporary squeeze on supply forced up prices last year. Amazon Prime Video is worth around double that at $13.50 as it’s often part of the broader Amazon Prime shopping account.

Interesting outliers in the category include the subscription-based content platform OnlyFans ($16), most known for people charging their followers a monthly fee for adult content. It’s been flooded with new content creators hoping to make a living since the pandemic caused mass layoffs.[8]

Email

Hacked email accounts tend to be sold either in massive dumps from large scale data breaches or as individual verified emails. As with previous editions of the Price Index, we disregarded dumps as unit prices work out at tiny fractions of a cent each while the accounts constituting these dumps are not guaranteed to be accessible or even valid.

Verified emails on the other hand trade for anything up to ten dollars each. Gmail ($6) in particular can be used in dot account scams[9] or as part of more complex fraud and identity theft, thanks to the use of email as security for so many third-party accounts.

We are also seeing student emails ($6) specifically due to the authority of the “.edu” address.

Security

Subscription-based security software that we found is typically for personal use rather than for further fraud. Hackers use stolen VPN accounts that can’t be tracked back to them to disguise their IP addresses whilst they are carrying out illegal activities.

Hacked anti-virus software appeals to cheapskates who don’t want to pay for their own license and those who want to avoid signing up with their own details.

Education

With millions of people around the world stuck at home, with many on furlough, online learning and self-improvement platforms have enjoyed a surge in popularity as people look for new ways to relieve the tedium.

At one end of the spectrum is MasterClass ($6), whose glossy, star-studded platform and expensive annual subscription has been attracting increasing numbers from a highly appealing demographic for hackers looking for potentially lucrative identity theft.

At the other is the more prosaic Udemy ($3), whose technical courses cost as little as $10 and thus attract a more diverse user base.

Methodology

Our team reviewed all fraud-related listings on four of the largest dark web markets: Empire, Icarus, Versus and White House between July 8 – August 3 2020. Relevant listings were collated and categorized in order to calculate average sale prices. We excluded large-scale ‘dumps’ to maintain the integrity of the data.

Access the Dark Web Market Price Index 2020: Covid-19 Edition raw data on this Google Sheet.

Disclaimer

Our report does not suggest in any shape or form that the companies included or referenced have suffered security breaches. Furthermore, we have not purchased any of the credentials being sold on the Dark Web.

The authors of all our investigations abide by the journalists’ code of conduct.

Additional research by Christine O’Donnell

References

[1] https://www.wired.com/story/dark-web-drug-takedowns-deepdotweb-rebound/

[2] https://www.zdnet.com/article/top-dark-web-marketplace-will-shut-down-next-month/

[3] https://www.forbes.com/sites/louiscolumbus/2020/04/28/how-covid-19-is-transforming-e-commerce/#f86dd8e3344f

[4] https://www.washingtonpost.com/health/coronavirus-is-harming-the-mental-health-of-tens-of-millions-of-people-in-us-new-poll-finds/2020/04/02/565e6744-74ee-11ea-85cb-8670579b863d_story.html

[5] https://www.businessinsider.com/peloton-sales-surge-coronavirus-keeps-consumers-working-out-at-home-2020-5?r=US&IR=T

[6] https://www.nytimes.com/interactive/2020/05/13/technology/online-shopping-buying-sales-coronavirus.html

[7] https://www.forbes.com/sites/zakdoffman/2020/04/20/facebook-users-beware-hackers-just-sold-267-million-of-your-profiles-for-540/#508318927c85

[8] https://www.bbc.co.uk/news/business-53338019

[9] https://www.zdnet.com/article/scammer-groups-are-exploiting-gmail-dot-accounts-for-online-fraud/